www.aoifehillen.com Open in urlscan Pro
35.242.251.130 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://aoifehillen.com/
Effective URL:
https://www.aoifehillen.com/
Submission Tags: falconsandbox
Submission: On May 27 via api (May 27th 2021, 8:26:50 am UTC) from US

Summary HTTP 207 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 13 domains to perform 207 HTTP transactions. The main IP is 35.242.251.130, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.aoifehillen.com.
TLS certificate: Issued by R3 on May 27th 2021. Valid for: 3 months.

This is the only time www.aoifehillen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.230.63.107 185.230.63.107	58182 (WIX_COM) (WIX_COM)
4	35.242.251.130 35.242.251.130	15169 (GOOGLE) (GOOGLE)
12	54.175.222.143 54.175.222.143	14618 (AMAZON-AES) (AMAZON-AES)
42	34.96.106.200 34.96.106.200	15169 (GOOGLE) (GOOGLE)
6	34.102.176.152 34.102.176.152	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2016	15169 (GOOGLE) (GOOGLE)
4	34.117.140.164 34.117.140.164	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:802::2013	15169 (GOOGLE) (GOOGLE)
4	13.107.42.13 13.107.42.13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
14	2.16.186.40 2.16.186.40	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
80	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
18	2a02:26f0:6c0... 2a02:26f0:6c00:2a3::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2a02:26f0:6c0... 2a02:26f0:6c00:2a4::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.111.237.183 104.111.237.183	16625 (AKAMAI-AS) (AKAMAI-AS)
4	52.114.77.34 52.114.77.34	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
207	16

1 185.230.63.107 (Ashburn, United States) 1 redirects

ASN58182 (WIX_COM, IL)

aoifehillen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.242.251.130 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
PTR: 130.251.242.35.bc.googleusercontent.com

www.aoifehillen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.175.222.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-222-143.compute-1.amazonaws.com

frog.wix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 34.96.106.200 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 200.106.96.34.bc.googleusercontent.com

static.parastorage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteassets.parastorage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.102.176.152 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 152.176.102.34.bc.googleusercontent.com

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.117.140.164 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 164.140.117.34.bc.googleusercontent.com

images-vod.wixmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:802::2013 (Ireland)

ASN15169 (GOOGLE, US)

e6fcd9df-8009-41fd-a42a-f01dd358fd37.htmlcomponentservice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.107.42.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2.16.186.40 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-40.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

80 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

powerpoint.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:26f0:6c00:2a3::4b36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1-powerpoint-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:6c00:2a4::4b36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1-officeapps-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.237.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-237-183.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.114.77.34 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
84	live.com onedrive.live.com powerpoint.officeapps.live.com	2 MB
42	parastorage.com static.parastorage.com siteassets.parastorage.com	701 KB
26	office.net c1-powerpoint-15.cdn.office.net c1-officeapps-15.cdn.office.net	1 MB
14	akamaihd.net spoprod-a.akamaihd.net	603 KB
12	wix.com frog.wix.com	3 KB
6	wixstatic.com static.wixstatic.com	130 KB
5	aoifehillen.com 1 redirects aoifehillen.com www.aoifehillen.com	219 KB
4	microsoft.com browser.events.data.microsoft.com	1 KB
4	wixmp.com images-vod.wixmp.com	64 KB
3	ytimg.com i.ytimg.com	29 KB
2	live.net js.live.net	33 KB
2	htmlcomponentservice.com e6fcd9df-8009-41fd-a42a-f01dd358fd37.htmlcomponentservice.com	991 B
2	gstatic.com fonts.gstatic.com	26 KB
207	13

	Domain	Requested by
80	powerpoint.officeapps.live.com	www.aoifehillen.com powerpoint.officeapps.live.com c1-powerpoint-15.cdn.office.net c1-officeapps-15.cdn.office.net
38	static.parastorage.com	www.aoifehillen.com static.parastorage.com
18	c1-powerpoint-15.cdn.office.net	powerpoint.officeapps.live.com c1-powerpoint-15.cdn.office.net
14	spoprod-a.akamaihd.net	onedrive.live.com
12	frog.wix.com	www.aoifehillen.com static.parastorage.com
8	c1-officeapps-15.cdn.office.net	powerpoint.officeapps.live.com www.aoifehillen.com c1-powerpoint-15.cdn.office.net
6	static.wixstatic.com	www.aoifehillen.com
4	browser.events.data.microsoft.com	c1-powerpoint-15.cdn.office.net
4	onedrive.live.com	e6fcd9df-8009-41fd-a42a-f01dd358fd37.htmlcomponentservice.com onedrive.live.com
4	images-vod.wixmp.com	www.aoifehillen.com
4	siteassets.parastorage.com	www.aoifehillen.com
4	www.aoifehillen.com	www.aoifehillen.com static.parastorage.com
3	i.ytimg.com	www.aoifehillen.com
2	js.live.net	c1-powerpoint-15.cdn.office.net
2	e6fcd9df-8009-41fd-a42a-f01dd358fd37.htmlcomponentservice.com	static.parastorage.com
2	fonts.gstatic.com	www.aoifehillen.com
1	aoifehillen.com	1 redirects
207	17

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
aoifehillen.invisionapp.com

Subject Issuer	Validity	Valid
aoifehillen.com R3	`2021-05-27` - `2021-08-25`	3 months	crt.sh
*.wix.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2021-11-01`	6 months	crt.sh
*.parastorage.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-07` - `2021-08-06`	6 months	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-05` - `2021-08-04`	6 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.wixmp.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-22` - `2021-07-21`	6 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.htmlcomponentservice.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-05` - `2021-08-04`	6 months	crt.sh
onedrive.com Microsoft RSA TLS CA 02	`2020-10-13` - `2021-10-13`	a year	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
officeapps.live.com DigiCert Cloud Services CA-1	`2021-04-30` - `2022-04-29`	a year	crt.sh
*.cdn.office.net Microsoft RSA TLS CA 01	`2021-01-26` - `2022-01-26`	a year	crt.sh
p.sfx.ms Microsoft RSA TLS CA 02	`2020-09-28` - `2021-09-28`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 01	`2020-09-14` - `2021-09-09`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.aoifehillen.com/
Frame ID: B06495C4A26B39355CBC6B254D25DAF2
Requests: 77 HTTP requests in this frame

Frame: https://e6fcd9df-8009-41fd-a42a-f01dd358fd37.htmlcomponentservice.com/get_draft?id=e6fcd9_55084b6ca8203b098d6579c33fb354a7.html
Frame ID: 3334DB09B7A36FAFFEEA93BAA194FC90
Requests: 1 HTTP requests in this frame

Frame: https://e6fcd9df-8009-41fd-a42a-f01dd358fd37.htmlcomponentservice.com/get_draft?id=e6fcd9_6b1de00a017425c8c51961d898c24732.html
Frame ID: 2E5F205FFE17D074BA5E4B062BE2C6A8
Requests: 1 HTTP requests in this frame

Frame: https://onedrive.live.com/embed?cid=2D6FBB7E19934CD1&resid=2D6FBB7E19934CD1%21329&authkey=AEIi2YD-IJsEYj8&em=2&wdAr=1.7777777777777777
Frame ID: F1705134E58B43565D9C2F9024417D8E
Requests: 9 HTTP requests in this frame

Frame: https://onedrive.live.com/embed?cid=2D6FBB7E19934CD1&resid=2D6FBB7E19934CD1%21327&authkey=AD1tbYxlE8dyKsI&em=2&wdAr=1.7777777777777777
Frame ID: D87B529F91D1D3801B6486515BEFAC1B
Requests: 9 HTTP requests in this frame

Frame: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
Frame ID: 750CC0CE921FF613D6600DF45261FC68
Requests: 61 HTTP requests in this frame

Frame: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
Frame ID: 148FAFE2E430AB9E4870F4C7ADF8F6DB
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://aoifehillen.com/ HTTP 301
https://www.aoifehillen.com/ Page URL

Detected technologies

Wix (CMS) Expand

Overall confidence: 100%
Detected patterns

script /static\.parastorage\.com/i
meta generator /Wix\.com Website Builder/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /static\.parastorage\.com/i
meta generator /Wix\.com Website Builder/i

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/polyfill\.min\.js/i

Page Statistics

207
Requests

99 %
HTTPS

38 %
IPv6

13
Domains

17
Subdomains

16
IPs

3
Countries

4903 kB
Transfer

13748 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/in/aoifehillen/

Search URL Search Domain Scan URL

URL: https://aoifehillen.invisionapp.com/public/share/ASY0PXVRC
Title: Desktop Prototype

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://aoifehillen.com/ HTTP 301
https://www.aoifehillen.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

207 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.aoifehillen.com/
Redirect Chain

http://aoifehillen.com/
https://www.aoifehillen.com/

526 KB
99 KB

400ms
320ms

Document
text/html

35.242.251.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aoifehillen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.242.251.130 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

130.251.242.35.bc.googleusercontent.com

Software

Pepyaka/1.19.0 /

Resource Hash

a5dc0d4aa3ec2383971c4a92d1257ee6245153474e978402c920c33ec3091096

Security Headers

Name	Value
Strict-Transport-Security	max-age=120
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.aoifehillen.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:26:27 GMT
content-type: text/html; charset=UTF-8
link: <https://static.parastorage.com/>; rel=preconnect; crossorigin;,<https://static.parastorage.com/>; rel=preconnect;,<https://fonts.gstatic.com>; rel=preconnect; crossorigin;,<https://static.wixstatic.com/>; rel=preconnect; crossorigin;,<https://static.wixstatic.com/>; rel=preconnect;,<https://siteassets.parastorage.com>; rel=preconnect; crossorigin;,
x-wix-request-id: 1622103987.22817781105918946
content-language: en-US
strict-transport-security: max-age=120
age: 0
set-cookie: ssr-caching=cache#desc=miss#varnish=miss#dc#desc=euw3; Max-Age=20; Expires=Thu, 27 May 2021 08:26:47 GMT XSRF-TOKEN=1622103987|AaP6Fkauw7yS; Path=/; Domain=www.aoifehillen.com; Secure; SameSite=None
server-timing: cache;desc=miss, varnish;desc=miss, dc;desc=euw3
x-seen-by: sHU62EDOGnH2FBkJkG/Wx8EeXWsWdHrhlvbxtlynkVj8hHIDsGU3U8in4aXN4Wxi,qquldgcFrj2n046g4RNSVAiOxhA7Vkxnx3Qqcd3yJLo=,2d58ifebGbosy5xc+FRaljWSYmR7VPLdQKD/vvg0ic08cbArc3JFHfA13dbkkF5/joe2GMQJ/MdiMK4Y/vI70zTRnKhhK23fA3gieO3y0Is=,2UNV7KOq4oGjA5+PKsX47O+axVooXMh++iwFplbZzIU=,l7Ey5khejq81S7sxGe5Nk1XkUtrSjieOwzrMBvGOjWtXz5t7NzGxeu2CXkk1aB7ZGlsroP2XR0N+rjgJK/PU9A==,WDMzHiyOL7uW518fW2Byr1gJSEOTyyKAPangsldUtng4+Fuf6iYJEL6Xyc+jAtbW9Krw2Aahdv32zkFIBddLmg==,l7Ey5khejq81S7sxGe5Nk1XkUtrSjieOwzrMBvGOjWtXz5t7NzGxeu2CXkk1aB7ZGlsroP2XR0N+rjgJK/PU9A==,LoUK8/saGAmOxZWtpubo2iu5GZ5hUBtrT+342oMSTSSNriTRjL2bFzYbeoaxxXjzYNXkXL14w3vZCnAuVgRN6Q==,vnnyTBxZ51OQwVc1vV5ZXIbRua9tz9aQfcOzNNZdWnyTzRA6xkSHdTdM1EufzDIPWIHlCalF7YnfvOr2cMPpyw==,w4q8mm9FnmU4emOs6psVXWhSx4SFR200cJeAWQGA332TzRA6xkSHdTdM1EufzDIPWIHlCalF7YnfvOr2cMPpyw==,/a5ccLSK1HEmwPNg/x6OujK5FCBBHGWpc4Qq+WwywgPtE3kDM6rOClirLigVvHvCo+FuOtdajEinjfNCGMNSFA==
vary: Accept-Encoding
cache-control: private,max-age=0,must-revalidate
x-content-type-options: nosniff
content-encoding: br
server: Pepyaka/1.19.0

Redirect headers

Date: Thu, 27 May 2021 08:26:27 GMT
Content-Length: 0
Connection: keep-alive
location: https://www.aoifehillen.com/
strict-transport-security: max-age=120
x-wix-request-id: 1622103987.1001570460562321757
Age: 0
Server-Timing: cache;desc=miss, varnish;desc=miss, dc;desc=84
X-Seen-By: RQvnDyN5n1orR2cJk2hJbg==,sHU62EDOGnH2FBkJkG/Wx8EeXWsWdHrhlvbxtlynkVgnXWk8izeZCqjtLrJO/k38,m0j2EEknGIVUW/liY8BLLsVOKTfq3tsOisNiwEUYFKHJftmKrOReD3ukbbas4YDo,2d58ifebGbosy5xc+FRaljBnQZAVzjeYRU3ww4ADYJKAs7Hz0vSWc0xGALdH0mI6VI2IQxqQUIAgIRX0+7eN1A==,2UNV7KOq4oGjA5+PKsX47HFpdCDYQi2RAmhtUso2EBa8ZDY613cHYLbuhNMgAom1,w4q8mm9FnmU4emOs6psVXXMQQWK00T/Kn6OFH8MoTEhNG+KuK+VIZfbNzHJu0vJu,WDMzHiyOL7uW518fW2Byr4gBnqMapkqMv99BdNy76UKBmH7FKyTbCOLYgr5/x7TuWIHlCalF7YnfvOr2cMPpyw==
Cache-Control: no-cache
X-Content-Type-Options: nosniff

POST
H2 204 bolt-performance
frog.wix.com/ 0
257 B 343ms
110ms Ping
text/plain 54.175.222.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://frog.wix.com/bolt-performance?src=72&evid=21&appName=thunderbolt&is_rollout=0&is_sav_rollout=0&is_dac_rollout=0&dc=84&is_cached=false&msid=adf5d443-2e2b-4ce6-a0c2-c7ae1f603745&session_id=457a0e71-95b4-4bbe-8fba-f8774d2eb5ec&ish=1&vsi=807c226d-570a-44a4-9685-7853bff8e6f4&caching=miss,miss&pv=visible&v=1.6692.0&url=https://www.aoifehillen.com/&st=2&ts=4&tsn=590
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.222.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-222-143.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.aoifehillen.com
date: Thu, 27 May 2021 08:26:27 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST

GET
H2 200 bootstrap-features.ffe3cfa9.bundle.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ 129 KB
35 KB 43ms
12ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/bootstrap-features.ffe3cfa9.bundle.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: 17a4345a63ca25c62e6fd06ead5de07c8106c71bfd286c4d8dd58f6f97e2e4f5

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 04:55:20 GMT
content-encoding: br
age: 37634
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35493
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Wed, 26 May 2021 16:07:03 GMT
server: Pepyaka/1.19.0
etag: W/"1a36b387dd49a476f2dbd1bb3dfaf281"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 405980639 385464646
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzvETjrKKcFl2P7fXuoeOI,aVxMblM8KFG3we5NLvyVc5BS62q8lKXA3L5tDnkA9428ZDY613cHYLbuhNMgAom1

GET
H2 200 main.785e3501.bundle.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ 170 KB
42 KB 59ms
28ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.785e3501.bundle.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: f1fc060c5564a2c3ce42c1713d18b0288374a8d8d5096e6437a14c193054f779

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 04:55:21 GMT
content-encoding: br
age: 37634
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42368
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Wed, 26 May 2021 16:07:07 GMT
server: Pepyaka/1.19.0
etag: W/"0312047dfffe7f8226b9e3e44d3bcfc5"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 528404219 518745819
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzvETjrKKcFl2P7fXuoeOI,aVxMblM8KFG3we5NLvyVc7Hu6QJM4kS1c2n2AszSlkQeGdLDLXwpLd0CTVHPbfOd

GET
H3-Q050 200 lodash.min.js Show response
static.parastorage.com/unpkg/lodash@4.17.15/ 72 KB
24 KB 16ms
16ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/unpkg/lodash@4.17.15/lodash.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: 55e35a1415438685f71fe809dfb0e94ff9d3b994dd8d8ae8f7206bb878d59a84

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 13:24:09 GMT
content-encoding: gzip
age: 154938
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24367
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Fri, 19 Jul 2019 18:30:18 GMT
server: Pepyaka/1.19.0
etag: "bc0594c54450e8ac689739b6b198067a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 331519952 278349072
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchIgoL5sebypSby+dtJLp+o,aVxMblM8KFG3we5NLvyVc5BS62q8lKXA3L5tDnkA9428ZDY613cHYLbuhNMgAom1

GET
H3-Q050 200 react.production.min.js Show response
static.parastorage.com/unpkg/react@16.13.1/umd/ 12 KB
5 KB 43ms
13ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/unpkg/react@16.13.1/umd/react.production.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: c9486f126615859fc61ac84840a02b2efc920d287a71d99d708c74b2947750fe

Request headers

Origin: https://www.aoifehillen.com
Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 07:10:40 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1473347
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4896
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Fri, 20 Mar 2020 10:41:05 GMT
server: Pepyaka/1.19.0
etag: W/"edf56a42bca6b565bf7dfcbd8ffc221a"
access-control-max-age: 3000
access-control-allow-methods: GET,GET, OPTIONS, POST
x-varnish: 35455938 1770677
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgCoopO/YbY92dofGo6y7lA,aVxMblM8KFG3we5NLvyVc68g6p1WR4pyJ/+mbXoE+/W8ZDY613cHYLbuhNMgAom1

GET
H3-Q050 200 wix-code-sdk-providers.9d223472.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ 22 KB
7 KB 12ms
12ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/wix-code-sdk-providers.9d223472.chunk.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: bec66c71587db3476e44fc93c747cf05631607b2f47d5679e93dfb3b529d9cd8

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 11:40:11 GMT
content-encoding: br
age: 102337
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6816
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 07:03:52 GMT
server: Pepyaka/1.19.0
etag: W/"2991e4ff71a16ffe7375eeb6bc32bda1"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 586231263 459090053
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchIgoL5sebypSby+dtJLp+o,aVxMblM8KFG3we5NLvyVc5cgOQloijuFMd72n2oFHsEeGdLDLXwpLd0CTVHPbfOd

GET
H3-Q050 200 page-features.bda4fd0e.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ 18 KB
6 KB 13ms
12ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/page-features.bda4fd0e.chunk.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: e40046aaa2a8c4d762527c54280fdb939f52490e42ff3355276833bbb08ed540

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 07:28:26 GMT
content-encoding: br
age: 176281
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5894
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Sun, 23 May 2021 15:36:11 GMT
server: Pepyaka/1.19.0
etag: W/"b693c8e8c9ce733570752c4247531faa"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 778600715 769842088
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzvETjrKKcFl2P7fXuoeOI,aVxMblM8KFG3we5NLvyVc77oEFUYFLUrQdQMkr4TKte8ZDY613cHYLbuhNMgAom1

GET
H3-Q050 200 ooi.1612f112.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ 19 KB
6 KB 14ms
13ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ooi.1612f112.chunk.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: f8d9f07595b9911ef81cf188e4dc3ce2f98b4d3ddc380bcb20223949782f38c5

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 07:28:26 GMT
content-encoding: br
age: 176281
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6394
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Tue, 18 May 2021 14:48:50 GMT
server: Pepyaka/1.19.0
etag: W/"1feccecac69ed47b85104635f22e361f"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 544267463 531619205
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzvETjrKKcFl2P7fXuoeOI,aVxMblM8KFG3we5NLvyVc0s8w751A/YgAGtzAGGCOK4eGdLDLXwpLd0CTVHPbfOd

GET
H3-Q050 200 siteMembers.47d975ff.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ 34 KB
8 KB 20ms
18ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/siteMembers.47d975ff.chunk.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: 929047fe7031389f8d6995cefbdff6eeff9174dcb7bdcbeb6ec59fd7bedd9a65

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 13:24:12 GMT
content-encoding: br
age: 154935
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8217
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Wed, 12 May 2021 13:28:14 GMT
server: Pepyaka/1.19.0
etag: W/"310b262dbe62cc43e64b6d6ba2c5d6f4"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 797132197 780902690
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchIgoL5sebypSby+dtJLp+o,aVxMblM8KFG3we5NLvyVc77oEFUYFLUrQdQMkr4TKte8ZDY613cHYLbuhNMgAom1

GET
H3-Q050 200 tpaCommons.9678f2d1.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ 8 KB
4 KB 20ms
18ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/tpaCommons.9678f2d1.chunk.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: 7ad67c5f455f9d2dd9d47779912847501d9fe448230bdb59d64a4db5e92aca2b

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 04:55:21 GMT
content-encoding: br
age: 59054
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3250
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Wed, 26 May 2021 12:00:19 GMT
server: Pepyaka/1.19.0
etag: W/"a34562444fd63133db272f79fd928a5a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 775978722 725733716
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchIgoL5sebypSby+dtJLp+o,aVxMblM8KFG3we5NLvyVc4W04dmo5RqiFQap4IrllKMeGdLDLXwpLd0CTVHPbfOd

GET
H3-Q050 200 windowMessageRegistrar.3f1ce497.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ 570 B
617 B 14ms
12ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/windowMessageRegistrar.3f1ce497.chunk.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: d76c7074b6ad270ce52ac59a9774c3a9214e0181ca314cd7b9f8c8f2972aefe7

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 07:28:26 GMT
content-encoding: br
age: 176281
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 320
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Sun, 18 Apr 2021 11:19:16 GMT
server: Pepyaka/1.19.0
etag: W/"130414aaa39452c77143c11ff0a5bef9"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 632933267 892203025
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchIgoL5sebypSby+dtJLp+o,aVxMblM8KFG3we5NLvyVc4W04dmo5RqiFQap4IrllKMeGdLDLXwpLd0CTVHPbfOd

GET
H3-Q050 200 platform.76d3349e.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ 15 KB
5 KB 14ms
13ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/platform.76d3349e.chunk.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: 49f5cd81bdfa181e92c526573e4511c8e7a0ba609eb76c1b8a836af359746f7c

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 07:28:26 GMT
content-encoding: br
age: 176281
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5296
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Tue, 18 May 2021 14:48:50 GMT
server: Pepyaka/1.19.0
etag: W/"1150c30aba1b973c7067eedc344499bf"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 318179568 311625232
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzvETjrKKcFl2P7fXuoeOI,aVxMblM8KFG3we5NLvyVc5BS62q8lKXA3L5tDnkA9428ZDY613cHYLbuhNMgAom1

GET
H2 200 thunderbolt
siteassets.parastorage.com/pages/pages/ 1 KB
1 KB 155ms
123ms Other
application/json 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://siteassets.parastorage.com/pages/pages/thunderbolt?beckyExperiments=specs.thunderbolt.addressInputAtlasProvider%3Atrue%2Cspecs.thunderbolt.seoFriendlyDropDownMenu%3Atrue%2Cspecs.thunderbolt.image_placeholder%3Atrue%2Cspecs.thunderbolt.tb_omitInlineContent%3Atrue%2Ctb_UploadButtonFixValidationNotRequired%3Atrue%2Cspecs.thunderbolt.tb_pinLayerDockedBottom%3Atrue%2Cspecs.thunderbolt.tb_media_layout_by_effect%3Atrue&contentType=application%2Fjson&dfCk=6&dfVersion=1.1273.0&experiments=bv_cartPageResponsiveLayoutFixer%2Cbv_migrateResponsiveLayoutToSingleLayoutData%2Cbv_migrateResponsiveToVariantsModels%2Cbv_removeMenuDataFromPageJson%2Cbv_remove_add_chat_viewer_fixer%2Cdm_fixMobileHoverBoxDesign&externalBaseUrl=https%3A%2F%2Fwww.aoifehillen.com&fileId=437fdc5e.bundle.min&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isPremiumDomain=true&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=en&metaSiteId=adf5d443-2e2b-4ce6-a0c2-c7ae1f603745&module=thunderbolt-platform&originalLanguage=en&pageId=e6fcd9_500df1f519ea59464db8a88134ced456_716.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.5802.0%22%2C%22manifestName%22%3A%22library-manifest%22%2C%22namespace%22%3A%22wixui%22%7D%2C%7B%22artifactId%22%3A%22editor-elements-design-systems%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.5802.0%22%2C%22manifestName%22%3A%22design-systems-manifest%22%2C%22namespace%22%3A%22dsgnsys%22%7D%5D&remoteWidgetStructureBuilderVersion=1.226.0&siteId=e0eb794f-acea-45f3-a7f7-43bbcd8f21cb&siteRevision=716&tbElementsSiteAssets=siteAssets.cfa2f66f.bundle.min.js&viewMode=desktop
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: fb099c2c6a3ee590ce321bebddbcd722bba64f257a535616302d91e0fa8344c7

Request headers

Origin: https://www.aoifehillen.com
Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:26:27 GMT
content-encoding: gzip
access-control-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-varnish: 344239223
server: Pepyaka/1.19.0
etag: W/"503-a65Ksg37KIkGUFMiY3X3+orOkac"
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/json; charset=utf-8
via: 1.1 varnish (Varnish/6.0), 1.1 google
access-control-expose-headers: age,via,x-cache-status,X-cache-status
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: 2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR375b1bDp0H2dV6wo7+kPLo/V,/SoSYmefJLK2hiZpy2XaYlN1tYMUtM33SkDcJDaLDqlWSiasdQPAfY+8q68XL0WuvGQ2Otd3B2C27oTTIAKJtQ==,ZUT6NeJ/NsDmQ9DMGnwT1Kkl915zT6APuRm6FhpNClUeGdLDLXwpLd0CTVHPbfOd,Awf+EL8DXagxrUUrGnf8jEmca52A7Nshl6kXTKjoWe5sK1iLQix1ow/g1ljA8tZ8,vnnyTBxZ51OQwVc1vV5ZXIy8qKf9TWybicEOT5GS9rNNG+KuK+VIZfbNzHJu0vJu,Zn9WNN0kqlgxWPFF+74GYNisIcyar2cUSpmSQHsHUtTW5cg6PXlbi4QNL9kOq0Tu,vnnyTBxZ51OQwVc1vV5ZXIy8qKf9TWybicEOT5GS9rNNG+KuK+VIZfbNzHJu0vJu,m7d0zj9X6FBqkyAIyh66vLbmdSLPDlkBJtCzH37jz5FNG+KuK+VIZfbNzHJu0vJu,X0+kt7XXQOUL1jfJ/HiBIjvgcXYL5FrLWPXlqUbRIDm7zdet3k18PORzOjOdW3/f28UGO2Vm/PMnFHRKLj8pziZD7JXGwreER+8jNqkf1jk=,l7Ey5khejq81S7sxGe5Nk8M0ZUChfFrHrovkmZAhgTKTzRA6xkSHdTdM1EufzDIPWIHlCalF7YnfvOr2cMPpyw==,tznMqpp3e1oucszW+OT1FNZ9/9ZZ2G4TjMmvssRDwINgkCnsyCMtIoaBRUpPg4RnsWPM5pqcE74vkhp+uJdwQg==,l7Ey5khejq81S7sxGe5Nk03sx1DRxCgauwVKRReBfExNG+KuK+VIZfbNzHJu0vJu,Tw2AanFDQ+Wwo8Xxk6ZL7s1nFosPSACcx/dQRJ/XBuTlgy3EUFFk/d32zlvJbTn4jWbjUQjRGToMyQbXh4EX8g==

GET
H2 200 thunderbolt
siteassets.parastorage.com/pages/pages/ 7 KB
3 KB 176ms
146ms Other
application/json 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://siteassets.parastorage.com/pages/pages/thunderbolt?beckyExperiments=specs.thunderbolt.addressInputAtlasProvider%3Atrue%2Cspecs.thunderbolt.seoFriendlyDropDownMenu%3Atrue%2Cspecs.thunderbolt.image_placeholder%3Atrue%2Cspecs.thunderbolt.tb_omitInlineContent%3Atrue%2Ctb_UploadButtonFixValidationNotRequired%3Atrue%2Cspecs.thunderbolt.tb_pinLayerDockedBottom%3Atrue%2Cspecs.thunderbolt.tb_media_layout_by_effect%3Atrue&contentType=application%2Fjson&dfCk=6&dfVersion=1.1273.0&experiments=bv_cartPageResponsiveLayoutFixer%2Cbv_migrateResponsiveLayoutToSingleLayoutData%2Cbv_migrateResponsiveToVariantsModels%2Cbv_removeMenuDataFromPageJson%2Cbv_remove_add_chat_viewer_fixer%2Cdm_fixMobileHoverBoxDesign&externalBaseUrl=https%3A%2F%2Fwww.aoifehillen.com&fileId=437fdc5e.bundle.min&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isPremiumDomain=true&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=en&metaSiteId=adf5d443-2e2b-4ce6-a0c2-c7ae1f603745&module=thunderbolt-platform&originalLanguage=en&pageId=e6fcd9_7d3b7f1f52c8abd298ec7bb06c4e0e16_716.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.5802.0%22%2C%22manifestName%22%3A%22library-manifest%22%2C%22namespace%22%3A%22wixui%22%7D%2C%7B%22artifactId%22%3A%22editor-elements-design-systems%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.5802.0%22%2C%22manifestName%22%3A%22design-systems-manifest%22%2C%22namespace%22%3A%22dsgnsys%22%7D%5D&remoteWidgetStructureBuilderVersion=1.226.0&siteId=e0eb794f-acea-45f3-a7f7-43bbcd8f21cb&siteRevision=716&tbElementsSiteAssets=siteAssets.cfa2f66f.bundle.min.js&viewMode=desktop
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: 09e17dfc0f3ee136f965092891346b63f86837b99dd4747783d115d019a47fa7

Request headers

Origin: https://www.aoifehillen.com
Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:26:27 GMT
content-encoding: gzip
access-control-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-varnish: 346976132
server: Pepyaka/1.19.0
etag: W/"1c4a-TvvGn6mJh5f6Vhi7KXDJkb8uo/Y"
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/json; charset=utf-8
via: 1.1 varnish (Varnish/6.0), 1.1 google
access-control-expose-headers: age,via,x-cache-status,X-cache-status
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: 2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR376536UhzXm9XdY7laevZQNo,/SoSYmefJLK2hiZpy2XaYlN1tYMUtM33SkDcJDaLDqkeGH7c+ZEhNweLTkGVkD77WIHlCalF7YnfvOr2cMPpyw==,ZUT6NeJ/NsDmQ9DMGnwT1AopiK1W1qk/Axddrw26azUeGdLDLXwpLd0CTVHPbfOd,Awf+EL8DXagxrUUrGnf8jEmca52A7Nshl6kXTKjoWe5FFGWabC1vFSR7q7mXxkr5,LXlT8qjS5x6WBejJA3+gBbWjduz+VJWbkw7OmBXKAHBNG+KuK+VIZfbNzHJu0vJu,Zn9WNN0kqlgxWPFF+74GYBjzULCiOnV8hqWWf5omkuK2F863ICCU6Uw6z2MMYKcx,LXlT8qjS5x6WBejJA3+gBbWjduz+VJWbkw7OmBXKAHBNG+KuK+VIZfbNzHJu0vJu,u3CNwl6zAd2E01MQck4H7NfUajW3BAQWJG+G7zwNBpCTzRA6xkSHdTdM1EufzDIPWIHlCalF7YnfvOr2cMPpyw==,X0+kt7XXQOUL1jfJ/HiBIjvgcXYL5FrLWPXlqUbRIDm7zdet3k18PORzOjOdW3/f85PFknuiNZxsTbk5Hqx/ajVDDk/oDnB1IdI0LtUdn4g=,IaDuTAMGGvhXtruM6nHg6pqhxbwl/wwXoRaOepR7KrGTzRA6xkSHdTdM1EufzDIPWIHlCalF7YnfvOr2cMPpyw==,tznMqpp3e1oucszW+OT1FNZ9/9ZZ2G4TjMmvssRDwINfwe3gZpOfEhikWAFUHeYhhczDkMdt5rxIE+pqKt4HwQ==,l7Ey5khejq81S7sxGe5Nk0JTwATSdC8RUho6IIZ+Hn6TzRA6xkSHdTdM1EufzDIPWIHlCalF7YnfvOr2cMPpyw==,Tw2AanFDQ+Wwo8Xxk6ZL7s1nFosPSACcx/dQRJ/XBuQ8qIzgC34hyvwbKGoEzLySgh0dp0Vw1v2YtQ7D3xzxXA==

GET
H2 200 componentSdks.1ee76e1e.bundle.min.js Show response
static.parastorage.com/services/editor-elements/dist/ 59 KB
12 KB 41ms
11ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/editor-elements/dist/componentSdks.1ee76e1e.bundle.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: cff62f558835506eb62ecbe138a63f93f55072b2d1ec0016cbd51db673114186

Request headers

Origin: https://www.aoifehillen.com
Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 13:32:23 GMT
content-encoding: br
age: 68044
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11357
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Wed, 26 May 2021 06:57:00 GMT
server: Pepyaka/1.19.0
etag: W/"9f02d90c52cba40796ef9d8c6025a4e7"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 848187400 841036733
via: 1.1 varnish (Varnish/6.0), 1.1 google
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzvETjrKKcFl2P7fXuoeOI,aVxMblM8KFG3we5NLvyVc77oEFUYFLUrQdQMkr4TKte8ZDY613cHYLbuhNMgAom1

GET
H2 200 thunderbolt
siteassets.parastorage.com/pages/pages/ 56 KB
9 KB 73ms
43ms Other
application/json 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://siteassets.parastorage.com/pages/pages/thunderbolt?beckyExperiments=specs.thunderbolt.addressInputAtlasProvider%3Atrue%2Cspecs.thunderbolt.seoFriendlyDropDownMenu%3Atrue%2Cspecs.thunderbolt.image_placeholder%3Atrue%2Cspecs.thunderbolt.tb_omitInlineContent%3Atrue%2Ctb_UploadButtonFixValidationNotRequired%3Atrue%2Cspecs.thunderbolt.tb_pinLayerDockedBottom%3Atrue%2Cspecs.thunderbolt.tb_media_layout_by_effect%3Atrue&contentType=application%2Fjson&deviceType=Desktop&dfCk=6&dfVersion=1.1273.0&experiments=bv_cartPageResponsiveLayoutFixer%2Cbv_migrateResponsiveLayoutToSingleLayoutData%2Cbv_migrateResponsiveToVariantsModels%2Cbv_removeMenuDataFromPageJson%2Cbv_remove_add_chat_viewer_fixer%2Cdm_fixMobileHoverBoxDesign&externalBaseUrl=https%3A%2F%2Fwww.aoifehillen.com&fileId=6c98835d.bundle.min&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isMultilingualEnabled=false&isPremiumDomain=true&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=en&languageResolutionMethod=QueryParam&metaSiteId=adf5d443-2e2b-4ce6-a0c2-c7ae1f603745&module=thunderbolt-features&originalLanguage=en&pageId=e6fcd9_500df1f519ea59464db8a88134ced456_716.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.5802.0%22%2C%22manifestName%22%3A%22library-manifest%22%2C%22namespace%22%3A%22wixui%22%7D%2C%7B%22artifactId%22%3A%22editor-elements-design-systems%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.5802.0%22%2C%22manifestName%22%3A%22design-systems-manifest%22%2C%22namespace%22%3A%22dsgnsys%22%7D%5D&remoteWidgetStructureBuilderVersion=1.226.0&siteId=e0eb794f-acea-45f3-a7f7-43bbcd8f21cb&siteRevision=716&staticHTMLComponentUrl=https%3A%2F%2Fwww-aoifehillen-com.filesusr.com%2F&tbElementsSiteAssets=siteAssets.cfa2f66f.bundle.min.js&useSandboxInHTMLComp=false&viewMode=desktop
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: 797469bc16a9eb4a5f82cc2e26c8e53768e6221958343c668c80d5429b6914fa

Request headers

Origin: https://www.aoifehillen.com
Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:26:27 GMT
content-encoding: gzip
access-control-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7913
x-varnish: 905566818 914917085
x-newrelic-app-data: PxQFUlJRABABV1BTBQAPVlETGhE1AwE2QgNWEVlbQFtcCxYkSRFBBxdFXRJJJH1nH0sRA1BURElOExoDTlZNUghTDlYICAwKH0gITRNVV1tcAAUHB1ReUgkBVloOExsABV1FVj8=
server: Pepyaka/1.19.0
etag: W/"df3c-N4jrU90RhqDa2gaBEKi7uGwi2Og"
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/json; charset=utf-8
via: 1.1 varnish (Varnish/6.0), 1.1 google
access-control-expose-headers: age,via,x-cache-status,X-cache-status
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: 2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR375b1bDp0H2dV6wo7+kPLo/V,/SoSYmefJLK2hiZpy2XaYlN1tYMUtM33SkDcJDaLDqlWSiasdQPAfY+8q68XL0WuvGQ2Otd3B2C27oTTIAKJtQ==,ZUT6NeJ/NsDmQ9DMGnwT1PFoNPdViu/warsXrOfRCw7JftmKrOReD3ukbbas4YDo

GET
H2 200 thunderbolt
siteassets.parastorage.com/pages/pages/ 42 KB
8 KB 177ms
147ms Other
application/json 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://siteassets.parastorage.com/pages/pages/thunderbolt?beckyExperiments=specs.thunderbolt.addressInputAtlasProvider%3Atrue%2Cspecs.thunderbolt.seoFriendlyDropDownMenu%3Atrue%2Cspecs.thunderbolt.image_placeholder%3Atrue%2Cspecs.thunderbolt.tb_omitInlineContent%3Atrue%2Ctb_UploadButtonFixValidationNotRequired%3Atrue%2Cspecs.thunderbolt.tb_pinLayerDockedBottom%3Atrue%2Cspecs.thunderbolt.tb_media_layout_by_effect%3Atrue&contentType=application%2Fjson&deviceType=Desktop&dfCk=6&dfVersion=1.1273.0&experiments=bv_cartPageResponsiveLayoutFixer%2Cbv_migrateResponsiveLayoutToSingleLayoutData%2Cbv_migrateResponsiveToVariantsModels%2Cbv_removeMenuDataFromPageJson%2Cbv_remove_add_chat_viewer_fixer%2Cdm_fixMobileHoverBoxDesign&externalBaseUrl=https%3A%2F%2Fwww.aoifehillen.com&fileId=6c98835d.bundle.min&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isMultilingualEnabled=false&isPremiumDomain=true&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=en&languageResolutionMethod=QueryParam&metaSiteId=adf5d443-2e2b-4ce6-a0c2-c7ae1f603745&module=thunderbolt-features&originalLanguage=en&pageId=e6fcd9_7d3b7f1f52c8abd298ec7bb06c4e0e16_716.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.5802.0%22%2C%22manifestName%22%3A%22library-manifest%22%2C%22namespace%22%3A%22wixui%22%7D%2C%7B%22artifactId%22%3A%22editor-elements-design-systems%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.5802.0%22%2C%22manifestName%22%3A%22design-systems-manifest%22%2C%22namespace%22%3A%22dsgnsys%22%7D%5D&remoteWidgetStructureBuilderVersion=1.226.0&siteId=e0eb794f-acea-45f3-a7f7-43bbcd8f21cb&siteRevision=716&staticHTMLComponentUrl=https%3A%2F%2Fwww-aoifehillen-com.filesusr.com%2F&tbElementsSiteAssets=siteAssets.cfa2f66f.bundle.min.js&useSandboxInHTMLComp=false&viewMode=desktop
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: f55825bf744e331c1c5768eb9c02abff69929ab67defcd8c7ea80b1a8d6475e8

Request headers

Origin: https://www.aoifehillen.com
Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:26:27 GMT
content-encoding: gzip
access-control-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-varnish: 338122028 347702138
x-newrelic-app-data: PxQFUlJRABABV1BTBQAPVlETGhE1AwE2QgNWEVlbQFtcCxYkSRFBBxdFXRJJJH1nH0sRA1BURElOExoDTlZNUwRbCFUPAQQBClwAWAhYClpIGwZNRFIBBgEHAgAFBwYDU1ICAgNETwRRDksHZQ==
server: Pepyaka/1.19.0
etag: W/"a71e-YEqfYyvvZiFgMVoJ61C+Mgk4hf0"
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/json; charset=utf-8
via: 1.1 varnish (Varnish/6.0), 1.1 google
access-control-expose-headers: age,via,x-cache-status,X-cache-status
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: 2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR375b1bDp0H2dV6wo7+kPLo/V,/SoSYmefJLK2hiZpy2XaYlN1tYMUtM33SkDcJDaLDqlWSiasdQPAfY+8q68XL0WuvGQ2Otd3B2C27oTTIAKJtQ==,ZUT6NeJ/NsDmQ9DMGnwT1Kkl915zT6APuRm6FhpNClUeGdLDLXwpLd0CTVHPbfOd

GET
H3-Q050 200 siteTags.bundle.min.js Show response
static.parastorage.com/services/tag-manager-client/1.427.0/ 11 KB
4 KB 29ms
28ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/tag-manager-client/1.427.0/siteTags.bundle.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: a055462e069ab37c3c269bf8b80c7c1aafa72b7d2f0b7699833f87558b06a0cc

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 10:56:55 GMT
content-encoding: br
age: 163772
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3858
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 09:37:42 GMT
server: Pepyaka/1.19.0
etag: W/"74b64900831a2e814a8ff0cdedcf80cb"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 483198300 483230648
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgCoopO/YbY92dofGo6y7lA,aVxMblM8KFG3we5NLvyVc5cgOQloijuFMd72n2oFHsEeGdLDLXwpLd0CTVHPbfOd

GET
H2 200 dynamicmodel Show response
www.aoifehillen.com/_api/v2/ 17 KB
7 KB 97ms
91ms Fetch
application/json 35.242.251.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aoifehillen.com/_api/v2/dynamicmodel

Requested by

Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.242.251.130 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

130.251.242.35.bc.googleusercontent.com

Software

Pepyaka/1.19.0 /

Resource Hash

09d2c318a76a940635ebba08783505f748eaf7d28cae6d319bea4a146557913b

Security Headers

Name	Value
Strict-Transport-Security	max-age=120
X-Content-Type-Options	nosniff

Request headers

:path: /_api/v2/dynamicmodel
pragma: no-cache
cookie: ssr-caching=cache#desc=miss#varnish=miss#dc#desc=euw3; XSRF-TOKEN=1622103987|AaP6Fkauw7yS
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.aoifehillen.com
referer: https://www.aoifehillen.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:26:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-wix-request-id: 1622103987.61717781105928946
server: Pepyaka/1.19.0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
set-cookie: hs=444037658; Path=/; Domain=www.aoifehillen.com; HTTPOnly svSession=78739312e27aa06b58ee5cd2261cd7ca0c2e297db5625ceb8445c812aada1caa2b742506446de8f3ec4f7bf10b27fe5d1e60994d53964e647acf431e4f798bcd08e357c8e9de864d89e912989bfd12d01ad9a49e01e47e5903c4d26e79aaaf93ac598e2adbe75687572b8e7fc33c7667a96a266a494e079c1d4f2b053d2675bd456c04ffe1864211633f1f2bde812f06; Max-Age=63071999; Expires=Sat, 27 May 2023 08:26:26 GMT; Path=/; Domain=www.aoifehillen.com; Secure; HTTPOnly; SameSite=None
cache-control: no-cache, no-store
strict-transport-security: max-age=120
x-seen-by: sHU62EDOGnH2FBkJkG/Wx8EeXWsWdHrhlvbxtlynkVj8hHIDsGU3U8in4aXN4Wxi,qquldgcFrj2n046g4RNSVO41WPKnFMbc7ID/2Bjixvw=,2d58ifebGbosy5xc+FRallS9o86n7zRAfNJwsarqsf9SOWxpFbK/2b9FNIk3ZV9Fjoe2GMQJ/MdiMK4Y/vI70+LyVYEzOMzioHFIHZ5n0H8=,m7d0zj9X6FBqkyAIyh66vMix4XqmceXCQ4+DkmiCT79NG+KuK+VIZfbNzHJu0vJu,WDMzHiyOL7uW518fW2Byrw+S1QujL+8BXFy2inIY/VukkVNONV/qb07hsYloyOeFWIHlCalF7YnfvOr2cMPpyw==

POST
H2 204 bt
frog.wix.com/ 0
256 B 308ms
114ms Ping
text/plain 54.175.222.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=miss,miss&dc=84&et=1&event_name=Init&is_cached=false&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=true&iss=0&ita=1&msid=adf5d443-2e2b-4ce6-a0c2-c7ae1f603745&pn=1&sessionId=457a0e71-95b4-4bbe-8fba-f8774d2eb5ec&siterev=716-__siteCacheRevision__&st=2&ts=47&tts=633&url=https%3A%2F%2Fwww.aoifehillen.com%2F&v=1.6692.0&vsi=807c226d-570a-44a4-9685-7853bff8e6f4&_brandId=wix
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.222.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-222-143.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.aoifehillen.com
date: Thu, 27 May 2021 08:26:27 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST

GET
H2 200 clientWorker.f1d26040.bundle.min.js
www.aoifehillen.com/_partials/wix-thunderbolt/dist/ 421 KB
111 KB 25ms
24ms Other
application/javascript 35.242.251.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aoifehillen.com/_partials/wix-thunderbolt/dist/clientWorker.f1d26040.bundle.min.js

Requested by

Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.242.251.130 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

130.251.242.35.bc.googleusercontent.com

Software

Pepyaka/1.19.0 /

Resource Hash

6b6b44f0e6523913a5a26392ab7f95ee1fb028a7593676ebc12ecb9c6ff7ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /_partials/wix-thunderbolt/dist/clientWorker.f1d26040.bundle.min.js
pragma: no-cache
cookie: ssr-caching=cache#desc=miss#varnish=miss#dc#desc=euw3; XSRF-TOKEN=1622103987|AaP6Fkauw7yS
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: same-origin
accept: */*
cache-control: no-cache
sec-fetch-dest: worker
:authority: www.aoifehillen.com
referer: https://www.aoifehillen.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:26:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12720
x-cache-status: MISS
content-length: 112339
timing-allow-origin: *
access-control-allow-origin: *
x-wix-request-id: 1622103987.62217781105938946
last-modified: Wed, 26 May 2021 13:24:19 GMT
server: Pepyaka/1.19.0
etag: W/"84a841170e99d515d12f0da2d71dd0a0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 590388360
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: sHU62EDOGnH2FBkJkG/Wx8EeXWsWdHrhlvbxtlynkVj8hHIDsGU3U8in4aXN4Wxi,qquldgcFrj2n046g4RNSVAiOxhA7Vkxnx3Qqcd3yJLo=,zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchIgoL5sebypSby+dtJLp+o,aVxMblM8KFG3we5NLvyVc7lNA4QlJ7J3qlFDx62N8pUeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZu5XlfJc81bg/9yqD5g4dYQTB/Wjo62J2g8BZ67CmCKH

POST
H2 204 site-members
frog.wix.com/ 0
256 B 120ms
120ms Ping
text/plain 54.175.222.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://frog.wix.com/site-members?_msid=adf5d443-2e2b-4ce6-a0c2-c7ae1f603745&vsi=807c226d-570a-44a4-9685-7853bff8e6f4&rid=request-id-placeholder&_av=thunderbolt-1.6692.0&isb=true&isbr=webdriver&_brandId=wix&_ms=986&src=5&evid=698&biToken=adf5d443-2e2b-4ce6-a0c2-c7ae1f603745&context=undefined&ts=398&viewmode=undefined&visitor_id=8043bf7c-87e7-494d-90f0-20b993101d11&site_member_id=undefined&site_settings_lng=en&browser_lng=en&lng_mismatch=false&layout=undefined&_visitorId=8043bf7c-87e7-494d-90f0-20b993101d11&_siteMemberId=undefined&bsi=f1e68558-8453-4428-9068-b9e587cb6df4%7C1&_lv=2.0.875&_=16221039879670
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.785e3501.bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.222.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-222-143.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.aoifehillen.com
date: Thu, 27 May 2021 08:26:28 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST

POST
H2 204 bolt-performance
frog.wix.com/ 0
256 B 117ms
117ms Ping
text/plain 54.175.222.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://frog.wix.com/bolt-performance
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.785e3501.bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.222.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-222-143.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.aoifehillen.com
date: Thu, 27 May 2021 08:26:28 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST

GET
H3-Q050 200 thunderboltElements.1a13a075.bundle.min.js Show response
static.parastorage.com/services/editor-elements/dist/ 123 KB
20 KB 14ms
14ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/editor-elements/dist/thunderboltElements.1a13a075.bundle.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: 4954d47aec6d06321b97bf93d1c573762b90bcbda1d366f3b587f41e2a292650

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 13:32:23 GMT
content-encoding: br
age: 68045
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20388
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Wed, 26 May 2021 09:43:18 GMT
server: Pepyaka/1.19.0
etag: W/"e17def772aa9474f6e7b85f632ca0064"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 374008505 372981753
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchIgoL5sebypSby+dtJLp+o,aVxMblM8KFG3we5NLvyVc5BS62q8lKXA3L5tDnkA9428ZDY613cHYLbuhNMgAom1

GET
H3-Q050 200 wix-perf-measure.bundle.min.js Show response
static.parastorage.com/services/wix-perf-measure/1.471.0/ 33 KB
10 KB 15ms
14ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-perf-measure/1.471.0/wix-perf-measure.bundle.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: 33ee10ef8b921b7d8cbe871fa5e6c81af28f815a0d618fa819642f3b35243b9f

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 05:03:08 GMT
content-encoding: br
age: 271400
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10381
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Sun, 23 May 2021 13:15:57 GMT
server: Pepyaka/1.19.0
etag: W/"1a7d6080ca23cf6e163143abea633545"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 579388938 553853959
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgCoopO/YbY92dofGo6y7lA,aVxMblM8KFG3we5NLvyVc68g6p1WR4pyJ/+mbXoE+/W8ZDY613cHYLbuhNMgAom1

GET
H3-Q050 200 react-dom.production.min.js Show response
static.parastorage.com/unpkg/react-dom@16.13.1/umd/ 116 KB
37 KB 21ms
13ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/unpkg/react-dom@16.13.1/umd/react-dom.production.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: bc5b7797e8a595e365c1385b0d47683d3a85f3533c58d499659b771c48ec6d25

Request headers

Origin: https://www.aoifehillen.com
Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 12 May 2021 05:33:03 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1306405
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37986
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Fri, 20 Mar 2020 10:41:05 GMT
server: Pepyaka/1.19.0
etag: "dcf51763fb4a654e15a4e6e7754ca5d2"
access-control-max-age: 3000
access-control-allow-methods: GET,GET, OPTIONS, POST
x-varnish: 927465514 729533334
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgCoopO/YbY92dofGo6y7lA,aVxMblM8KFG3we5NLvyVc4W04dmo5RqiFQap4IrllKMeGdLDLXwpLd0CTVHPbfOd

GET
H3-Q050 200 activePopup.b727980a.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ 921 B
742 B 21ms
14ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/activePopup.b727980a.chunk.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: 62e13e8c0c66c75118c08dec86854467dcd920372dcc0e21f60f6b1d1895e167

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 13:24:06 GMT
content-encoding: br
age: 154942
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 506
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Tue, 04 May 2021 08:37:34 GMT
server: Pepyaka/1.19.0
etag: W/"c1691870e7bc3e9985173ffc2be08f74"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 494833375 465642711
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchIgoL5sebypSby+dtJLp+o,aVxMblM8KFG3we5NLvyVc5cgOQloijuFMd72n2oFHsEeGdLDLXwpLd0CTVHPbfOd

GET
H3-Q050 200 imageZoom.b78cc9a1.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ 4 KB
2 KB 22ms
14ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/imageZoom.b78cc9a1.chunk.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: 0bbf7c7615d77464b08670fc6a916821689147153b57a7e431442081a0e72931

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 05:02:17 GMT
content-encoding: br
age: 52362
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1642
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Wed, 26 May 2021 12:08:31 GMT
server: Pepyaka/1.19.0
etag: W/"7af94359005feab7de6e3ce79890d678"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 631354182 597925377
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchoi54C6DpnVZ/n22VXiXzE,aVxMblM8KFG3we5NLvyVc5cgOQloijuFMd72n2oFHsEeGdLDLXwpLd0CTVHPbfOd

GET
H3-Q050 200 onloadCompsBehaviors.364debeb.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ 922 B
836 B 22ms
14ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/onloadCompsBehaviors.364debeb.chunk.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: 6f5db1c4232abaf08194310d536967987e69c5a9c1575d6f6fc7c307f1839475

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 07:34:19 GMT
content-encoding: br
age: 175929
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 511
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Tue, 27 Apr 2021 09:03:46 GMT
server: Pepyaka/1.19.0
etag: W/"d0d203ae5204f6ca48972e1c1d0e5d31"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 657380481 651602061
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgCoopO/YbY92dofGo6y7lA,aVxMblM8KFG3we5NLvyVc68g6p1WR4pyJ/+mbXoE+/W8ZDY613cHYLbuhNMgAom1

GET
H3-Q050 200 ooiTpaSharedConfig.2f6d1ded.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ 667 B
597 B 23ms
15ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ooiTpaSharedConfig.2f6d1ded.chunk.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: 3bed91d014766e341d0bf574061e3e67993ac8409b3b900d028e3083a16c3dab

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 07:28:27 GMT
content-encoding: br
age: 176281
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 381
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Tue, 04 May 2021 08:37:34 GMT
server: Pepyaka/1.19.0
etag: W/"b848a526776b2b6f6a31127a7bc325a7"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 778296075 649816337
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzvETjrKKcFl2P7fXuoeOI,aVxMblM8KFG3we5NLvyVc77oEFUYFLUrQdQMkr4TKte8ZDY613cHYLbuhNMgAom1

GET
H3-Q050 200 pageAnchors.db494daa.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ 3 KB
1 KB 24ms
16ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/pageAnchors.db494daa.chunk.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: 7c47ad8944a0c9fb6c7b6deaba4f2c3ce90ff8ae5f8b5446facdd9d5b649874e

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 07:34:19 GMT
content-encoding: br
age: 175929
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Tue, 11 May 2021 16:17:49 GMT
server: Pepyaka/1.19.0
etag: W/"19b8bf5b0405e6df8eaba8d85f586392"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 466917664 395775607
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchIgoL5sebypSby+dtJLp+o,aVxMblM8KFG3we5NLvyVc7Hu6QJM4kS1c2n2AszSlkQeGdLDLXwpLd0CTVHPbfOd

GET
H3-Q050 200 pageTransitions.a623710b.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ 2 KB
1 KB 28ms
20ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/pageTransitions.a623710b.chunk.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: 7225e597b529ca1e9a90fb49b03fa9e57862cff2edc05714b857cae47ffdc905

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 13:24:07 GMT
content-encoding: br
age: 154941
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 998
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Tue, 04 May 2021 08:37:38 GMT
server: Pepyaka/1.19.0
etag: W/"d5c71a4607e8515986e8766a487a855c"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 797561354 699391732
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchIgoL5sebypSby+dtJLp+o,aVxMblM8KFG3we5NLvyVc77oEFUYFLUrQdQMkr4TKte8ZDY613cHYLbuhNMgAom1

GET
H3-Q050 200 platformPubsub.463396db.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ 3 KB
1 KB 23ms
16ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/platformPubsub.463396db.chunk.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: d6f31ad1b27465308a769225a8672d9ac90f9ca0e38ac74305be73ec91def11a

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 13:24:12 GMT
content-encoding: br
age: 154936
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1259
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Tue, 11 May 2021 16:17:48 GMT
server: Pepyaka/1.19.0
etag: W/"d7129191945a82f930c5c6d99ea8ac51"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 476135699 462413680
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgCoopO/YbY92dofGo6y7lA,aVxMblM8KFG3we5NLvyVc7Hu6QJM4kS1c2n2AszSlkQeGdLDLXwpLd0CTVHPbfOd

GET
H3-Q050 200 protectedPages.35c2392e.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ 4 KB
2 KB 24ms
16ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/protectedPages.35c2392e.chunk.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: 6a5e82c72f803be166337a1e6a751189cee9c0aed878d563606af7a23ccb0705

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 13:24:04 GMT
content-encoding: br
age: 154944
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1482
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Sun, 18 Apr 2021 11:19:10 GMT
server: Pepyaka/1.19.0
etag: W/"979afdcc056020008d7349b03515db89"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 208565829 264386165
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchIgoL5sebypSby+dtJLp+o,aVxMblM8KFG3we5NLvyVc5BS62q8lKXA3L5tDnkA9428ZDY613cHYLbuhNMgAom1

GET
H3-Q050 200 tpa.dbf2ee74.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ 64 KB
19 KB 24ms
16ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/tpa.dbf2ee74.chunk.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: 8336ab02e289f0a53587d36be6e7cb8a4bbc20e222a9c0492b8fd41c572ae5a0

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 07:28:27 GMT
content-encoding: br
age: 176281
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19538
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Sun, 23 May 2021 15:36:10 GMT
server: Pepyaka/1.19.0
etag: W/"2f953c02ae2d788b603b70f128129dee"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 460923951 438963295
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchIgoL5sebypSby+dtJLp+o,aVxMblM8KFG3we5NLvyVc5cgOQloijuFMd72n2oFHsEeGdLDLXwpLd0CTVHPbfOd

GET
H3-Q050 200 bootstrap-components-classic.8543f26d.chunk.min.js Show response
static.parastorage.com/services/editor-elements/dist/ 25 KB
8 KB 25ms
17ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/editor-elements/dist/bootstrap-components-classic.8543f26d.chunk.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: 24fcc4f2835c1b75536fea9222a1569feba63109bc0da1187dc42bffe38158f7

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 13:33:39 GMT
content-encoding: br
age: 154369
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7343
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Fri, 21 May 2021 18:08:22 GMT
server: Pepyaka/1.19.0
etag: W/"a549cd467268f649453b96622be886df"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 328810932 325110973
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgCoopO/YbY92dofGo6y7lA,aVxMblM8KFG3we5NLvyVc5BS62q8lKXA3L5tDnkA9428ZDY613cHYLbuhNMgAom1

GET
H3-Q050 200 FiveGridLine_SolidLine.a077bf96.chunk.min.js Show response
static.parastorage.com/services/editor-elements/dist/ 849 B
576 B 27ms
19ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/editor-elements/dist/FiveGridLine_SolidLine.a077bf96.chunk.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: 26fd54ade7e147a1ab241bf0a57264d2a0a3e706868f03377910098717bd93c4

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 13:34:03 GMT
content-encoding: br
age: 154345
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 445
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Fri, 21 May 2021 18:08:23 GMT
server: Pepyaka/1.19.0
etag: W/"10d8625de3c7985101a6e5b2f910c8bb"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 476469640 347336359
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgCoopO/YbY92dofGo6y7lA,aVxMblM8KFG3we5NLvyVc7Hu6QJM4kS1c2n2AszSlkQeGdLDLXwpLd0CTVHPbfOd

GET
H3-Q050 200 bootstrap-components-responsive.62cbf592.chunk.min.js Show response
static.parastorage.com/services/editor-elements/dist/ 19 KB
6 KB 28ms
21ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/editor-elements/dist/bootstrap-components-responsive.62cbf592.chunk.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: e1c109f6c8713923904e75ec919510e2cccc75ff2771ef02c5b9793c9c77a4c2

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 13:33:39 GMT
content-encoding: br
age: 154369
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6448
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 09:08:12 GMT
server: Pepyaka/1.19.0
etag: W/"de403e0af4b170438fae3be785b776a5"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 542565083 537912328
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzvETjrKKcFl2P7fXuoeOI,aVxMblM8KFG3we5NLvyVc7lNA4QlJ7J3qlFDx62N8pUeGdLDLXwpLd0CTVHPbfOd

GET
H3-Q050 200 MatrixGallery_MatrixGalleryDefaultSkin.ce5091be.chunk.min.js Show response
static.parastorage.com/services/editor-elements/dist/ 9 KB
4 KB 28ms
20ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/editor-elements/dist/MatrixGallery_MatrixGalleryDefaultSkin.ce5091be.chunk.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: eb87dbe6a282bdfba9394314932f0e8d5ca56c8cf6e862f5db30d47de82fa41e

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 13:47:00 GMT
content-encoding: br
age: 153568
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3352
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Fri, 21 May 2021 18:08:24 GMT
server: Pepyaka/1.19.0
etag: W/"89cb3dcda9495fa2dee2567c03491cee"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 659994152 652230007
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzvETjrKKcFl2P7fXuoeOI,aVxMblM8KFG3we5NLvyVc4W04dmo5RqiFQap4IrllKMeGdLDLXwpLd0CTVHPbfOd

GET
H3-Q050 200 HtmlComponent.0c5a9f8d.chunk.min.js Show response
static.parastorage.com/services/editor-elements/dist/ 2 KB
1 KB 27ms
20ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/editor-elements/dist/HtmlComponent.0c5a9f8d.chunk.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: 3884ddca442a1fd6ee1952fc3d9c0c43a3863a0d3b5e21375076ad74a849b72e

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 13:33:51 GMT
content-encoding: br
age: 154357
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1016
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Fri, 21 May 2021 18:08:21 GMT
server: Pepyaka/1.19.0
etag: W/"9ab85a4a0aee01597bc58c7f1a63667e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 676144763 668186537
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchoi54C6DpnVZ/n22VXiXzE,aVxMblM8KFG3we5NLvyVc68g6p1WR4pyJ/+mbXoE+/W8ZDY613cHYLbuhNMgAom1

GET
H3-Q050 200 bootstrap-components-common.7940a984.chunk.min.js Show response
static.parastorage.com/services/editor-elements/dist/ 31 KB
10 KB 25ms
18ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/editor-elements/dist/bootstrap-components-common.7940a984.chunk.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: b639eecc5e632284f25af9b4152a97bd0c72aa41f627a5b33592ff6ccb20655f

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 13:33:39 GMT
content-encoding: br
age: 154369
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9529
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Fri, 21 May 2021 18:08:28 GMT
server: Pepyaka/1.19.0
etag: W/"baf42fcce89ef7f69cb5e2052f7ee0bc"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 578061871 558941570
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgzvETjrKKcFl2P7fXuoeOI,aVxMblM8KFG3we5NLvyVc0s8w751A/YgAGtzAGGCOK4eGdLDLXwpLd0CTVHPbfOd

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 e6fcd9_61853d5d85c447f9a12ba7f7147b3728~mv2.jpg
static.wixstatic.com/media/e6fcd9_61853d5d85c447f9a12ba7f7147b3728~mv2.jpg/v1/fill/w_196,h_184,al_c,q_80,usm_0.66_1.00_0.01,blur_2/ 7 KB
8 KB 453ms
420ms Image
image/jpeg 34.102.176.152
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/e6fcd9_61853d5d85c447f9a12ba7f7147b3728~mv2.jpg/v1/fill/w_196,h_184,al_c,q_80,usm_0.66_1.00_0.01,blur_2/e6fcd9_61853d5d85c447f9a12ba7f7147b3728~mv2.jpg
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.176.152 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 152.176.102.34.bc.googleusercontent.com
Software: openresty/1.17.8.2 /
Resource Hash: ad862be01b6e73d60ab2e7d8f2347731198d611004364bf9deb028340b8037ac

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:26:28 GMT
via: 1.1 google
server: openresty/1.17.8.2
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
trace-id: 1t6ylzedQoVDmD1KPhRATeSHasm
timing-allow-origin: *
alt-svc: clear
content-length: 7637
x-seen-by: image-manipulator-767c86b944-kh6g5

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/WtmxRtVqm7E/ 11 KB
11 KB 59ms
56ms Image
image/jpeg 2a00:1450:4001:828::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/WtmxRtVqm7E/mqdefault.jpg

Requested by

Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0e9a314c4d9cf612703c4d6f265f2ffcb2374ffafb93d779d75646c361d17d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:26:28 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11483
x-xss-protection: 0
expires: Thu, 27 May 2021 10:26:28 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/YyK8s8wu9D0/ 13 KB
13 KB 49ms
47ms Image
image/jpeg 2a00:1450:4001:828::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/YyK8s8wu9D0/mqdefault.jpg

Requested by

Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b92a91765a1b59363195c0b8e10ce21525c551d43fec8e801aaa096f081f313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:26:28 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13072
x-xss-protection: 0
expires: Thu, 27 May 2021 10:26:28 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/eVs6D9gee_U/ 5 KB
5 KB 40ms
38ms Image
image/jpeg 2a00:1450:4001:828::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/eVs6D9gee_U/mqdefault.jpg

Requested by

Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca260c4b70168bb499df0204ef4cf32f659baeb71dddedfd4c18b79ce8182130

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:26:28 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5106
x-xss-protection: 0
expires: Thu, 27 May 2021 10:26:28 GMT

GET
H2 200 file.jpg
images-vod.wixmp.com/e6fcd9df-8009-41fd-a42a-f01dd358fd37/images/3e6345d2ed8c42a089c46b37926b18c2f002/v1/fill/w_401,h_226,q_85,usm_0.66_1.00_0.01/ 25 KB
25 KB 493ms
458ms Image
image/jpeg 34.117.140.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-vod.wixmp.com/e6fcd9df-8009-41fd-a42a-f01dd358fd37/images/3e6345d2ed8c42a089c46b37926b18c2f002/v1/fill/w_401,h_226,q_85,usm_0.66_1.00_0.01/file.jpg
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.140.164 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 164.140.117.34.bc.googleusercontent.com
Software: nginx/1.19.10 /
Resource Hash: fe469f7853d1175e533768803e7eae4cb937e98ea8cd047ed1a3de0b9ae0c088

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:26:29 GMT
via: 1.1 google, 1.1 google
server: nginx/1.19.10
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
trace-id: 1t6ylyzC1Jq7TJ9j8dIvW7uQLj3
alt-svc: clear
content-length: 25387
x-seen-by: image-manipulator-9d6c79b84-f4t7v

GET
H2 200 file.jpg
images-vod.wixmp.com/e6fcd9df-8009-41fd-a42a-f01dd358fd37/images/4e37f8b2615040eb9b12fc9b6be88ff4f001/v1/fill/w_401,h_226,q_85,usm_0.66_1.00_0.01/ 16 KB
16 KB 441ms
405ms Image
image/jpeg 34.117.140.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-vod.wixmp.com/e6fcd9df-8009-41fd-a42a-f01dd358fd37/images/4e37f8b2615040eb9b12fc9b6be88ff4f001/v1/fill/w_401,h_226,q_85,usm_0.66_1.00_0.01/file.jpg
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.140.164 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 164.140.117.34.bc.googleusercontent.com
Software: nginx/1.19.10 /
Resource Hash: f2b2946b3fedffb0f7acba063d82da43b73c8d258ead26262ed3828253ad60ea

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:26:28 GMT
via: 1.1 google, 1.1 google
server: nginx/1.19.10
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
trace-id: 1t6ym0zbSbhuqDr54SeIes8uSFx
alt-svc: clear
content-length: 16567
x-seen-by: image-manipulator-9d6c79b84-b2257

GET
H2 200 AffinityDiagram2_edited.jpg
static.wixstatic.com/media/e6fcd9_9e605fb150a94c73ac4563e314250373~mv2.jpg/v1/fill/w_235,h_69,al_c,q_80,usm_0.66_1.00_0.01,blur_2/ 4 KB
4 KB 419ms
394ms Image
image/jpeg 34.102.176.152
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/e6fcd9_9e605fb150a94c73ac4563e314250373~mv2.jpg/v1/fill/w_235,h_69,al_c,q_80,usm_0.66_1.00_0.01,blur_2/AffinityDiagram2_edited.jpg
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.176.152 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 152.176.102.34.bc.googleusercontent.com
Software: openresty/1.17.8.2 /
Resource Hash: 089881fd26c7b891972da420809f411ab4fa0f2b5f0a57f35e56d2a9855d75f5

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:26:28 GMT
via: 1.1 google
server: openresty/1.17.8.2
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
trace-id: 1t6yly2CRo0WyAASL8GcMLP3bjR
timing-allow-origin: *
alt-svc: clear
content-length: 4048
x-seen-by: image-manipulator-767c86b944-ss78v

GET
H2 200 e6fcd9_92e01fba61554158ae9defd5c42e0d43~mv2.jpg
static.wixstatic.com/media/e6fcd9_92e01fba61554158ae9defd5c42e0d43~mv2.jpg/v1/fill/w_245,h_71,al_c,q_80,usm_0.66_1.00_0.01,blur_2/ 4 KB
4 KB 476ms
451ms Image
image/jpeg 34.102.176.152
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/e6fcd9_92e01fba61554158ae9defd5c42e0d43~mv2.jpg/v1/fill/w_245,h_71,al_c,q_80,usm_0.66_1.00_0.01,blur_2/e6fcd9_92e01fba61554158ae9defd5c42e0d43~mv2.jpg
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.176.152 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 152.176.102.34.bc.googleusercontent.com
Software: openresty/1.17.8.2 /
Resource Hash: 2d1735a3af3a220ca5770776c2f2999413bfa1bf2e71a924847bd987c7a3db5d

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:26:28 GMT
via: 1.1 google
server: openresty/1.17.8.2
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
trace-id: 1t6ylycKptaKcZOAXGGGZKqy5Lt
timing-allow-origin: *
alt-svc: clear
content-length: 4301
x-seen-by: image-manipulator-767c86b944-nk5c2

GET
H3-Q050 200 cdn_detect Show response
static.parastorage.com/ 11 B
350 B 17ms
13ms Fetch
binary/octet-stream 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/cdn_detect
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-perf-measure/1.471.0/wix-perf-measure.bundle.min.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: 4795a1c2517089e4df569afd77c04e949139cf299c87f012b894fccf91df4594

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:26:21 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
age: 7
x-cache-status: MISS
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11
cdn-seen: Google
x-varnish: 140622279
last-modified: Tue, 14 May 2019 14:10:15 GMT
server: Pepyaka/1.19.0
etag: "7c12772809c1c0c3deda6103b10fdfa0"
access-control-max-age: 3000
access-control-allow-methods: GET,GET, OPTIONS, POST
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: CDN-seen
cache-control: public, max-age=60
x-amz-version-id: UY3zPgS6y1XEKb75K1qjlNgHtfPG4_Dt
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgCoopO/YbY92dofGo6y7lA,aVxMblM8KFG3we5NLvyVc7Hu6QJM4kS1c2n2AszSlkQeGdLDLXwpLd0CTVHPbfOd

GET
H2 200 dfbaa2894d5149e58ffc1dc844e8f272.jpg
static.wixstatic.com/media/dfbaa2894d5149e58ffc1dc844e8f272.jpg/v1/fill/w_196,h_131,al_c,q_80,usm_0.66_1.00_0.01,blur_2/ 4 KB
5 KB 20ms
17ms Image
image/jpeg 34.102.176.152
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/dfbaa2894d5149e58ffc1dc844e8f272.jpg/v1/fill/w_196,h_131,al_c,q_80,usm_0.66_1.00_0.01,blur_2/dfbaa2894d5149e58ffc1dc844e8f272.jpg
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.176.152 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 152.176.102.34.bc.googleusercontent.com
Software: openresty/1.17.8.2 /
Resource Hash: 866b77f72e93a18db4cecb3d9c2383d93389a933952a36bffbdc66d559ef9193

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 23:17:15 GMT
via: 1.1 google
server: openresty/1.17.8.2
age: 32953
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
trace-id: 1t5tyny2F0G2ArEMGefkLiKbwNt
timing-allow-origin: *
alt-svc: clear
content-length: 4394
x-seen-by: image-manipulator-767c86b944-pm9sr

GET
H3-Q050 200 0078f486-8e52-42c0-ad81-3c8d3d43f48e.woff2
static.parastorage.com/services/third-party/fonts/user-site-fonts/fonts/ 17 KB
17 KB 13ms
13ms Font
application/octet-stream 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/third-party/fonts/user-site-fonts/fonts/0078f486-8e52-42c0-ad81-3c8d3d43f48e.woff2
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: 0ddce0e617794fd30b60e5c829fe12b9d7eeba14e561e7d89da5fcaf2fe900c3

Request headers

Origin: https://www.aoifehillen.com
Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 07:38:47 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
age: 1903661
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17216
x-varnish: 759521174 742728714
last-modified: Tue, 17 Apr 2018 11:11:01 GMT
server: Pepyaka/1.19.0
etag: "ef4257ccfa0fce4d914b23a28aa6fdf4-1"
access-control-max-age: 3000
access-control-allow-methods: GET,GET, OPTIONS, POST
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
x-amz-version-id: ZJhEgw5338rDGW18OcyggGHIv4bi5qCO
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjFx3q2qwVFM9jKuYitAdTW,aVxMblM8KFG3we5NLvyVc0s8w751A/YgAGtzAGGCOK4eGdLDLXwpLd0CTVHPbfOd

GET
H2 200 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v14/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.aoifehillen.com
Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:48:04 GMT
server: sffe
age: 339770
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13428
x-xss-protection: 0
expires: Mon, 23 May 2022 10:03:38 GMT

GET
H2 200 1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v14/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2

Requested by

Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.aoifehillen.com
Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 10:03:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:42 GMT
server: sffe
age: 339768
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13228
x-xss-protection: 0
expires: Mon, 23 May 2022 10:03:40 GMT

GET
H3-Q050 200 ruble-42a7cf33bd31f0c717b534fc9a22801a.woff
static.parastorage.com/services/wix-vod-widget/6d4962cf23230bad393da74e901e7207aa5feda03795e22c8c821e4d/fonts/ 1 KB
2 KB 13ms
12ms Font
application/font-woff 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-vod-widget/6d4962cf23230bad393da74e901e7207aa5feda03795e22c8c821e4d/fonts/ruble-42a7cf33bd31f0c717b534fc9a22801a.woff
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: 7b813ea7314cb0d4837354094d04854a96d28057e6ff7c25f30abf161101489b

Request headers

Origin: https://www.aoifehillen.com
Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 07:56:16 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 google
age: 779412
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1412
timing-allow-origin: *
last-modified: Tue, 18 May 2021 07:31:28 GMT
server: Pepyaka/1.19.0
etag: "42a7cf33bd31f0c717b534fc9a22801a"
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 171722261 172885902
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/font-woff
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchIgoL5sebypSby+dtJLp+o,aVxMblM8KFG3we5NLvyVc4W04dmo5RqiFQap4IrllKMeGdLDLXwpLd0CTVHPbfOd

POST
H2 204 bt
frog.wix.com/ 0
256 B 111ms
111ms Ping
text/plain 54.175.222.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=miss,miss&dc=84&et=12&event_name=Partially%20visible&is_cached=false&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=true&iss=0&ita=1&msid=adf5d443-2e2b-4ce6-a0c2-c7ae1f603745&pid=sgtgi&pn=1&rid=request-id-placeholder&sar=1600x1200&sessionId=457a0e71-95b4-4bbe-8fba-f8774d2eb5ec&siterev=716-__siteCacheRevision__&sr=1600x1200&st=2&ts=1163&tts=1749&url=https%3A%2F%2Fwww.aoifehillen.com%2F&v=1.6692.0&vid=8043bf7c-87e7-494d-90f0-20b993101d11&bsi=f1e68558-8453-4428-9068-b9e587cb6df4|1&vsi=807c226d-570a-44a4-9685-7853bff8e6f4&wor=1600x1200&wr=1600x1200&_brandId=wix
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.222.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-222-143.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.aoifehillen.com
date: Thu, 27 May 2021 08:26:28 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST

GET
H2 200 LinkedIn.webp
static.wixstatic.com/media/6ea5b4a88f0b4f91945b40499aa0af00.png/v1/fill/w_20,h_20,al_c,q_85,usm_0.66_1.00_0.01/ 244 B
368 B 13ms
13ms Image
image/webp 34.102.176.152
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/6ea5b4a88f0b4f91945b40499aa0af00.png/v1/fill/w_20,h_20,al_c,q_85,usm_0.66_1.00_0.01/LinkedIn.webp
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.176.152 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 152.176.102.34.bc.googleusercontent.com
Software: openresty/1.17.8.2 /
Resource Hash: 7f4cbeb2e4b341bfc52fc33df72b4b5455f00ba316fe4c12f17a0c3ae0df490a

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 22:21:53 GMT
via: 1.1 google
server: openresty/1.17.8.2
age: 209075
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
trace-id: 1t090ARvplcMp3PFQUSFIOcaHse
timing-allow-origin: *
alt-svc: clear
content-length: 244
x-seen-by: image-manipulator-767c86b944-rpr4r

GET
H2 200 e6fcd9_61853d5d85c447f9a12ba7f7147b3728~mv2.webp
static.wixstatic.com/media/e6fcd9_61853d5d85c447f9a12ba7f7147b3728~mv2.jpg/v1/fill/w_720,h_680,fp_0.50_0.50,q_85,usm_0.66_1.00_0.01/ 109 KB
109 KB 546ms
546ms Image
image/webp 34.102.176.152
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/e6fcd9_61853d5d85c447f9a12ba7f7147b3728~mv2.jpg/v1/fill/w_720,h_680,fp_0.50_0.50,q_85,usm_0.66_1.00_0.01/e6fcd9_61853d5d85c447f9a12ba7f7147b3728~mv2.webp
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.176.152 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 152.176.102.34.bc.googleusercontent.com
Software: openresty/1.17.8.2 /
Resource Hash: da7d4cc72a3f57c3cb4ab76ea8a77953e82fc966d12e30a5c517efc903a24505

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:26:29 GMT
via: 1.1 google
server: openresty/1.17.8.2
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
trace-id: 1t6ym23PegmB3fwP2UB0DBy6nUM
timing-allow-origin: *
alt-svc: clear
content-length: 111204
x-seen-by: image-manipulator-767c86b944-k6cvx

GET
H3-Q050 200 reporter-api.97bce6b4.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ 28 KB
8 KB 13ms
12ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/reporter-api.97bce6b4.chunk.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: 7ea3273b175706e791f4c3d51a8ece1bfa20a5c1f1f9c94bf66c06ec27ac928d

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 07:28:27 GMT
content-encoding: br
age: 176281
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7296
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Tue, 11 May 2021 16:17:48 GMT
server: Pepyaka/1.19.0
etag: W/"5fc09002a89c558c95b9fa37bca29d9d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 458087434 445390850
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcgCoopO/YbY92dofGo6y7lA,aVxMblM8KFG3we5NLvyVc5cgOQloijuFMd72n2oFHsEeGdLDLXwpLd0CTVHPbfOd

GET
H2 200 adf5d443-2e2b-4ce6-a0c2-c7ae1f603745 Show response
www.aoifehillen.com/_api/tag-manager/api/v1/tags/sites/ 438 B
1 KB 120ms
120ms XHR
application/json 35.242.251.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aoifehillen.com/_api/tag-manager/api/v1/tags/sites/adf5d443-2e2b-4ce6-a0c2-c7ae1f603745?wixSite=false&htmlsiteId=e0eb794f-acea-45f3-a7f7-43bbcd8f21cb&language=en

Requested by

Host: static.parastorage.com
URL: https://static.parastorage.com/services/tag-manager-client/1.427.0/siteTags.bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.242.251.130 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

130.251.242.35.bc.googleusercontent.com

Software

Pepyaka/1.19.0 /

Resource Hash

a5631a904d3a31cdf27b50d39253b70f0157c17db8b130c4a16bd05b56f80afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
authorization: VL8u4MF2LCJ3YijpnmcnC29m7TKXetRv8WnW83GhbHY.eyJpbnN0YW5jZUlkIjoiYWRmNWQ0NDMtMmUyYi00Y2U2LWEwYzItYzdhZTFmNjAzNzQ1IiwiYXBwRGVmSWQiOiIyMmJlZjM0NS0zYzViLTRjMTgtYjc4Mi03NGQ0MDg1MTEyZmYiLCJtZXRhU2l0ZUlkIjoiYWRmNWQ0NDMtMmUyYi00Y2U2LWEwYzItYzdhZTFmNjAzNzQ1Iiwic2lnbkRhdGUiOiIyMDIxLTA1LTI3VDA4OjI2OjI3LjY2NloiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjgwNDNiZjdjLTg3ZTctNDk0ZC05MGYwLTIwYjk5MzEwMWQxMSIsInNpdGVPd25lcklkIjoiZTZmY2Q5ZGYtODAwOS00MWZkLWE0MmEtZjAxZGQzNThmZDM3In0
sec-fetch-dest: empty
cookie: ssr-caching=cache#desc=miss#varnish=miss#dc#desc=euw3; XSRF-TOKEN=1622103987|AaP6Fkauw7yS; hs=444037658; svSession=78739312e27aa06b58ee5cd2261cd7ca0c2e297db5625ceb8445c812aada1caa2b742506446de8f3ec4f7bf10b27fe5d1e60994d53964e647acf431e4f798bcd08e357c8e9de864d89e912989bfd12d01ad9a49e01e47e5903c4d26e79aaaf93ac598e2adbe75687572b8e7fc33c7667a96a266a494e079c1d4f2b053d2675bd456c04ffe1864211633f1f2bde812f06; bSession=f1e68558-8453-4428-9068-b9e587cb6df4|1
:path: /_api/tag-manager/api/v1/tags/sites/adf5d443-2e2b-4ce6-a0c2-c7ae1f603745?wixSite=false&htmlsiteId=e0eb794f-acea-45f3-a7f7-43bbcd8f21cb&language=en
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.aoifehillen.com
referer: https://www.aoifehillen.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.aoifehillen.com/
authorization: VL8u4MF2LCJ3YijpnmcnC29m7TKXetRv8WnW83GhbHY.eyJpbnN0YW5jZUlkIjoiYWRmNWQ0NDMtMmUyYi00Y2U2LWEwYzItYzdhZTFmNjAzNzQ1IiwiYXBwRGVmSWQiOiIyMmJlZjM0NS0zYzViLTRjMTgtYjc4Mi03NGQ0MDg1MTEyZmYiLCJtZXRhU2l0ZUlkIjoiYWRmNWQ0NDMtMmUyYi00Y2U2LWEwYzItYzdhZTFmNjAzNzQ1Iiwic2lnbkRhdGUiOiIyMDIxLTA1LTI3VDA4OjI2OjI3LjY2NloiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjgwNDNiZjdjLTg3ZTctNDk0ZC05MGYwLTIwYjk5MzEwMWQxMSIsInNpdGVPd25lcklkIjoiZTZmY2Q5ZGYtODAwOS00MWZkLWE0MmEtZjAxZGQzNThmZDM3In0
content-type: application/json

Response headers

pragma: no-cache
date: Thu, 27 May 2021 08:26:28 GMT
x-content-type-options: nosniff
x-wix-request-id: 1622103988.80317781105948946
server: Pepyaka/1.19.0
etag: W/"1b6-MOFnuAiY9mSW0eRW0CSLV6FejBE"
content-type: application/json; charset=utf-8
cache-control: no-store, no-cache
set-cookie: _wixAB3=175387#1; Max-Age=15552000; Expires=Tue, 23 Nov 2021 08:26:28 GMT; Path=/; Domain=.wix.com
content-length: 438
x-seen-by: sHU62EDOGnH2FBkJkG/Wx8EeXWsWdHrhlvbxtlynkVj8hHIDsGU3U8in4aXN4Wxi,qquldgcFrj2n046g4RNSVO41WPKnFMbc7ID/2Bjixvw=,++r5XCRb/6cYf+PEtyYPdOKWaRbM0bwZV2ba969nXhIMbtuAw/wDg0+3KDKjhri6Nof12rKOLYcjP8J3eM/+0w==,gKouDh0p8htdqjmFenzS88ewwAKdvrsjufBoVHuhwv9NG+KuK+VIZfbNzHJu0vJu,MDFDoTqjWxpWhAuWfTm+PKVeJtdKCN+h/W7ICNFtDUWMPDCEhw5DRQXx16s2zbhCYmVZ7POA2beKzFQZFrAq/Q==,gKouDh0p8htdqjmFenzS88ewwAKdvrsjufBoVHuhwv9NG+KuK+VIZfbNzHJu0vJu,u3CNwl6zAd2E01MQck4H7EscD9nBgDhf9cv9TalzRQuTzRA6xkSHdTdM1EufzDIPWIHlCalF7YnfvOr2cMPpyw==,mvxQ9qSAmY38asKjFCcmG6YaEG9zBoQL6dXTWN2OdRiFvPOMxKnlzoJsldFVLrp8dXLM2+5V3AsAX3a3dGqSTA==,w4q8mm9FnmU4emOs6psVXXIsQ3U7yVIA462Rc9B/gUGTzRA6xkSHdTdM1EufzDIPWIHlCalF7YnfvOr2cMPpyw==,tznMqpp3e1oucszW+OT1FNZ9/9ZZ2G4TjMmvssRDwIOF5uYRQ3inUpRoLlqsVK4EM6V0pU21Ta2cHeRous+gxw==,IaDuTAMGGvhXtruM6nHg6khQhIVrxzYb/LdL6ktaQQRNG+KuK+VIZfbNzHJu0vJu,Tw2AanFDQ+Wwo8Xxk6ZL7s1nFosPSACcx/dQRJ/XBuRGMSTrO+JlkR4MhG2bYGyHU2RealbeQR8EffAv6n9xJw==

GET
H3-Q050 200 animations-vendors.4f453603.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ 188 KB
42 KB 13ms
13ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/animations-vendors.4f453603.chunk.min.js
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: ed159882d15b93d186074311ad9eeff849ca1764d9e9724c6c2b5c536606c3d1

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 07:28:27 GMT
content-encoding: br
age: 176281
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42336
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Tue, 04 May 2021 08:37:37 GMT
server: Pepyaka/1.19.0
etag: W/"c6176d26aa55f1a64045bac845e9d93b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 633058269 526609254
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchIgoL5sebypSby+dtJLp+o,aVxMblM8KFG3we5NLvyVc4W04dmo5RqiFQap4IrllKMeGdLDLXwpLd0CTVHPbfOd

GET
H3-Q050 200 requirejs.min.js Show response
static.parastorage.com/unpkg/requirejs-bolt@2.3.6/ 17 KB
6 KB 13ms
12ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/unpkg/requirejs-bolt@2.3.6/requirejs.min.js
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ooi.1612f112.chunk.min.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: d5f10f852b112a514a19f2b778eef5d2d1307878757f0a24539c051831cefaf8

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 05:22:40 GMT
content-encoding: gzip
age: 702228
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6434
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Thu, 24 Jan 2019 14:24:53 GMT
server: Pepyaka/1.19.0
etag: W/"18823f6a6d208ee1e361bb266ab794d5"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 229585325 179555293
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchIgoL5sebypSby+dtJLp+o,aVxMblM8KFG3we5NLvyVc4W04dmo5RqiFQap4IrllKMeGdLDLXwpLd0CTVHPbfOd

GET
H3-Q050 200 viewerWidget.js Show response
static.parastorage.com/services/wix-vod-widget/1.1876.0/ 1 MB
320 KB 16ms
16ms Script
application/javascript 34.96.106.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-vod-widget/1.1876.0/viewerWidget.js
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/unpkg/requirejs-bolt@2.3.6/requirejs.min.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.106.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 200.106.96.34.bc.googleusercontent.com
Software: Pepyaka/1.19.0 /
Resource Hash: aa01b2179f1b220121a7cfdfefad321119a48972c3414e044b551ca3dae03f7c

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 08:01:53 GMT
content-encoding: br
age: 779075
x-cache-status: HIT
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327489
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Tue, 18 May 2021 07:33:40 GMT
server: Pepyaka/1.19.0
etag: W/"033596d63fcf7402e8298915ba8add33"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 7590201 7294208
via: 1.1 varnish (Varnish/6.0), 1.1 google
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchoi54C6DpnVZ/n22VXiXzE,aVxMblM8KFG3we5NLvyVc5BS62q8lKXA3L5tDnkA9428ZDY613cHYLbuhNMgAom1

POST
H2 204 bolt-performance
frog.wix.com/ 0
256 B 113ms
112ms Ping
text/plain 54.175.222.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://frog.wix.com/bolt-performance
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.785e3501.bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.222.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-222-143.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.aoifehillen.com
date: Thu, 27 May 2021 08:26:29 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST

GET
H2 200 get_draft Show response
e6fcd9df-8009-41fd-a42a-f01dd358fd37.htmlcomponentservice.com/ Frame 3334 625 B
532 B 268ms
175ms Document
text/html 2a00:1450:400d:802::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://e6fcd9df-8009-41fd-a42a-f01dd358fd37.htmlcomponentservice.com/get_draft?id=e6fcd9_55084b6ca8203b098d6579c33fb354a7.html
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/unpkg/react-dom@16.13.1/umd/react-dom.production.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:802::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: ac608231eb68ff291a9667d84ebbbe96edafb0639f72d44dc59509632b52d273

Request headers

:method: GET
:authority: e6fcd9df-8009-41fd-a42a-f01dd358fd37.htmlcomponentservice.com
:scheme: https
:path: /get_draft?id=e6fcd9_55084b6ca8203b098d6579c33fb354a7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.aoifehillen.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.aoifehillen.com/

Response headers

content-type: text/html; charset=UTF-8
cache-control: no-cache
content-encoding: gzip
x-cloud-trace-context: 4f8494c20ca18009c93a7e27bede5d4c
vary: Accept-Encoding
date: Thu, 27 May 2021 08:26:29 GMT
server: Google Frontend
content-length: 371

GET
H2 200 get_draft Show response
e6fcd9df-8009-41fd-a42a-f01dd358fd37.htmlcomponentservice.com/ Frame 2E5F 625 B
459 B 271ms
179ms Document
text/html 2a00:1450:400d:802::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://e6fcd9df-8009-41fd-a42a-f01dd358fd37.htmlcomponentservice.com/get_draft?id=e6fcd9_6b1de00a017425c8c51961d898c24732.html
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/unpkg/react-dom@16.13.1/umd/react-dom.production.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:802::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 1e5c1e70a9d4dc871f971e912dc476cf777d795ea72519e01975b0f5287eb928

Request headers

:method: GET
:authority: e6fcd9df-8009-41fd-a42a-f01dd358fd37.htmlcomponentservice.com
:scheme: https
:path: /get_draft?id=e6fcd9_6b1de00a017425c8c51961d898c24732.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.aoifehillen.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.aoifehillen.com/

Response headers

content-type: text/html; charset=UTF-8
cache-control: no-cache
content-encoding: gzip
x-cloud-trace-context: 556dfe367895ba3c2b85ee1ab7d0b4a8
vary: Accept-Encoding
date: Thu, 27 May 2021 08:26:29 GMT
server: Google Frontend
content-length: 370

GET
H2 200 file.webp
images-vod.wixmp.com/e6fcd9df-8009-41fd-a42a-f01dd358fd37/images/3e6345d2ed8c42a089c46b37926b18c2f002/v1/fill/w_401,h_226,q_85,usm_0.66_1.00_0.01/ 14 KB
14 KB 278ms
277ms Image
image/webp 34.117.140.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-vod.wixmp.com/e6fcd9df-8009-41fd-a42a-f01dd358fd37/images/3e6345d2ed8c42a089c46b37926b18c2f002/v1/fill/w_401,h_226,q_85,usm_0.66_1.00_0.01/file.webp
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.140.164 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 164.140.117.34.bc.googleusercontent.com
Software: nginx/1.19.10 /
Resource Hash: b0cfe1ec4b6028292899a88ecae8185de942d0520650bbe73d214196aaebad0a

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:26:29 GMT
via: 1.1 google, 1.1 google
server: nginx/1.19.10
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
trace-id: 1t6ym869pSw6gF5WbwbLZsgPDS0
alt-svc: clear
content-length: 14386
x-seen-by: image-manipulator-9d6c79b84-n66t9

GET
H2 200 file.webp
images-vod.wixmp.com/e6fcd9df-8009-41fd-a42a-f01dd358fd37/images/4e37f8b2615040eb9b12fc9b6be88ff4f001/v1/fill/w_401,h_226,q_85,usm_0.66_1.00_0.01/ 9 KB
9 KB 254ms
253ms Image
image/webp 34.117.140.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-vod.wixmp.com/e6fcd9df-8009-41fd-a42a-f01dd358fd37/images/4e37f8b2615040eb9b12fc9b6be88ff4f001/v1/fill/w_401,h_226,q_85,usm_0.66_1.00_0.01/file.webp
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.140.164 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 164.140.117.34.bc.googleusercontent.com
Software: nginx/1.19.10 /
Resource Hash: c6362aec18d0ccb9398b659e45240cd052a28051c8dbc13533c62ae8b56b02ad

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 08:26:29 GMT
via: 1.1 google, 1.1 google
server: nginx/1.19.10
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
trace-id: 1t6ym6QWahUlxAr4ljkHLGBagif
alt-svc: clear
content-length: 8964
x-seen-by: image-manipulator-9d6c79b84-ck4tf

POST
H2 204 bt
frog.wix.com/ 0
256 B 112ms
112ms Ping
text/plain 54.175.222.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=miss,miss&dc=84&et=33&event_name=page%20interactive&is_cached=false&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=true&iss=0&ita=1&msid=adf5d443-2e2b-4ce6-a0c2-c7ae1f603745&pid=sgtgi&pn=1&rid=request-id-placeholder&sar=1600x1200&sessionId=457a0e71-95b4-4bbe-8fba-f8774d2eb5ec&siterev=716-__siteCacheRevision__&sr=1600x1200&st=2&ts=1949&tts=2535&url=https%3A%2F%2Fwww.aoifehillen.com%2F&v=1.6692.0&vid=8043bf7c-87e7-494d-90f0-20b993101d11&bsi=f1e68558-8453-4428-9068-b9e587cb6df4|1&vsi=807c226d-570a-44a4-9685-7853bff8e6f4&wor=1600x1200&wr=1600x1200&_brandId=wix
Requested by: Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.222.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-222-143.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.aoifehillen.com
date: Thu, 27 May 2021 08:26:29 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST

POST
H2 204 pa
frog.wix.com/ 0
256 B 112ms
111ms Ping
text/plain 54.175.222.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://frog.wix.com/pa?_msid=adf5d443-2e2b-4ce6-a0c2-c7ae1f603745&vsi=807c226d-570a-44a4-9685-7853bff8e6f4&rid=request-id-placeholder&_av=thunderbolt-1.6692.0&isb=true&isbr=webdriver&_brandId=wix&_ms=2538&src=76&evid=1109&pid=sgtgi&pn=1&viewer=TB&pt=static&pa=editor&pti=sgtgi&uuid=e6fcd9df-8009-41fd-a42a-f01dd358fd37&url=https%3A%2F%2Fwww.aoifehillen.com%2F&ref=&bot=true&bl=en-US&pl=en-US&_visitorId=8043bf7c-87e7-494d-90f0-20b993101d11&_siteMemberId=undefined&bsi=f1e68558-8453-4428-9068-b9e587cb6df4%7C1&_lv=2.0.875&_=16221039895141
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.785e3501.bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.222.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-222-143.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.aoifehillen.com
date: Thu, 27 May 2021 08:26:29 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST

GET
H2 200 embed Show response
onedrive.live.com/ Frame F170 60 KB
21 KB 1351ms
1302ms Document
text/html 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/embed?cid=2D6FBB7E19934CD1&resid=2D6FBB7E19934CD1%21329&authkey=AEIi2YD-IJsEYj8&em=2&wdAr=1.7777777777777777

Requested by

Host: e6fcd9df-8009-41fd-a42a-f01dd358fd37.htmlcomponentservice.com
URL: https://e6fcd9df-8009-41fd-a42a-f01dd358fd37.htmlcomponentservice.com/get_draft?id=e6fcd9_55084b6ca8203b098d6579c33fb354a7.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3c65f42e71f2c92634d8f80136ad676f3b104d437c901e5bc74a5f192cf4746f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onedrive.live.com
:scheme: https
:path: /embed?cid=2D6FBB7E19934CD1&resid=2D6FBB7E19934CD1%21329&authkey=AEIi2YD-IJsEYj8&em=2&wdAr=1.7777777777777777
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e6fcd9df-8009-41fd-a42a-f01dd358fd37.htmlcomponentservice.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e6fcd9df-8009-41fd-a42a-f01dd358fd37.htmlcomponentservice.com/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
set-cookie: E=P:FyDDIOkg2Yg=:Y3MFAuk3c2mqdidIrNvtCYAGM2VtzrrygFztg9l6bjE=:F; domain=.live.com; path=/ xid=5bdb0b07-4458-416a-9788-93518104092c&&RD00155D99AA78&187; domain=.live.com; path=/ xidseq=1; domain=.live.com; path=/ LD=; domain=.live.com; expires=Thu, 27-May-2021 06:46:29 GMT; path=/ wla42=; domain=live.com; expires=Thu, 03-Jun-2021 08:26:31 GMT; path=/
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-msnserver: RD00155D99AA78
x-odwebserver: eastus0-odwebpl
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 7AEF464DABCD403EAB81D0E90C6A024E Ref B: FRAEDGE1516 Ref C: 2021-05-27T08:26:29Z
date: Thu, 27 May 2021 08:26:30 GMT

GET
H2 200 embed Show response
onedrive.live.com/ Frame D87B 60 KB
21 KB 1365ms
1325ms Document
text/html 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/embed?cid=2D6FBB7E19934CD1&resid=2D6FBB7E19934CD1%21327&authkey=AD1tbYxlE8dyKsI&em=2&wdAr=1.7777777777777777

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

21f445bc22557953299a056b0afbc24c9149bbb745ab7853d7fde7bd300415b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onedrive.live.com
:scheme: https
:path: /embed?cid=2D6FBB7E19934CD1&resid=2D6FBB7E19934CD1%21327&authkey=AD1tbYxlE8dyKsI&em=2&wdAr=1.7777777777777777
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e6fcd9df-8009-41fd-a42a-f01dd358fd37.htmlcomponentservice.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e6fcd9df-8009-41fd-a42a-f01dd358fd37.htmlcomponentservice.com/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
set-cookie: E=P:rxrEIOkg2Yg=:bRf+E9D+HW51WVFW6MspXP+XHU4NRn/EtGgsmeS6UT4=:F; domain=.live.com; path=/ xid=e0fd3c93-9e51-4b41-a52d-65040f80a519&&RD00155D99C9D0&187; domain=.live.com; path=/ xidseq=1; domain=.live.com; path=/ LD=; domain=.live.com; expires=Thu, 27-May-2021 06:46:29 GMT; path=/ wla42=; domain=live.com; expires=Thu, 03-Jun-2021 08:26:31 GMT; path=/
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-msnserver: RD00155D99C9D0
x-odwebserver: eastus0-odwebpl
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 298962B6917147599F72281228023A9E Ref B: FRAEDGE1516 Ref C: 2021-05-27T08:26:29Z
date: Thu, 27 May 2021 08:26:30 GMT

POST
H2 204 bolt-performance
frog.wix.com/ 0
256 B 115ms
115ms Ping
text/plain 54.175.222.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://frog.wix.com/bolt-performance
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.785e3501.bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.222.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-222-143.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.aoifehillen.com
date: Thu, 27 May 2021 08:26:29 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST

POST
H2 204 bolt-performance
frog.wix.com/ 0
256 B 112ms
112ms Ping
text/plain 54.175.222.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://frog.wix.com/bolt-performance
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.785e3501.bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.222.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-222-143.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.aoifehillen.com
date: Thu, 27 May 2021 08:26:30 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST

GET
H2 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame F170 85 KB
16 KB 100ms
46ms Stylesheet
text/css 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=2D6FBB7E19934CD1&resid=2D6FBB7E19934CD1%21329&authkey=AEIi2YD-IJsEYj8&em=2&wdAr=1.7777777777777777
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 May 2021 08:26:31 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53BE6E430
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6d2753fc-501e-00e6-0ad5-eb0c22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=21700419
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss2-a303a402.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame F170 169 KB
30 KB 84ms
29ms Stylesheet
text/css 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss2-a303a402.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=2D6FBB7E19934CD1&resid=2D6FBB7E19934CD1%21329&authkey=AEIi2YD-IJsEYj8&em=2&wdAr=1.7777777777777777
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 May 2021 08:26:31 GMT
content-encoding: gzip
content-md5: owOkAskXvYo3Ps40fhU7TQ==
content-length: 30548
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53C3A1C6F
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 45647edb-101e-00c8-61d5-eb8ce5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=17940813
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame D87B 85 KB
16 KB 90ms
62ms Stylesheet
text/css 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=2D6FBB7E19934CD1&resid=2D6FBB7E19934CD1%21327&authkey=AD1tbYxlE8dyKsI&em=2&wdAr=1.7777777777777777
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 May 2021 08:26:31 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53BE6E430
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6d2753fc-501e-00e6-0ad5-eb0c22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=21700419
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss2-a303a402.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame D87B 169 KB
30 KB 77ms
50ms Stylesheet
text/css 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss2-a303a402.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=2D6FBB7E19934CD1&resid=2D6FBB7E19934CD1%21327&authkey=AD1tbYxlE8dyKsI&em=2&wdAr=1.7777777777777777
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 May 2021 08:26:31 GMT
content-encoding: gzip
content-md5: owOkAskXvYo3Ps40fhU7TQ==
content-length: 30548
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53C3A1C6F
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 45647edb-101e-00c8-61d5-eb8ce5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=17940813
x-ms-version: 2009-09-19
timing-allow-origin: *

POST
H2 200 PowerPointFrame.aspx Show response
powerpoint.officeapps.live.com/p/ Frame 750C 100 KB
100 KB 105ms
52ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem

Requested by

Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1eb6c3fa0b412d0a37bb48f55682b1a0b1a648628ef0e029fdb688ffa4575aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: POST
:authority: powerpoint.officeapps.live.com
:scheme: https
:path: /p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
content-length: 231
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://onedrive.live.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onedrive.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://onedrive.live.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://onedrive.live.com/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
expires: -1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: DcLcid=ui=1033&data=1033; expires=Fri, 27-Aug-2021 08:26:31 GMT; path=/; samesite=none; secure; HttpOnly BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; path=/; samesite=none; secure; httponly PNL1-ARRAffinity=e1aad9250bd3b2e244e9fd76440b7d9d7b5519d769f5aa41db417a7e0c57c6bf;Path=/;Domain=powerpoint.officeapps.live.com; samesite=none; secure; httponly
x-correlationid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF0000AD0A
x-officeversion: 16.0.14116.40503
x-officecluster: PNL1
x-content-type-options: nosniff
content-security-policy-report-only: font-src data: c1-powerpoint-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-powerpoint-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com content.lifecycle.office.net www.microsoft.com *.youtube.com s.ytimg.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-powerpoint-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com *.officeapps.live.com https:; object-src 'self' *.youtube.com s.ytimg.com https:; child-src blob: * https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /p/reportcsp.ashx
origin-trial: Au4zhK5JVMb0jrGWoC/nSFX17KhgFgS9nCdRcMtWy7tARQA0jPaVfF3zzCT4DaZq4448HkzVzqI80llMvhQrbA4AAAB2eyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJFeHBlcmltZW50YWxKU1Byb2ZpbGVyIiwiZXhwaXJ5IjoxNjEzMzkzNTg3fQ== Arrz952Yxnelyt7ahmUhv/aFLxoVtZgV2sT0LiYNhRgGugeJ8zwea4uy5Wo6TS1LzTpZWx8roBGDr6QYEcWWZgkAAACAeyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjA1MDUyNzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
x-officefd: AM4PEPF0000840D
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-msedge-ref: Ref A: F61776D7B086451DBAC715101D97700E Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:31Z
date: Thu, 27 May 2021 08:26:30 GMT

GET
H2 200 jquery-1.7.2-39eeb07e.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame F170 92 KB
33 KB 84ms
31ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=2D6FBB7E19934CD1&resid=2D6FBB7E19934CD1%21329&authkey=AEIi2YD-IJsEYj8&em=2&wdAr=1.7777777777777777
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 May 2021 08:26:31 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53DB4CCFD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 456481ad-101e-00c8-56d5-eb8ce5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=13276318
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed_s_embed-212fe29f.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame F170 483 KB
133 KB 129ms
77ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed_s_embed-212fe29f.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=2D6FBB7E19934CD1&resid=2D6FBB7E19934CD1%21329&authkey=AEIi2YD-IJsEYj8&em=2&wdAr=1.7777777777777777
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb

Request headers

Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 May 2021 08:26:31 GMT
content-encoding: gzip
content-md5: IS/in/g30QB+g7MVI79lXQ==
content-length: 135707
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E533D8DD7F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6d2755cd-501e-00e6-20d5-eb0c22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=4995681
x-ms-version: 2009-09-19
timing-allow-origin: *

POST
H2 200 PowerPointFrame.aspx Show response
powerpoint.officeapps.live.com/p/ Frame 148F 100 KB
102 KB 68ms
48ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem

Requested by

Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

57d424110c744f98e60ea34b68244a364d24567e8c0f759b1ab66e1dd1d19291

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: POST
:authority: powerpoint.officeapps.live.com
:scheme: https
:path: /p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
content-length: 231
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://onedrive.live.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onedrive.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://onedrive.live.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://onedrive.live.com/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
expires: -1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: DcLcid=ui=1033&data=1033; expires=Fri, 27-Aug-2021 08:26:31 GMT; path=/; samesite=none; secure; HttpOnly BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; path=/; samesite=none; secure; httponly PNL1-ARRAffinity=2371d9cdcab8bf19d0bd71e84184f925e42ea90adc392d557519eace763bcab2;Path=/;Domain=powerpoint.officeapps.live.com; samesite=none; secure; httponly
x-correlationid: ee7d45cc-b4f2-432b-b319-49886f18c67e
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF0000C1DE
x-officeversion: 16.0.14116.40503
x-officecluster: PNL1
x-content-type-options: nosniff
content-security-policy-report-only: font-src data: c1-powerpoint-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-powerpoint-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com content.lifecycle.office.net www.microsoft.com *.youtube.com s.ytimg.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-powerpoint-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com *.officeapps.live.com https:; object-src 'self' *.youtube.com s.ytimg.com https:; child-src blob: * https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /p/reportcsp.ashx
origin-trial: Au4zhK5JVMb0jrGWoC/nSFX17KhgFgS9nCdRcMtWy7tARQA0jPaVfF3zzCT4DaZq4448HkzVzqI80llMvhQrbA4AAAB2eyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJFeHBlcmltZW50YWxKU1Byb2ZpbGVyIiwiZXhwaXJ5IjoxNjEzMzkzNTg3fQ== Arrz952Yxnelyt7ahmUhv/aFLxoVtZgV2sT0LiYNhRgGugeJ8zwea4uy5Wo6TS1LzTpZWx8roBGDr6QYEcWWZgkAAACAeyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjA1MDUyNzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
x-officefd: AM4PEPF00008030
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-msedge-ref: Ref A: 4205D171150E45749C53EDB9C98590EE Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:31Z
date: Thu, 27 May 2021 08:26:30 GMT

GET
H2 200 jquery-1.7.2-39eeb07e.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame D87B 92 KB
33 KB 97ms
75ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=2D6FBB7E19934CD1&resid=2D6FBB7E19934CD1%21327&authkey=AD1tbYxlE8dyKsI&em=2&wdAr=1.7777777777777777
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 May 2021 08:26:31 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53DB4CCFD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 456481ad-101e-00c8-56d5-eb8ce5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=13276318
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed_s_embed-212fe29f.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame D87B 483 KB
133 KB 70ms
49ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed_s_embed-212fe29f.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=2D6FBB7E19934CD1&resid=2D6FBB7E19934CD1%21327&authkey=AD1tbYxlE8dyKsI&em=2&wdAr=1.7777777777777777
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb

Request headers

Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 May 2021 08:26:31 GMT
content-encoding: gzip
content-md5: IS/in/g30QB+g7MVI79lXQ==
content-length: 135707
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E533D8DD7F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6d2755cd-501e-00e6-20d5-eb0c22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=4995681
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H/1.1 200
OK styleschromeless.css
c1-powerpoint-15.cdn.office.net/p/s/h989F460A59CA022F_PptResources/1033/ Frame 148F 283 KB
35 KB 301ms
10ms Stylesheet
text/css 2a02:26f0:6c00:2a3::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/h989F460A59CA022F_PptResources/1033/styleschromeless.css

Requested by

Host: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

989f460a59ca022f2e1fc9a4a497622f768d2f77dd23a7ea294f51ab97273d73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "d8b92d4f7a48d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14105.40503
X-OfficeFE: AM4PEPF00006967
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 34514
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 14 May 2021 04:33:38 GMT
X-OFFICEFD: AM4PEPF00008652
X-MSEdge-Ref: Ref A: 078E27F38D5642D88F92C348EEA7C4B7 Ref B: AM3EDGE0220 Ref C: 2021-05-16T14:36:26Z
X-UserSessionId: faf3ab11-ffb4-431a-942e-a5e5673db177
Date: Thu, 27 May 2021 08:26:31 GMT
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: faf3ab11-ffb4-431a-942e-a5e5673db177
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK MicrosoftAjax.js Show response
c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/ Frame 148F 106 KB
24 KB 280ms
18ms Script
application/javascript 2a02:26f0:6c00:2a4::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a4::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4ddc354f0f9cefbe066f62418b719e96ab7a788249dbdfc3aa570755ab5c3171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://powerpoint.officeapps.live.com
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"b135f9eaef4cd71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14105.40503
X-OfficeFE: DB5PEPF00008332
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 23714
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 19 May 2021 20:45:35 GMT
X-OFFICEFD: DB5PEPF000082D7
X-MSEdge-Ref: Ref A: 3FCF56D8249B478AA7447182C4819195 Ref B: AM3EDGE0113 Ref C: 2021-05-19T20:45:35Z
X-UserSessionId: d430721c-2998-4786-baa5-9110b75ada43
Date: Thu, 27 May 2021 08:26:31 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: d430721c-2998-4786-baa5-9110b75ada43
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK powerpointintl.js Show response
c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/1033/ Frame 148F 209 KB
56 KB 301ms
11ms Script
application/javascript 2a02:26f0:6c00:2a3::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/1033/powerpointintl.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

964f37a6f549148d0aa1d34712c6b7139e4eb15c113c1b081f49bcb33c55250d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://powerpoint.officeapps.live.com
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"06581e1ee4cd71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14105.40503
X-OfficeFE: AM4PEPF00006023
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 56424
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 19 May 2021 20:38:10 GMT
X-OFFICEFD: AM4PEPF000087E2
X-MSEdge-Ref: Ref A: CF743D32D5AB4ED3A8729911D08CFB23 Ref B: AM3EDGE0620 Ref C: 2021-05-19T20:38:10Z
X-UserSessionId: d2eef4c4-20f6-4d17-958a-9c526b734820
Date: Thu, 27 May 2021 08:26:31 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: d2eef4c4-20f6-4d17-958a-9c526b734820
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK BootView.js Show response
c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/ Frame 148F 2 MB
449 KB 286ms
11ms Script
application/javascript 2a02:26f0:6c00:2a3::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/BootView.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fd983492ecda7581f9ce22d7b0880ec353016936fb85193cf4457950cfbfdb33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://powerpoint.officeapps.live.com
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"06581e1ee4cd71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14105.40503
X-OfficeFE: AM4PEPF0000C1D5
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 458814
Cache-Control: public,max-age=31536000
X-MSEdge-Features: tasmigration015,typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 19 May 2021 20:38:10 GMT
X-OFFICEFD: AM4PEPF0000840E
X-MSEdge-Ref: Ref A: 26EBB8824C2449EDAB129EA013E3E705 Ref B: AMS04EDGE0914 Ref C: 2021-05-19T20:38:10Z
X-UserSessionId: d2eef4c4-20f6-4d17-958a-9c526b734820
Date: Thu, 27 May 2021 08:26:31 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: d2eef4c4-20f6-4d17-958a-9c526b734820
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK progress.gif
c1-officeapps-15.cdn.office.net/p/s/161411640503_resources/1033/ Frame 148F 695 B
2 KB 269ms
23ms Image
image/gif 2a02:26f0:6c00:2a4::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-officeapps-15.cdn.office.net/p/s/161411640503_resources/1033/progress.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a4::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"b5d55615f04cd71:0"
X-OfficeCluster: US4C
X-OfficeVersion: 16.0.14105.40503
X-OfficeFE: DM3PEPF00012EA4
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 695
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 19 May 2021 20:46:46 GMT
X-OFFICEFD: DM3PEPF000132AE
X-MSEdge-Ref: Ref A: 58364FAAE9544552862BBADDBD782A24 Ref B: AM3EDGE1006 Ref C: 2021-05-19T20:46:46Z
X-UserSessionId: fa0da907-e800-4883-958b-36e81a0af45d
Date: Thu, 27 May 2021 08:26:31 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-CorrelationId: fa0da907-e800-4883-958b-36e81a0af45d
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK prt.png
c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptResources/1033/ Frame 148F 13 KB
14 KB 287ms
12ms Image
image/png 2a02:26f0:6c00:2a3::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptResources/1033/prt.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"66966016f04cd71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14105.40503
X-OfficeFE: AM4PEPF0000C1DE
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 13611
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 19 May 2021 20:46:48 GMT
X-OFFICEFD: AM4PEPF000068A7
X-MSEdge-Ref: Ref A: 52AAAF6E57E34435B62C56E0097487FF Ref B: AM3EDGE0216 Ref C: 2021-05-19T20:46:48Z
X-UserSessionId: a3388288-9128-4c97-aee0-79e66396cc8e
Date: Thu, 27 May 2021 08:26:31 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: a3388288-9128-4c97-aee0-79e66396cc8e
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 148F 0
315 B 157ms
157ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14116.40503&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: ee7d45cc-b4f2-432b-b319-49886f18c67e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: MW1PEPF0000783E
x-officeversion: 16.0.14120.41018
x-officefe: MW1PEPF0000783E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: f9cee727-5491-4429-ab4b-5893ecccaba8
x-officecluster: PGTUS2
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:30 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 7D6B05BF9A3A455AB19E9FBD6E5B45B6 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:31Z

GET
H/1.1 200
OK styleschromeless.css
c1-powerpoint-15.cdn.office.net/p/s/h989F460A59CA022F_PptResources/1033/ Frame 750C 283 KB
35 KB 255ms
11ms Stylesheet
text/css 2a02:26f0:6c00:2a3::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/h989F460A59CA022F_PptResources/1033/styleschromeless.css

Requested by

Host: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

989f460a59ca022f2e1fc9a4a497622f768d2f77dd23a7ea294f51ab97273d73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "d8b92d4f7a48d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14105.40503
X-OfficeFE: AM4PEPF00006967
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 34514
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Fri, 14 May 2021 04:33:38 GMT
X-OFFICEFD: AM4PEPF00008652
X-MSEdge-Ref: Ref A: 078E27F38D5642D88F92C348EEA7C4B7 Ref B: AM3EDGE0220 Ref C: 2021-05-16T14:36:26Z
X-UserSessionId: faf3ab11-ffb4-431a-942e-a5e5673db177
Date: Thu, 27 May 2021 08:26:31 GMT
Content-Type: text/css
Access-Control-Allow-Origin: *
X-CorrelationId: faf3ab11-ffb4-431a-942e-a5e5673db177
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK MicrosoftAjax.js Show response
c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/ Frame 750C 106 KB
24 KB 238ms
24ms Script
application/javascript 2a02:26f0:6c00:2a4::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Requested by

Host: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a4::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4ddc354f0f9cefbe066f62418b719e96ab7a788249dbdfc3aa570755ab5c3171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://powerpoint.officeapps.live.com
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"b135f9eaef4cd71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14105.40503
X-OfficeFE: DB5PEPF00008332
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 23714
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 19 May 2021 20:45:35 GMT
X-OFFICEFD: DB5PEPF000082D7
X-MSEdge-Ref: Ref A: 3FCF56D8249B478AA7447182C4819195 Ref B: AM3EDGE0113 Ref C: 2021-05-19T20:45:35Z
X-UserSessionId: d430721c-2998-4786-baa5-9110b75ada43
Date: Thu, 27 May 2021 08:26:31 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: d430721c-2998-4786-baa5-9110b75ada43
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK powerpointintl.js Show response
c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/1033/ Frame 750C 209 KB
56 KB 252ms
9ms Script
application/javascript 2a02:26f0:6c00:2a3::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/1033/powerpointintl.js

Requested by

Host: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

964f37a6f549148d0aa1d34712c6b7139e4eb15c113c1b081f49bcb33c55250d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://powerpoint.officeapps.live.com
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"06581e1ee4cd71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14105.40503
X-OfficeFE: AM4PEPF00006023
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 56424
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 19 May 2021 20:38:10 GMT
X-OFFICEFD: AM4PEPF000087E2
X-MSEdge-Ref: Ref A: CF743D32D5AB4ED3A8729911D08CFB23 Ref B: AM3EDGE0620 Ref C: 2021-05-19T20:38:10Z
X-UserSessionId: d2eef4c4-20f6-4d17-958a-9c526b734820
Date: Thu, 27 May 2021 08:26:31 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: d2eef4c4-20f6-4d17-958a-9c526b734820
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK BootView.js Show response
c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/ Frame 750C 2 MB
449 KB 247ms
10ms Script
application/javascript 2a02:26f0:6c00:2a3::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/BootView.js

Requested by

Host: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fd983492ecda7581f9ce22d7b0880ec353016936fb85193cf4457950cfbfdb33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://powerpoint.officeapps.live.com
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ETag: W/"06581e1ee4cd71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14105.40503
X-OfficeFE: AM4PEPF0000C1D5
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 458814
Cache-Control: public,max-age=31536000
X-MSEdge-Features: tasmigration015,typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 19 May 2021 20:38:10 GMT
X-OFFICEFD: AM4PEPF0000840E
X-MSEdge-Ref: Ref A: 26EBB8824C2449EDAB129EA013E3E705 Ref B: AMS04EDGE0914 Ref C: 2021-05-19T20:38:10Z
X-UserSessionId: d2eef4c4-20f6-4d17-958a-9c526b734820
Date: Thu, 27 May 2021 08:26:31 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: d2eef4c4-20f6-4d17-958a-9c526b734820
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK progress.gif
c1-officeapps-15.cdn.office.net/p/s/161411640503_resources/1033/ Frame 750C 695 B
2 KB 231ms
24ms Image
image/gif 2a02:26f0:6c00:2a4::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-officeapps-15.cdn.office.net/p/s/161411640503_resources/1033/progress.gif

Requested by

Host: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a4::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"b5d55615f04cd71:0"
X-OfficeCluster: US4C
X-OfficeVersion: 16.0.14105.40503
X-OfficeFE: DM3PEPF00012EA4
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 695
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 19 May 2021 20:46:46 GMT
X-OFFICEFD: DM3PEPF000132AE
X-MSEdge-Ref: Ref A: 58364FAAE9544552862BBADDBD782A24 Ref B: AM3EDGE1006 Ref C: 2021-05-19T20:46:46Z
X-UserSessionId: fa0da907-e800-4883-958b-36e81a0af45d
Date: Thu, 27 May 2021 08:26:31 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-CorrelationId: fa0da907-e800-4883-958b-36e81a0af45d
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK prt.png
c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptResources/1033/ Frame 750C 13 KB
14 KB 248ms
12ms Image
image/png 2a02:26f0:6c00:2a3::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptResources/1033/prt.png

Requested by

Host: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"66966016f04cd71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14105.40503
X-OfficeFE: AM4PEPF0000C1DE
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 13611
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 19 May 2021 20:46:48 GMT
X-OFFICEFD: AM4PEPF000068A7
X-MSEdge-Ref: Ref A: 52AAAF6E57E34435B62C56E0097487FF Ref B: AM3EDGE0216 Ref C: 2021-05-19T20:46:48Z
X-UserSessionId: a3388288-9128-4c97-aee0-79e66396cc8e
Date: Thu, 27 May 2021 08:26:31 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: a3388288-9128-4c97-aee0-79e66396cc8e
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 750C 0
668 B 108ms
108ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14116.40503&waccluster=PNL1

Requested by

Host: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon: [{"Index":0,"MsSinceStart":0,"Value":"SessionStarted","Type":"SessionBoundary"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BN3PEPF00003BF4
x-officeversion: 16.0.14120.41018
x-officefe: BN3PEPF00003BF4
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid: 74680298-e13c-4176-8511-17ddec419f52
x-officecluster: PGTUS3
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:30 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: E64403037D2942ADA0483B226DCB218C Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:31Z

GET
H2 200 embed1-0986a9b4.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame D87B 47 KB
14 KB 32ms
24ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed1-0986a9b4.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=2D6FBB7E19934CD1&resid=2D6FBB7E19934CD1%21327&authkey=AD1tbYxlE8dyKsI&em=2&wdAr=1.7777777777777777
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547

Request headers

Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 May 2021 08:26:31 GMT
content-encoding: gzip
content-md5: CYaptDz18cVXSIKt0vWKWA==
content-length: 14119
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5332E9B80
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 45648324-101e-00c8-0cd5-eb8ce5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=17560329
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed2-8c600200.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame D87B 203 KB
68 KB 33ms
26ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed2-8c600200.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=2D6FBB7E19934CD1&resid=2D6FBB7E19934CD1%21327&authkey=AD1tbYxlE8dyKsI&em=2&wdAr=1.7777777777777777
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553

Request headers

Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 May 2021 08:26:31 GMT
content-encoding: gzip
content-md5: jGACACXYYkvx7qKc5FskXg==
content-length: 69276
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5337DDB83
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6d2756be-501e-00e6-6fd5-eb0c22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=19843401
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed0-54f3ec81.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame D87B 15 KB
6 KB 31ms
31ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed0-54f3ec81.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=2D6FBB7E19934CD1&resid=2D6FBB7E19934CD1%21327&authkey=AD1tbYxlE8dyKsI&em=2&wdAr=1.7777777777777777
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54

Request headers

Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 May 2021 08:26:31 GMT
content-encoding: gzip
content-md5: VPPsgWGZk5RDzVgXZtU7Yg==
content-length: 6057
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:53:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E532CDCC12
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b96f33ba-101e-0122-1fd5-eb35b1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=28353089
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed1-0986a9b4.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame F170 47 KB
14 KB 38ms
36ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed1-0986a9b4.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=2D6FBB7E19934CD1&resid=2D6FBB7E19934CD1%21329&authkey=AEIi2YD-IJsEYj8&em=2&wdAr=1.7777777777777777
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547

Request headers

Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 May 2021 08:26:31 GMT
content-encoding: gzip
content-md5: CYaptDz18cVXSIKt0vWKWA==
content-length: 14119
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5332E9B80
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 45648324-101e-00c8-0cd5-eb8ce5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=17560329
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed2-8c600200.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame F170 203 KB
68 KB 25ms
24ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed2-8c600200.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=2D6FBB7E19934CD1&resid=2D6FBB7E19934CD1%21329&authkey=AEIi2YD-IJsEYj8&em=2&wdAr=1.7777777777777777
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553

Request headers

Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 May 2021 08:26:31 GMT
content-encoding: gzip
content-md5: jGACACXYYkvx7qKc5FskXg==
content-length: 69276
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5337DDB83
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6d2756be-501e-00e6-6fd5-eb0c22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=19843401
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed0-54f3ec81.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame F170 15 KB
6 KB 36ms
35ms Script
application/javascript 2.16.186.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed0-54f3ec81.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=2D6FBB7E19934CD1&resid=2D6FBB7E19934CD1%21329&authkey=AEIi2YD-IJsEYj8&em=2&wdAr=1.7777777777777777
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-40.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54

Request headers

Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 May 2021 08:26:31 GMT
content-encoding: gzip
content-md5: VPPsgWGZk5RDzVgXZtU7Yg==
content-length: 6057
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:53:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E532CDCC12
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b96f33ba-101e-0122-1fd5-eb35b1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=28353089
x-ms-version: 2009-09-19
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 148F 0
299 B 138ms
134ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14116.40503&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: ee7d45cc-b4f2-432b-b319-49886f18c67e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":934,"Value":"https://c1-officeapps-15.cdn.office.net:443/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: SN3PEPF0000CF13
x-officeversion: 16.0.14120.41018
x-officefe: SN3PEPF0000CF13
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 0bb97380-7dec-4cfa-b25c-0d01ee2c4a81
x-officecluster: PGTUS5
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:31 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: E74AB7A2323140E286C6BF75DB98B45E Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:32Z

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 750C 0
266 B 99ms
98ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14116.40503&waccluster=PNL1

Requested by

Host: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon: [{"Index":1,"MsSinceStart":917,"Value":"https://c1-officeapps-15.cdn.office.net:443/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js","Type":"ResourceDownloadSuccess"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000BACE
x-officeversion: 16.0.14120.41018
x-officefe: BL6PEPF0000BACE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: 0ef4bd3a-8484-41c5-bd82-b8a522b25f86
x-officecluster: PGTUS4
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:31 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 9740ACB6718B42479CD0208CD88F72C8 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:32Z

POST
H2 200 RemoteTelemetry.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 148F 0
401 B 24ms
24ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteTelemetry.ashx

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/BootView.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF0000601A
x-officeversion: 16.0.14116.40503
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 88843cb1-daab-4126-ad99-af3aa5812444
x-officecluster: PNL1
x-usersessionid: 88843cb1-daab-4126-ad99-af3aa5812444
date: Thu, 27 May 2021 08:26:31 GMT
x-download-options: noopen
access-control-allow-origin: https://powerpoint.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: B0DDD1346DDB4585852EDCAB1E43A26D Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:32Z
timing-allow-origin: *
x-officefe: AM4PEPF0000C1D8

GET
H/1.1 404
Not Found segoeui.woff
c1-powerpoint-15.cdn.office.net/p/s/h989F460A59CA022F_PptResources/1033/ Frame 148F 0
0 150ms
148ms Font
text/html 2a02:26f0:6c00:2a3::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/h989F460A59CA022F_PptResources/1033/segoeui.woff

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/h989F460A59CA022F_PptResources/1033/styleschromeless.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://powerpoint.officeapps.live.com
Referer: https://c1-powerpoint-15.cdn.office.net/p/s/h989F460A59CA022F_PptResources/1033/styleschromeless.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-OFFICEFD: AM4PEPF00008652
X-OfficeVersion: 16.0.14116.40503
X-OfficeFE: AM4PEPF0000726A
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 1245
Server: Microsoft-IIS/10.0
X-CorrelationId: 22d48602-c82a-43e9-93a3-7958b4ca9637
X-OfficeCluster: PNL1
X-UserSessionId: 22d48602-c82a-43e9-93a3-7958b4ca9637
Date: Thu, 27 May 2021 08:26:32 GMT
Content-Type: text/html
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *

POST
H2 200 GetPresentationWithSlideById Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 148F 228 B
692 B 250ms
250ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetPresentationWithSlideById

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c977197617e0be5db64e5c1df90caaeb72517cd8e2311eef5a50f02bd8bd75f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wdZHZD7xGSim0jn81DSlmYPw2SN-RKdvOGipNVxk9DQv0cW0TYygzi6_uIvqO1ptSn3YU19BFQC31DIqK-L5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g
X-UserSessionId: ee7d45cc-b4f2-432b-b319-49886f18c67e
X-OfficeVersion: 16.0.14116.40503
X-Key: oDTPwuAIEPDQ6GxCjxUytLMRCaLXDwTvUpWC8clmu+Y=,637577007913597057
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391046
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF0000C1D8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 195
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: a2d2d7b5-757b-46a9-96fc-b48f2f50412a
x-officefd: AM4PEPF000068AB
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:32 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 70E93652CEBA450A982246F9C6132502 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:32Z
timing-allow-origin: *
expires: -1

GET
H/1.1 200
OK wapsw.png
c1-officeapps-15.cdn.office.net/p/s/161411640503_resources/1033/ Frame 148F 6 KB
7 KB 14ms
14ms Image
image/png 2a02:26f0:6c00:2a4::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-officeapps-15.cdn.office.net/p/s/161411640503_resources/1033/wapsw.png?b=1601411515001

Requested by

Host: www.aoifehillen.com
URL: https://www.aoifehillen.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a4::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "e3399ea5ee4cd71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14116.40503
X-OfficeFE: DB5PEPF0000832A
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 5884
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 19 May 2021 20:36:29 GMT
X-OFFICEFD: DB5PEPF000082A8
X-MSEdge-Ref: Ref A: AB9B8D4216324CAD96B786664926D72A Ref B: AMS04EDGE0316 Ref C: 2021-05-19T20:56:03Z
X-UserSessionId: 7078e91a-d435-4403-bb08-5bc5c1e1c160
Date: Thu, 27 May 2021 08:26:32 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: 7078e91a-d435-4403-bb08-5bc5c1e1c160
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wapsw.png
c1-officeapps-15.cdn.office.net/p/s/161411640503_resources/1033/ Frame 750C 6 KB
7 KB 10ms
7ms Image
image/png 2a02:26f0:6c00:2a4::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-officeapps-15.cdn.office.net/p/s/161411640503_resources/1033/wapsw.png?b=1601411515001

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/BootView.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a4::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "e3399ea5ee4cd71:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.14116.40503
X-OfficeFE: DB5PEPF0000832A
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 5884
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 19 May 2021 20:36:29 GMT
X-OFFICEFD: DB5PEPF000082A8
X-MSEdge-Ref: Ref A: AB9B8D4216324CAD96B786664926D72A Ref B: AMS04EDGE0316 Ref C: 2021-05-19T20:56:03Z
X-UserSessionId: 7078e91a-d435-4403-bb08-5bc5c1e1c160
Date: Thu, 27 May 2021 08:26:32 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: 7078e91a-d435-4403-bb08-5bc5c1e1c160
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteTelemetry.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 750C 0
381 B 25ms
25ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteTelemetry.ashx

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/BootView.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF000068A9
x-officeversion: 16.0.14116.40503
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_excelslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 6774b7e0-0b0f-42b5-9431-1c21cdbf422e
x-officecluster: PNL1
x-usersessionid: 6774b7e0-0b0f-42b5-9431-1c21cdbf422e
date: Thu, 27 May 2021 08:26:32 GMT
x-download-options: noopen
access-control-allow-origin: https://powerpoint.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: C0F4C1B496894A93B2912F66D953AD0F Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:32Z
timing-allow-origin: *
x-officefe: AM4PEPF0000C1D8

GET
H/1.1 404
Not Found segoeui.woff
c1-powerpoint-15.cdn.office.net/p/s/h989F460A59CA022F_PptResources/1033/ Frame 750C 0
0 220ms
219ms Font
text/html 2a02:26f0:6c00:2a3::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/h989F460A59CA022F_PptResources/1033/segoeui.woff

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/h989F460A59CA022F_PptResources/1033/styleschromeless.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://powerpoint.officeapps.live.com
Referer: https://c1-powerpoint-15.cdn.office.net/p/s/h989F460A59CA022F_PptResources/1033/styleschromeless.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-OFFICEFD: AM4PEPF000068AF
X-OfficeVersion: 16.0.14116.40503
X-OfficeFE: AM4PEPF0000AD0B
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 1245
Server: Microsoft-IIS/10.0
X-CorrelationId: 2174aa07-afaf-450f-ba3c-67ffd6ffcc60
X-OfficeCluster: PNL1
X-UserSessionId: 2174aa07-afaf-450f-ba3c-67ffd6ffcc60
Date: Thu, 27 May 2021 08:26:33 GMT
Content-Type: text/html
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *

POST
H2 200 GetPresentationWithSlideById Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 750C 228 B
465 B 293ms
292ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetPresentationWithSlideById

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c977197617e0be5db64e5c1df90caaeb72517cd8e2311eef5a50f02bd8bd75f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w_csvebN-vQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF_2gYb6aU7efHhHOmkOpsuz1e_cDeuocH_i3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg
X-UserSessionId: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
X-OfficeVersion: 16.0.14116.40503
X-Key: k+8q9a5Ei9rjjVB5UqleBoutecaMlYZgqD+n4XrV4sA=,637577007913739357
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391040
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF0000C1D8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 195
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: fd2c41da-4276-43ce-9151-e14dd7d2ed37
x-officefd: AM4PEPF000068BC
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:32 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 73E28ED81D024F1DBEB02A9DCD123C48 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:33Z
timing-allow-origin: *
expires: -1

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 750C 0
206 B 108ms
106ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14116.40503&waccluster=PNL1

Requested by

Host: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":1471,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BN3PEPF00003BFE
x-officeversion: 16.0.14120.41018
x-officefe: BN3PEPF00003BFE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 64fc7e56-06bf-4446-ab97-3edc4966d795
x-officecluster: PGTUS3
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:32 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 028FAF217BCF499BB837E8C8486D6FE5 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:33Z

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 148F 0
573 B 102ms
102ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14116.40503&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: ee7d45cc-b4f2-432b-b319-49886f18c67e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon: [{"Index":2,"MsSinceStart":1190,"Value":"SplashScreenShown","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000B72A
x-officeversion: 16.0.14120.41018
x-officefe: BL6PEPF0000B72A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: f05f57fa-f6e0-4556-b5db-7551e020bf3c
x-officecluster: PGTUS6
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:32 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: B5D208B7643D4F47B3AE399626C99D72 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:33Z

GET
BLOB 200
OK 40f6c6b9-54d0-4e2f-a074-64250ef617a4
https://powerpoint.officeapps.live.com/ Frame 148F 224 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://powerpoint.officeapps.live.com/40f6c6b9-54d0-4e2f-a074-64250ef617a4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8839a0b7ed21aeb6fe4d005e25b889f06864058b2359076672e2b825dba0d349

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 224
Content-Type: application/javascript

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame 148F 42 KB
16 KB 141ms
36ms Script
application/javascript 104.111.237.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/BootView.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 104.111.237.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-237-183.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Origin: https://powerpoint.officeapps.live.com
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:26:33 GMT
X-MSNServer: RD0003FF242117
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=50255, public
X-ODWebServer: westeurope1-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

GET
H/1.1 404
Not Found segoeui.ttf
c1-powerpoint-15.cdn.office.net/p/s/h989F460A59CA022F_PptResources/1033/ Frame 148F 0
0 160ms
159ms Font
text/html 2a02:26f0:6c00:2a3::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/h989F460A59CA022F_PptResources/1033/segoeui.ttf

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/h989F460A59CA022F_PptResources/1033/styleschromeless.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://powerpoint.officeapps.live.com
Referer: https://c1-powerpoint-15.cdn.office.net/p/s/h989F460A59CA022F_PptResources/1033/styleschromeless.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-OFFICEFD: AM4PEPF000068C7
X-OfficeVersion: 16.0.14116.40503
X-OfficeFE: AM4PEPF00006024
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 1245
Server: Microsoft-IIS/10.0
X-CorrelationId: bda1c7d0-3342-44e9-be3f-bdae4ae4dc9f
X-OfficeCluster: PNL1
X-UserSessionId: bda1c7d0-3342-44e9-be3f-bdae4ae4dc9f
Date: Thu, 27 May 2021 08:26:33 GMT
Content-Type: text/html
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *

GET
BLOB 200
OK 1ee971be-fd8b-4d8e-8008-0816c6ff5832
https://powerpoint.officeapps.live.com/ Frame 750C 224 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://powerpoint.officeapps.live.com/1ee971be-fd8b-4d8e-8008-0816c6ff5832
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8839a0b7ed21aeb6fe4d005e25b889f06864058b2359076672e2b825dba0d349

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 224
Content-Type: application/javascript

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame 750C 42 KB
16 KB 147ms
47ms Script
application/javascript 104.111.237.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/BootView.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 104.111.237.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-237-183.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Origin: https://powerpoint.officeapps.live.com
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:26:33 GMT
X-MSNServer: RD0003FF242117
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=50255, public
X-ODWebServer: westeurope1-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

POST
H2 204 bpm
frog.wix.com/ 0
256 B 122ms
122ms Ping
text/plain 54.175.222.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://frog.wix.com/bpm?_msid=adf5d443-2e2b-4ce6-a0c2-c7ae1f603745&vsi=807c226d-570a-44a4-9685-7853bff8e6f4&rid=request-id-placeholder&_av=thunderbolt-1.6692.0&isb=true&isbr=webdriver&ts=5850&tsn=6436&dc=84&caching=miss%2Cmiss&session_id=457a0e71-95b4-4bbe-8fba-f8774d2eb5ec&st=2&url=https%253A%252F%252Fwww.aoifehillen.com%252F&ish=true&pn=0&pv=true&pageId=sgtgi&isServerSide=false&is_lightbox=false&is_cached=false&is_sav_rollout=0&is_dac_rollout=0&v=1.6692.0&_brandId=wix&_ms=6437&src=72&evid=502&_=16221039934142&tti=2083&tbt=78&iframes=2&screens=6&lcp=2571&lcpSize=489600&closestId=img_comp-kaoj1asl3&lcpTag=IMG&lcpResourceType=jpg&countScripts=34&startTimeScripts=660&durationScripts=1277&mttfbScripts=15&attfbScripts=16&tbdScripts=666125&countImages=13&startTimeImages=1639&durationImages=1202&mttfbImages=38&attfbImages=152&tbdImages=162622&countFonts=4&startTimeFonts=1659&durationFonts=66&mttfbFonts=10&attfbFonts=9&tbdFonts=46110&entryType=loaded&duration=6237&ttlb=1602&dcl=1768&transferSize=101180&decodedBodySize=538835&isSsr=true&isWelcome=false&cdn=Google&visitorId=8043bf7c-87e7-494d-90f0-20b993101d11&btype=webdriver&bsi=f1e68558-8453-4428-9068-b9e587cb6df4%7C1&ssrDuration=1054&ssrTimestamp=1622103988479&microPop=euw3&isRollout=false&isPlatformLoaded=false&maybeBot=true&cls=145&countCls=1&clsId=Containersgtgi&clsTag=DIV&isMobile=false&simLH6=69&clientType=ugc&analytics=true&_visitorId=undefined&_siteMemberId=undefined&_lv=2.0.875
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.785e3501.bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.222.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-222-143.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.aoifehillen.com
date: Thu, 27 May 2021 08:26:33 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST

GET
H/1.1 404
Not Found segoeui.ttf
c1-powerpoint-15.cdn.office.net/p/s/h989F460A59CA022F_PptResources/1033/ Frame 750C 0
0 154ms
13ms Font
text/html 2a02:26f0:6c00:2a3::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/h989F460A59CA022F_PptResources/1033/segoeui.ttf

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/h989F460A59CA022F_PptResources/1033/styleschromeless.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://powerpoint.officeapps.live.com
Referer: https://c1-powerpoint-15.cdn.office.net/p/s/h989F460A59CA022F_PptResources/1033/styleschromeless.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-OFFICEFD: AM4PEPF000068C7
X-OfficeVersion: 16.0.14116.40503
X-OfficeFE: AM4PEPF00006024
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 1245
Server: Microsoft-IIS/10.0
X-CorrelationId: bda1c7d0-3342-44e9-be3f-bdae4ae4dc9f
X-OfficeCluster: PNL1
X-UserSessionId: bda1c7d0-3342-44e9-be3f-bdae4ae4dc9f
Date: Thu, 27 May 2021 08:26:33 GMT
Content-Type: text/html
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *

POST
H2 200 GetPresentationWithSlideById Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 148F 4 KB
2 KB 3069ms
3069ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetPresentationWithSlideById

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

99ab41688b6c6eb69936938eaabc8adc72574777b8b485fef0000c28eba08f52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wdZHZD7xGSim0jn81DSlmYPw2SN-RKdvOGipNVxk9DQv0cW0TYygzi6_uIvqO1ptSn3YU19BFQC31DIqK-L5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g
X-UserSessionId: ee7d45cc-b4f2-432b-b319-49886f18c67e
X-OfficeVersion: 16.0.14116.40503
X-Key: oDTPwuAIEPDQ6GxCjxUytLMRCaLXDwTvUpWC8clmu+Y=,637577007913597057
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391046
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF0000C1D8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1515
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 8442790f-9d3d-4c05-a569-9511566cde96
x-officefd: AM4PEPF00008652
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:35 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: ECD2AAA2CD1F4AF0B8241EB2AB8A72F7 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:33Z
timing-allow-origin: *
expires: -1

POST
H2 200 GetPresentationWithSlideById Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 750C 4 KB
2 KB 3829ms
3829ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetPresentationWithSlideById

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4f347aa968989a54f1e462eda5db59b22bcff8104033c55897e3e8cf97a38c2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w_csvebN-vQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF_2gYb6aU7efHhHOmkOpsuz1e_cDeuocH_i3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg
X-UserSessionId: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
X-OfficeVersion: 16.0.14116.40503
X-Key: k+8q9a5Ei9rjjVB5UqleBoutecaMlYZgqD+n4XrV4sA=,637577007913739357
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391040
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF0000C1D8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1593
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: be6d8a1d-908e-44c5-b4ce-bbc26564110a
x-officefd: AM4PEPF00007454
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:36 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: C89DB5FC13F64ED28B4E331B3D649205 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:33Z
timing-allow-origin: *
expires: -1

POST
H2 204 bolt-performance
frog.wix.com/ 0
256 B 113ms
113ms Ping
text/plain 54.175.222.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://frog.wix.com/bolt-performance
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.785e3501.bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.222.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-222-143.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.aoifehillen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.aoifehillen.com
date: Thu, 27 May 2021 08:26:33 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 148F 2 KB
3 KB 34ms
31ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&access_token=4wdZHZD7xGSim0jn81DSlmYPw2SN%2DRKdvOGipNVxk9DQv0cW0TYygzi6%5FuIvqO1ptSn3YU19BFQC31DIqK%2DL5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g&access_token_ttl=1623918391046&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjcuMjA4&usid=ee7d45cc%2Db4f2%2D432b%2Db319%2D49886f18c67e&Rid=S0%5FBG%5F348x196%2Ejpg&waccluster=PNL1&try=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

802cc9e92c6573fc2a40028ad7b8f20f279cc520c7d554efa6b592dfd34a2988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF0000C1D8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2301
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&access_token=4wdZHZD7xGSim0jn81DSlmYPw2SN%2DRKdvOGipNVxk9DQv0cW0TYygzi6%5FuIvqO1ptSn3YU19BFQC31DIqK%2DL5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g&access_token_ttl=1623918391046&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjcuMjA4S0_BG_348x196.jpg
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid: 1c0362f1-78d6-4f51-bf92-aac13c1ceb1b
x-officefd: AM4PEPF0000689F
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:35 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: DC6138F4719F47D78AEF6778DDCE0BBF Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:36Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:36 GMT

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 148F 165 KB
166 KB 62ms
60ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

06700629096ff2664a27f48994a5f7f450e0c0bae691cb7a8c8cc0b6d7fb51ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF0000C1D8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 169014
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&access_token=4wdZHZD7xGSim0jn81DSlmYPw2SN%2DRKdvOGipNVxk9DQv0cW0TYygzi6%5FuIvqO1ptSn3YU19BFQC31DIqK%2DL5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g&access_token_ttl=1623918391046&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjcuMjA4S0_1_348x196.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid: 52a2b589-3aa9-4189-887a-af5630459c4e
x-officefd: AM4PEPF000068A1
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:35 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 614DB550A2494E51B938498DA9B7BC3D Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:36Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:36 GMT

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 148F 2 KB
2 KB 31ms
30ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/BootView.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

802cc9e92c6573fc2a40028ad7b8f20f279cc520c7d554efa6b592dfd34a2988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF0000C1D8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2301
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&access_token=4wdZHZD7xGSim0jn81DSlmYPw2SN%2DRKdvOGipNVxk9DQv0cW0TYygzi6%5FuIvqO1ptSn3YU19BFQC31DIqK%2DL5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g&access_token_ttl=1623918391046&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjcuMjA4S0_BG_348x196.jpg
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: a6299072-de5e-4a57-8055-e86adf9b4127
x-officefd: AM4PEPF000068A7
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:35 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: 1209067F6F7B4A658C5944671D0EEA8D Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:36Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:36 GMT

GET
H2 202 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 148F 0
424 B 201ms
201ms Image
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/BootView.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-officefd: AM4PEPF0000689E
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF0000A840
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: c3f020c6-2980-4a35-98a0-d312822d6b5f
x-officecluster: PNL1
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:36 GMT
cache-control: private
x-msedge-ref: Ref A: EB46F94CB9504FCBB9DF68D076096A50 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:36Z
timing-allow-origin: *

GET
H/1.1 200
OK reader.calypso.js Show response
c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/ Frame 148F 334 KB
69 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:2a3::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/reader.calypso.js

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/BootView.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

23a3e2cb63ee79e19981f7d254408f06110b6fc1fc03585e811c557864e44389

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://powerpoint.officeapps.live.com
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"7df69debef4cd71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14105.40503
X-OfficeFE: AM4PEPF0000C1E5
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 69481
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 19 May 2021 20:45:36 GMT
X-OFFICEFD: AM4PEPF000068AA
X-MSEdge-Ref: Ref A: 78CC20820087404CA492E2A037F74FF0 Ref B: AMS04EDGE0610 Ref C: 2021-05-19T20:45:36Z
X-UserSessionId: a39ff8e1-9b85-4304-8bcd-7d2a22ccad93
Date: Thu, 27 May 2021 08:26:36 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: a39ff8e1-9b85-4304-8bcd-7d2a22ccad93
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wacairspaceanimationlibrary.js Show response
c1-officeapps-15.cdn.office.net/p/s/h234CAE682920AB63_App_Scripts/ Frame 148F 40 KB
7 KB 9ms
8ms Script
application/javascript 2a02:26f0:6c00:2a4::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/p/s/h234CAE682920AB63_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/BootView.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a4::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://powerpoint.officeapps.live.com
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "45ebcd1ef950d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14116.40503
X-OfficeFE: AM4PEPF0000DFB3
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 5997
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Tue, 25 May 2021 00:01:32 GMT
X-OFFICEFD: AM4PEPF000068B1
X-MSEdge-Ref: Ref A: 869AB2C2FBA641B8B1C76F0D4D891408 Ref B: AM3EDGE0318 Ref C: 2021-05-25T19:44:30Z
X-UserSessionId: da4897ac-1da9-4c97-801d-79f209cf880f
Date: Thu, 27 May 2021 08:26:36 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: da4897ac-1da9-4c97-801d-79f209cf880f
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 148F 0
607 B 132ms
132ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14116.40503&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: ee7d45cc-b4f2-432b-b319-49886f18c67e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":5458,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: SN3PEPF0000C0BE
x-officeversion: 16.0.14120.41018
x-officefe: SN3PEPF0000C0BE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: ceb3fd30-1caa-4172-89d2-13da07147c61
x-officecluster: PGTUS5
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:36 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: D709E6F7FF3C40D8A7AC33DA0E384E88 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:36Z

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 148F 228 B
724 B 296ms
296ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c977197617e0be5db64e5c1df90caaeb72517cd8e2311eef5a50f02bd8bd75f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wdZHZD7xGSim0jn81DSlmYPw2SN-RKdvOGipNVxk9DQv0cW0TYygzi6_uIvqO1ptSn3YU19BFQC31DIqK-L5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g
X-UserSessionId: ee7d45cc-b4f2-432b-b319-49886f18c67e
X-OfficeVersion: 16.0.14116.40503
X-Key: oDTPwuAIEPDQ6GxCjxUytLMRCaLXDwTvUpWC8clmu+Y=,637577007913597057
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391046
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006965
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 195
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 63a35a42-17c7-4fff-8c0a-5ada979a26d4
x-officefd: AM4PEPF0000601C
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:36 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: AB9AD822E698408096E5AB5E29DC9DB5 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:36Z
timing-allow-origin: *
expires: -1

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 148F 0
397 B 99ms
98ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14116.40503&waccluster=PNL1

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wdZHZD7xGSim0jn81DSlmYPw2SN-RKdvOGipNVxk9DQv0cW0TYygzi6_uIvqO1ptSn3YU19BFQC31DIqK-L5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g
X-UserSessionId: ee7d45cc-b4f2-432b-b319-49886f18c67e
X-OfficeVersion: 16.0.14116.40503
X-Key: oDTPwuAIEPDQ6GxCjxUytLMRCaLXDwTvUpWC8clmu+Y=,637577007913597057
X-bULS-SuppressionETag: 439427495A252223096FAA09DD2CFC570AEB6522
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1623918391046
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS4
x-officeversion: 16.0.14120.41018
x-officefe: BL6PEPF0000BACE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 439427495A252223096FAA09DD2CFC570AEB6522
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 71c5a3f1-9817-44d6-869d-a21fd340205d
x-officefd: BL6PEPF0000BACE
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:36 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: A740E70FB6C7451A97A0F94D84A6EEF2 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:36Z

GET
H/1.1 200
OK prt.png
c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptResources/1033/ Frame 148F 13 KB
14 KB 9ms
9ms Image
image/png 2a02:26f0:6c00:2a3::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptResources/1033/prt.png

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/reader.calypso.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"66966016f04cd71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14105.40503
X-OfficeFE: AM4PEPF0000C1DE
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 13611
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 19 May 2021 20:46:48 GMT
X-OFFICEFD: AM4PEPF000068A7
X-MSEdge-Ref: Ref A: 52AAAF6E57E34435B62C56E0097487FF Ref B: AM3EDGE0216 Ref C: 2021-05-19T20:46:48Z
X-UserSessionId: a3388288-9128-4c97-aee0-79e66396cc8e
Date: Thu, 27 May 2021 08:26:37 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: a3388288-9128-4c97-aee0-79e66396cc8e
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 148F 0
236 B 107ms
106ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14116.40503&waccluster=PNL1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: ee7d45cc-b4f2-432b-b319-49886f18c67e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":5459,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BN3PEPF000037F7
x-officeversion: 16.0.14120.41018
x-officefe: BN3PEPF000037F7
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: d90d1232-4cbe-4cff-b55e-4e2a90f8d224
x-officecluster: PGTUS3
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:36 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: FBE57DF129E046E9BA2B63BD4B286E5F Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:37Z

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 148F 0
244 B 106ms
106ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14116.40503&waccluster=PNL1

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wdZHZD7xGSim0jn81DSlmYPw2SN-RKdvOGipNVxk9DQv0cW0TYygzi6_uIvqO1ptSn3YU19BFQC31DIqK-L5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g
X-UserSessionId: ee7d45cc-b4f2-432b-b319-49886f18c67e
X-OfficeVersion: 16.0.14116.40503
X-Key: oDTPwuAIEPDQ6GxCjxUytLMRCaLXDwTvUpWC8clmu+Y=,637577007913597057
X-bULS-SuppressionETag: 439427495A252223096FAA09DD2CFC570AEB6522
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1623918391046
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS6
x-officeversion: 16.0.14120.41018
x-officefe: BL6PEPF0000B744
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 439427495A252223096FAA09DD2CFC570AEB6522
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: 1420cb33-8e4c-4175-92c1-0bc96218a974
x-officefd: BL6PEPF0000B744
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:36 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 58D07C7D472649AE913B20FB9EEF0191 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:37Z

GET
H/1.1 200
OK otelFullNext.min.js Show response
c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/ Frame 148F 102 KB
28 KB 11ms
10ms Script
application/javascript 2a02:26f0:6c00:2a3::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/otelFullNext.min.js

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/BootView.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9f553f430e2fc8e45625b192b1cccc849b538c19f4951909f2690039ae3a509d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://powerpoint.officeapps.live.com
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"96b75ff9f04cd71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14105.40503
X-OfficeFE: AM4PEPF00008F42
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 27938
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 19 May 2021 20:53:09 GMT
X-OFFICEFD: AM4PEPF000068BC
X-MSEdge-Ref: Ref A: 23CEB1092473422785C8CF447092D9A8 Ref B: AMS04EDGE0720 Ref C: 2021-05-19T20:53:08Z
X-UserSessionId: b160ab26-fa0e-44b2-adea-56b827798f7a
Date: Thu, 27 May 2021 08:26:37 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: b160ab26-fa0e-44b2-adea-56b827798f7a
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK ping Show response
browser.events.data.microsoft.com/ Frame 148F 4 B
334 B 183ms
43ms XHR
application/json 52.114.77.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/ping
Requested by: Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/otelFullNext.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.114.77.34 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:26:36 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://powerpoint.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 148F 4 KB
2 KB 35ms
35ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b8b405702d44273aeab8f4c6304f19892e3f0546642c1c399c785ffbd744eb16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wdZHZD7xGSim0jn81DSlmYPw2SN-RKdvOGipNVxk9DQv0cW0TYygzi6_uIvqO1ptSn3YU19BFQC31DIqK-L5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g
X-UserSessionId: ee7d45cc-b4f2-432b-b319-49886f18c67e
X-OfficeVersion: 16.0.14116.40503
X-Key: oDTPwuAIEPDQ6GxCjxUytLMRCaLXDwTvUpWC8clmu+Y=,637577007913597057
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391046
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006965
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1388
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 9e4cfa19-dc30-433b-a334-d79ce0f7f022
x-officefd: AM4PEPF000087E2
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:36 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: D15C09DCE14E45DAB843369E762387F7 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:37Z
timing-allow-origin: *
expires: -1

GET
H2 202 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 750C 0
333 B 202ms
185ms Image
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3&usid=d6b35b6e%2Dae78%2D4f21%2Db9c6%2D5b5b76c75bd2&Rid=S0%5F1%5F348x196%2Epng&waccluster=PNL1&try=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-officefd: AM4PEPF000068C8
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006965
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: 2eadcead-fc15-458f-b557-d8b2e771d0a7
x-officecluster: PNL1
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:36 GMT
cache-control: private
x-msedge-ref: Ref A: B5C19C6879E14216A01183B78AEB85C0 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:37Z
timing-allow-origin: *

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 148F 2 KB
3 KB 42ms
40ms Image
image/jpeg 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

08e45b8d109e16e1c5a7792a5a5b1aa1bd6ab720c4017e26e3ffcbe8e1076ec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006965
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2297
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&access_token=4wdZHZD7xGSim0jn81DSlmYPw2SN%2DRKdvOGipNVxk9DQv0cW0TYygzi6%5FuIvqO1ptSn3YU19BFQC31DIqK%2DL5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g&access_token_ttl=1623918391046&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjcuMjA4M18_BG_348x196.jpg
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: f46473ab-9469-452b-aa18-ce0318e50836
x-officefd: AM4PEPF0000840D
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:36 GMT
x-download-options: noopen
content-type: image/jpeg
cache-control: private
x-msedge-ref: Ref A: A9B3A13FC27B4275936D842454A5527E Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:37Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:37 GMT

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 148F 2 KB
3 KB 36ms
36ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

59d727aa6f53db9e0765b1addc20fcaaa93260772c0d48b4edace0fd449ce7f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006965
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2291
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&access_token=4wdZHZD7xGSim0jn81DSlmYPw2SN%2DRKdvOGipNVxk9DQv0cW0TYygzi6%5FuIvqO1ptSn3YU19BFQC31DIqK%2DL5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g&access_token_ttl=1623918391046&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjcuMjA4M20_1_348x196.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: aa41e142-cfab-49b6-aeb1-164f8b311d6b
x-officefd: AM4PEPF000068A9
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:36 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 8C7FA575F69C4987B05D52F55DBB3E85 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:37Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:37 GMT

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 148F 40 KB
41 KB 38ms
38ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

feb95fb64b51050428a5b622579f5e88929d0a0ea289ed9a968dc634f0c48e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006965
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 41396
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&access_token=4wdZHZD7xGSim0jn81DSlmYPw2SN%2DRKdvOGipNVxk9DQv0cW0TYygzi6%5FuIvqO1ptSn3YU19BFQC31DIqK%2DL5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g&access_token_ttl=1623918391046&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjcuMjA4SD_1_348x196.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 6858a771-1f19-43f2-9a1c-2c071209c0d2
x-officefd: AM4PEPF000068A5
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:36 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: DFA0894996644B6496A2E4A648BCE38E Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:37Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:37 GMT

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 148F 4 KB
2 KB 45ms
44ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

309ed813e0adb33ddcfc0f67a779d75f7d87b16a7f592092975cfa821cfc3b95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wdZHZD7xGSim0jn81DSlmYPw2SN-RKdvOGipNVxk9DQv0cW0TYygzi6_uIvqO1ptSn3YU19BFQC31DIqK-L5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g
X-UserSessionId: ee7d45cc-b4f2-432b-b319-49886f18c67e
X-OfficeVersion: 16.0.14116.40503
X-Key: oDTPwuAIEPDQ6GxCjxUytLMRCaLXDwTvUpWC8clmu+Y=,637577007913597057
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391046
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006965
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1556
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: a760cd86-b570-4591-b900-b4d8c986510a
x-officefd: AM4PEPF000068B6
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:36 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 4167F5317CE84CE39550247B3AB7F355 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:37Z
timing-allow-origin: *
expires: -1

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 750C 52 KB
53 KB 42ms
37ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3&usid=d6b35b6e%2Dae78%2D4f21%2Db9c6%2D5b5b76c75bd2&Rid=S0%5F1%5F348x196%2Epng&waccluster=PNL1&try=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

356e97a56d1de326e2cd19e5c9e9c1e8aece42a306f294532386e7242e046dc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006965
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 53584
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3S0_1_348x196.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: cbdefcd5-44d4-43ec-bd9c-0468569e69fc
x-officefd: AM4PEPF000068AC
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:36 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 1076D4F3582548EDB596CE2FF7035796 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:37Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:37 GMT

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 148F 60 KB
61 KB 41ms
40ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2c9277c97f1cf90d9e18c00df2df9c068002d505bd633e40da4edafb095669a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006965
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 61370
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&access_token=4wdZHZD7xGSim0jn81DSlmYPw2SN%2DRKdvOGipNVxk9DQv0cW0TYygzi6%5FuIvqO1ptSn3YU19BFQC31DIqK%2DL5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g&access_token_ttl=1623918391046&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjcuMjA4SE_1_348x196.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: b2db9650-8cd2-4a0e-a943-519ddd990107
x-officefd: AM4PEPF000068C7
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:36 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 7F088D81FF024705BF39D7372CC3703B Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:37Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:37 GMT

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 148F 4 KB
2 KB 26ms
25ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f32f89b7d9d866727b5264ffba2882177366e3360aeef5d36160b18bea676937

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wdZHZD7xGSim0jn81DSlmYPw2SN-RKdvOGipNVxk9DQv0cW0TYygzi6_uIvqO1ptSn3YU19BFQC31DIqK-L5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g
X-UserSessionId: ee7d45cc-b4f2-432b-b319-49886f18c67e
X-OfficeVersion: 16.0.14116.40503
X-Key: oDTPwuAIEPDQ6GxCjxUytLMRCaLXDwTvUpWC8clmu+Y=,637577007913597057
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391046
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006965
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1423
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: ab0c4de2-3000-4b48-aefb-e8f3491dc1d0
x-officefd: AM4PEPF000068B4
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:36 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 48BACFB3CABC42FC9161EBCFB3CE3806 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:37Z
timing-allow-origin: *
expires: -1

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 750C 52 KB
53 KB 42ms
42ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3&usid=d6b35b6e%2Dae78%2D4f21%2Db9c6%2D5b5b76c75bd2&Rid=S0%5F1%5F348x196%2Epng&waccluster=PNL1&try=1

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/BootView.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

356e97a56d1de326e2cd19e5c9e9c1e8aece42a306f294532386e7242e046dc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006965
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 53584
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3S0_1_348x196.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 7671e951-1e51-4327-b91f-c47e08abed6b
x-officefd: AM4PEPF000068C3
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:36 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: E70E0B8E2D18467CADA9921FDC19D8F2 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:37Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:37 GMT

GET
H/1.1 200
OK reader.calypso.js Show response
c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/ Frame 750C 334 KB
69 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:2a3::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/reader.calypso.js

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/BootView.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

23a3e2cb63ee79e19981f7d254408f06110b6fc1fc03585e811c557864e44389

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://powerpoint.officeapps.live.com
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"7df69debef4cd71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14105.40503
X-OfficeFE: AM4PEPF0000C1E5
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 69481
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 19 May 2021 20:45:36 GMT
X-OFFICEFD: AM4PEPF000068AA
X-MSEdge-Ref: Ref A: 78CC20820087404CA492E2A037F74FF0 Ref B: AMS04EDGE0610 Ref C: 2021-05-19T20:45:36Z
X-UserSessionId: a39ff8e1-9b85-4304-8bcd-7d2a22ccad93
Date: Thu, 27 May 2021 08:26:37 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: a39ff8e1-9b85-4304-8bcd-7d2a22ccad93
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK wacairspaceanimationlibrary.js Show response
c1-officeapps-15.cdn.office.net/p/s/h234CAE682920AB63_App_Scripts/ Frame 750C 40 KB
7 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:2a4::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-officeapps-15.cdn.office.net/p/s/h234CAE682920AB63_App_Scripts/wacairspaceanimationlibrary.js

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/BootView.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a4::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://powerpoint.officeapps.live.com
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "45ebcd1ef950d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14116.40503
X-OfficeFE: AM4PEPF0000DFB3
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 5997
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Tue, 25 May 2021 00:01:32 GMT
X-OFFICEFD: AM4PEPF000068B1
X-MSEdge-Ref: Ref A: 869AB2C2FBA641B8B1C76F0D4D891408 Ref B: AM3EDGE0318 Ref C: 2021-05-25T19:44:30Z
X-UserSessionId: da4897ac-1da9-4c97-801d-79f209cf880f
Date: Thu, 27 May 2021 08:26:37 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: da4897ac-1da9-4c97-801d-79f209cf880f
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 750C 0
610 B 106ms
106ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14116.40503&waccluster=PNL1

Requested by

Host: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon: [{"Index":3,"MsSinceStart":6342,"Value":"RecordContentDisplayed","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BL6PEPF0000B72A
x-officeversion: 16.0.14120.41018
x-officefe: BL6PEPF0000B72A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 41340eea-34f1-4b07-9652-2f536384782a
x-officecluster: PGTUS6
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:37 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 66F452A51BDC4AABA617C00F6C648FD6 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:37Z

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 750C 3 KB
2 KB 38ms
38ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

47050a6daec9fa964ce9e124d4901be456d597539468216ee2a224786cce2656

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w_csvebN-vQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF_2gYb6aU7efHhHOmkOpsuz1e_cDeuocH_i3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg
X-UserSessionId: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
X-OfficeVersion: 16.0.14116.40503
X-Key: k+8q9a5Ei9rjjVB5UqleBoutecaMlYZgqD+n4XrV4sA=,637577007913739357
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391040
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006965
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1348
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: b495d97f-b157-4eb0-9142-f96c3857dee7
x-officefd: AM4PEPF000068A8
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:36 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 7C93EE04E74843C5BF2194F86047424B Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:37Z
timing-allow-origin: *
expires: -1

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 750C 0
301 B 105ms
104ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14116.40503&waccluster=PNL1

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w_csvebN-vQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF_2gYb6aU7efHhHOmkOpsuz1e_cDeuocH_i3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg
X-UserSessionId: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
X-OfficeVersion: 16.0.14116.40503
X-Key: k+8q9a5Ei9rjjVB5UqleBoutecaMlYZgqD+n4XrV4sA=,637577007913739357
X-bULS-SuppressionETag: 439427495A252223096FAA09DD2CFC570AEB6522
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1623918391040
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS4
x-officeversion: 16.0.14120.41018
x-officefe: BL6PEPF0000BAA0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 439427495A252223096FAA09DD2CFC570AEB6522
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: e43f1983-4912-4440-ad65-e66e50c19cd3
x-officefd: BL6PEPF0000BAA0
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:37 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 31828249E7144FEFB15A148700992F66 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:37Z

GET
H/1.1 200
OK prt.png
c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptResources/1033/ Frame 750C 13 KB
14 KB 16ms
16ms Image
image/png 2a02:26f0:6c00:2a3::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptResources/1033/prt.png

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/reader.calypso.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
ETag: W/"66966016f04cd71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14105.40503
X-OfficeFE: AM4PEPF0000C1DE
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 13611
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 19 May 2021 20:46:48 GMT
X-OFFICEFD: AM4PEPF000068A7
X-MSEdge-Ref: Ref A: 52AAAF6E57E34435B62C56E0097487FF Ref B: AM3EDGE0216 Ref C: 2021-05-19T20:46:48Z
X-UserSessionId: a3388288-9128-4c97-aee0-79e66396cc8e
Date: Thu, 27 May 2021 08:26:37 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
X-CorrelationId: a3388288-9128-4c97-aee0-79e66396cc8e
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 148F 47 KB
48 KB 33ms
30ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

10beda763c8ffef18bdfb6b20e255cc854ff6be3adf287addf2b0a584c262fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006965
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 47940
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&access_token=4wdZHZD7xGSim0jn81DSlmYPw2SN%2DRKdvOGipNVxk9DQv0cW0TYygzi6%5FuIvqO1ptSn3YU19BFQC31DIqK%2DL5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g&access_token_ttl=1623918391046&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjcuMjA4SF_1_348x196.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_powerpointslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 0c4ae436-9d9a-43c3-afa3-1378751c70f9
x-officefd: AM4PEPF000068C9
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:37 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 2612145C7C344A6C89278ECDB3C7E646 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:37Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:37 GMT

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 750C 0
513 B 103ms
102ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14116.40503&waccluster=PNL1

Requested by

Host: powerpoint.officeapps.live.com
URL: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserSessionId: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-BrowserUlsBeacon: [{"Index":4,"MsSinceStart":6347,"Value":"RecordAppInteractive","Type":"BootPhaseCompleted"}]

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: BN3PEPF00003BF4
x-officeversion: 16.0.14120.41018
x-officefe: BN3PEPF00003BF4
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: fc5f60db-d9ca-4415-8d72-3d221d1619ae
x-officecluster: PGTUS3
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:37 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 9F412B64F04E463180DB635776B6933F Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:38Z

GET
H/1.1 200
OK otelFullNext.min.js Show response
c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/ Frame 750C 102 KB
28 KB 11ms
6ms Script
application/javascript 2a02:26f0:6c00:2a3::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/otelFullNext.min.js

Requested by

Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/BootView.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9f553f430e2fc8e45625b192b1cccc849b538c19f4951909f2690039ae3a509d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://powerpoint.officeapps.live.com
Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"96b75ff9f04cd71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14105.40503
X-OfficeFE: AM4PEPF00008F42
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 27938
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Wed, 19 May 2021 20:53:09 GMT
X-OFFICEFD: AM4PEPF000068BC
X-MSEdge-Ref: Ref A: 23CEB1092473422785C8CF447092D9A8 Ref B: AMS04EDGE0720 Ref C: 2021-05-19T20:53:08Z
X-UserSessionId: b160ab26-fa0e-44b2-adea-56b827798f7a
Date: Thu, 27 May 2021 08:26:38 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: b160ab26-fa0e-44b2-adea-56b827798f7a
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 750C 931 B
2 KB 59ms
58ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3&usid=d6b35b6e%2Dae78%2D4f21%2Db9c6%2D5b5b76c75bd2&Rid=M20%5F1%5F348x196%2Epng&waccluster=PNL1&try=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f55d28bc8c05dcf8cdb3160da74b71a084f1ed9a063950a96d3d7cc7e6b29231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006965
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 931
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3M20_1_348x196.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: c287a3e0-fc42-4783-97f0-bbddbacbe6bf
x-officefd: AM4PEPF000068AF
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:37 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 79F43464462145BDB9A1BA789EB0FB02 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:38Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:38 GMT

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 750C 38 KB
39 KB 39ms
39ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3&usid=d6b35b6e%2Dae78%2D4f21%2Db9c6%2D5b5b76c75bd2&Rid=S1%5F1%5F348x196%2Epng&waccluster=PNL1&try=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2b11300bd87773022916fa0f283ea9ad1af85992e062b1c212b990fa6772b0cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006965
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 39005
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3S1_1_348x196.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 08f59230-127c-4000-886a-eb7ae5ae1b36
x-officefd: AM4PEPF000068A1
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:37 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 0570402C0DE64BBA9D1262175B404C90 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:38Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:38 GMT

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 148F 4 KB
2 KB 29ms
29ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0e0bc2d20172f6d654d9adb595d1d19d5d115cbbef72750f3938660125738da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wdZHZD7xGSim0jn81DSlmYPw2SN-RKdvOGipNVxk9DQv0cW0TYygzi6_uIvqO1ptSn3YU19BFQC31DIqK-L5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g
X-UserSessionId: ee7d45cc-b4f2-432b-b319-49886f18c67e
X-OfficeVersion: 16.0.14116.40503
X-Key: oDTPwuAIEPDQ6GxCjxUytLMRCaLXDwTvUpWC8clmu+Y=,637577007913597057
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391046
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006965
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1410
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 55971dae-4d5f-458e-af73-a02c9658a1d8
x-officefd: AM4PEPF000068A9
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:37 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 1A140665B695413AA4A9048751D0E932 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:38Z
timing-allow-origin: *
expires: -1

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 750C 4 KB
2 KB 50ms
50ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

965ef2d8d9852ee04dd4c91dac3c8f82763e89ca45886e66943e5741d82ff1db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w_csvebN-vQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF_2gYb6aU7efHhHOmkOpsuz1e_cDeuocH_i3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg
X-UserSessionId: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
X-OfficeVersion: 16.0.14116.40503
X-Key: k+8q9a5Ei9rjjVB5UqleBoutecaMlYZgqD+n4XrV4sA=,637577007913739357
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391040
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006965
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1467
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 2519faeb-a6d6-49bd-8d11-7a21b9b9081b
x-officefd: AM4PEPF000068A7
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:37 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 94C90DDF697141EAAF2538C6DA7E85B0 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:38Z
timing-allow-origin: *
expires: -1

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 148F 40 KB
41 KB 46ms
45ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

57095de0cee1418da13ec6aab1b820f9b906c2347d699a43e43bd415f6049214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006965
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 41329
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&access_token=4wdZHZD7xGSim0jn81DSlmYPw2SN%2DRKdvOGipNVxk9DQv0cW0TYygzi6%5FuIvqO1ptSn3YU19BFQC31DIqK%2DL5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g&access_token_ttl=1623918391046&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjcuMjA4S10_1_348x196.png
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 7bc1f91d-351a-4703-9c65-d27fe85d7474
x-officefd: AM4PEPF000068A2
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:37 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 4C5BBFBBFA1947189A4ACDC0AFDB77A2 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:38Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:38 GMT

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 750C 44 KB
45 KB 44ms
43ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3&usid=d6b35b6e%2Dae78%2D4f21%2Db9c6%2D5b5b76c75bd2&Rid=S2%5F1%5F348x196%2Epng&waccluster=PNL1&try=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

48c31bf7490c53731e4760b41f5e023b4e41adee78200faa301cfc43790b2ff6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006965
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 45565
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3S2_1_348x196.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: 383512c0-c372-4720-be12-e52dfe930217
x-officefd: AM4PEPF00008030
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:37 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 51B50358CE014929B3503217A94F0FD0 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:38Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:38 GMT

GET
H/1.1 200
OK ping Show response
browser.events.data.microsoft.com/ Frame 750C 4 B
334 B 41ms
39ms XHR
application/json 52.114.77.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/ping
Requested by: Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/otelFullNext.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.114.77.34 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 08:26:37 GMT
Server: Microsoft-HTTPAPI/2.0
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://powerpoint.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Content-Length: 4

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 148F 4 KB
2 KB 37ms
37ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

039e2e0ba0169bd3c543f5b5868db3f7cb5a7c606ce9ac6de57b451dbcc9c418

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wdZHZD7xGSim0jn81DSlmYPw2SN-RKdvOGipNVxk9DQv0cW0TYygzi6_uIvqO1ptSn3YU19BFQC31DIqK-L5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g
X-UserSessionId: ee7d45cc-b4f2-432b-b319-49886f18c67e
X-OfficeVersion: 16.0.14116.40503
X-Key: oDTPwuAIEPDQ6GxCjxUytLMRCaLXDwTvUpWC8clmu+Y=,637577007913597057
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391046
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006965
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1362
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wordcapacity,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 850ae5e5-26e5-4e21-8c4f-2408edd853f2
x-officefd: AM4PEPF0000689E
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:37 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 2FB88131A5814E958B20A046BED46C37 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:38Z
timing-allow-origin: *
expires: -1

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 750C 4 KB
2 KB 27ms
26ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fbb608d1b37eb3991af39a15f8823acdb81c4ed982095eee61b82b88bcd015bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w_csvebN-vQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF_2gYb6aU7efHhHOmkOpsuz1e_cDeuocH_i3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg
X-UserSessionId: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
X-OfficeVersion: 16.0.14116.40503
X-Key: k+8q9a5Ei9rjjVB5UqleBoutecaMlYZgqD+n4XrV4sA=,637577007913739357
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391040
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006965
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1452
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: d801eb21-862a-44b4-a814-da11da849b8a
x-officefd: AM4PEPF000068B4
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:37 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 0A92347F60904FF882D06411651BD865 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:38Z
timing-allow-origin: *
expires: -1

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 750C 43 KB
44 KB 53ms
53ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3&usid=d6b35b6e%2Dae78%2D4f21%2Db9c6%2D5b5b76c75bd2&Rid=S3%5F1%5F348x196%2Epng&waccluster=PNL1&try=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fa8172f512d2e72c87caf45b724bdc4ccc5ae41548cb7cfcb77a3cd4ae12b034

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006965
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 44493
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3S3_1_348x196.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: b2527256-811d-4264-a5df-1f293f21207d
x-officefd: AM4PEPF0000601C
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:37 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 96100331B2F2420BB13BF347E50A5ACA Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:38Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:38 GMT

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 148F 37 KB
38 KB 30ms
30ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a70baa88f089faafaf819863b21846f05697e7c25474040d44641e3816b5fe3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006965
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 38255
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&access_token=4wdZHZD7xGSim0jn81DSlmYPw2SN%2DRKdvOGipNVxk9DQv0cW0TYygzi6%5FuIvqO1ptSn3YU19BFQC31DIqK%2DL5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g&access_token_ttl=1623918391046&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjcuMjA4S11_1_348x196.png
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_onenoteslice,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: 8c6be660-686d-48dd-8db5-2a4d76e6caa0
x-officefd: AM4PEPF00008652
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:37 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: F4F2457CFA1246118171C3A04680D60F Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:38Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:38 GMT

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 750C 228 B
546 B 201ms
201ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c977197617e0be5db64e5c1df90caaeb72517cd8e2311eef5a50f02bd8bd75f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w_csvebN-vQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF_2gYb6aU7efHhHOmkOpsuz1e_cDeuocH_i3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg
X-UserSessionId: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
X-OfficeVersion: 16.0.14116.40503
X-Key: k+8q9a5Ei9rjjVB5UqleBoutecaMlYZgqD+n4XrV4sA=,637577007913739357
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391040
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF0000746F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 195
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 9dd60aaf-790d-4740-ab1c-3f5c8e630bb2
x-officefd: AM4PEPF000068AC
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:37 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 06DA27B7C1A44318A9DA09C790AEBDCE Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:38Z
timing-allow-origin: *
expires: -1

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 148F 228 B
903 B 187ms
186ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c977197617e0be5db64e5c1df90caaeb72517cd8e2311eef5a50f02bd8bd75f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wdZHZD7xGSim0jn81DSlmYPw2SN-RKdvOGipNVxk9DQv0cW0TYygzi6_uIvqO1ptSn3YU19BFQC31DIqK-L5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g
X-UserSessionId: ee7d45cc-b4f2-432b-b319-49886f18c67e
X-OfficeVersion: 16.0.14116.40503
X-Key: oDTPwuAIEPDQ6GxCjxUytLMRCaLXDwTvUpWC8clmu+Y=,637577007913597057
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391046
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 195
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: be935965-00e3-4069-a34b-3ed56f693f5e
x-officefd: AM4PEPF000068C8
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:37 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: B59428116977418F8AB6A5F51F224189 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:38Z
timing-allow-origin: *
expires: -1

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 750C 228 B
415 B 248ms
247ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c977197617e0be5db64e5c1df90caaeb72517cd8e2311eef5a50f02bd8bd75f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w_csvebN-vQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF_2gYb6aU7efHhHOmkOpsuz1e_cDeuocH_i3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg
X-UserSessionId: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
X-OfficeVersion: 16.0.14116.40503
X-Key: k+8q9a5Ei9rjjVB5UqleBoutecaMlYZgqD+n4XrV4sA=,637577007913739357
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391040
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 195
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 176fd120-b3e5-46bc-b1d5-3d20ed8ba8ce
x-officefd: AM4PEPF000068C3
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:38 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: EE632AFADDC9418DB0DA8DF97DE3E651 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:38Z
timing-allow-origin: *
expires: -1

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 148F 4 KB
2 KB 30ms
29ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

58086c30123c639cc4c4998d3b83748f6b74c6c37202d5bd9386434d4bd9515b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wdZHZD7xGSim0jn81DSlmYPw2SN-RKdvOGipNVxk9DQv0cW0TYygzi6_uIvqO1ptSn3YU19BFQC31DIqK-L5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g
X-UserSessionId: ee7d45cc-b4f2-432b-b319-49886f18c67e
X-OfficeVersion: 16.0.14116.40503
X-Key: oDTPwuAIEPDQ6GxCjxUytLMRCaLXDwTvUpWC8clmu+Y=,637577007913597057
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391046
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1438
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_onenoteslice_control,afd_wordcapacity_2,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid: 70e8aafb-4152-4349-90b5-3c9dc68f12a8
x-officefd: AM4PEPF000068BB
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:37 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: D345C1092A504F479D4E7535E5C38376 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:38Z
timing-allow-origin: *
expires: -1

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 148F 46 KB
46 KB 81ms
80ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ca26be5008ebddc5c69ce0349719f783ddd52f7fe0bc269ca53fde54b55595aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 46669
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&access_token=4wdZHZD7xGSim0jn81DSlmYPw2SN%2DRKdvOGipNVxk9DQv0cW0TYygzi6%5FuIvqO1ptSn3YU19BFQC31DIqK%2DL5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g&access_token_ttl=1623918391046&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjcuMjA4S12_1_348x196.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 153346d2-17a6-4556-a761-1edbcff8d5f5
x-officefd: AM4PEPF000068BD
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:37 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: DADC6EC5108C48C99A72FBB490759407 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:38Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:38 GMT

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 148F 4 KB
2 KB 52ms
52ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1db642b94ecc59302b25020f0b056b414c79b193580c7bd06a8926c99832c5c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wdZHZD7xGSim0jn81DSlmYPw2SN-RKdvOGipNVxk9DQv0cW0TYygzi6_uIvqO1ptSn3YU19BFQC31DIqK-L5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g
X-UserSessionId: ee7d45cc-b4f2-432b-b319-49886f18c67e
X-OfficeVersion: 16.0.14116.40503
X-Key: oDTPwuAIEPDQ6GxCjxUytLMRCaLXDwTvUpWC8clmu+Y=,637577007913597057
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391046
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1407
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: 2e0fb215-f28d-49c5-9c91-ccb5acf4733e
x-officefd: AM4PEPF0000601C
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:38 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: FB41DCA0387445F98B5B6D2650266D6A Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:38Z
timing-allow-origin: *
expires: -1

POST
H2 200 RemoteUls.ashx Show response
powerpoint.officeapps.live.com/p/ Frame 148F 0
701 B 186ms
168ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/RemoteUls.ashx?build=16.0.14116.40503&waccluster=PNL1

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wdZHZD7xGSim0jn81DSlmYPw2SN-RKdvOGipNVxk9DQv0cW0TYygzi6_uIvqO1ptSn3YU19BFQC31DIqK-L5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g
X-UserSessionId: ee7d45cc-b4f2-432b-b319-49886f18c67e
X-OfficeVersion: 16.0.14116.40503
X-Key: oDTPwuAIEPDQ6GxCjxUytLMRCaLXDwTvUpWC8clmu+Y=,637577007913597057
X-bULS-SuppressionETag: 439427495A252223096FAA09DD2CFC570AEB6522
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1623918391046
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS1
x-officeversion: 16.0.14120.41018
x-officefe: BY3PEPF0000C90C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 439427495A252223096FAA09DD2CFC570AEB6522
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: f59e00cb-ce58-4654-957c-bfabe69cbe63
x-officefd: BY3PEPF0000C90C
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:38 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://powerpoint.officeapps.live.com
access-control-expose-headers: si, esid, X-EndSession, X-CorrelationID, X-OfficeFE, X-NewKey, X-OfficeCluster, Pid, SlideWidth, SlideHeight, ErrorCode, ErrorCategory, X-ErrorCode, X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: D05314F7D8DD43D0B9D4409A86D45CA6 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:39Z

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 148F 45 KB
46 KB 109ms
89ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2c08f0102f28378ff928a9f2333ae272791ddaaf9dd6712d029140fe091c3228

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 46560
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&access_token=4wdZHZD7xGSim0jn81DSlmYPw2SN%2DRKdvOGipNVxk9DQv0cW0TYygzi6%5FuIvqO1ptSn3YU19BFQC31DIqK%2DL5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g&access_token_ttl=1623918391046&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjcuMjA4S13_1_348x196.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 3b5ea2d2-bd7a-4f8e-8c8a-0a3f74cb672a
x-officefd: AM4PEPF000068A1
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:38 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 76A3693EC0B44E5DA5BF9C1E1E799377 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:39Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:39 GMT

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 148F 4 KB
2 KB 43ms
43ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

12acadf7be772d2954d123baabf6127b98bc02dbfafcc1e254b2d7d29064a9cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wdZHZD7xGSim0jn81DSlmYPw2SN-RKdvOGipNVxk9DQv0cW0TYygzi6_uIvqO1ptSn3YU19BFQC31DIqK-L5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g
X-UserSessionId: ee7d45cc-b4f2-432b-b319-49886f18c67e
X-OfficeVersion: 16.0.14116.40503
X-Key: oDTPwuAIEPDQ6GxCjxUytLMRCaLXDwTvUpWC8clmu+Y=,637577007913597057
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391046
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1357
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 9feba6ec-c323-476d-88d1-fcf9fd1be54a
x-officefd: AM4PEPF0000689F
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:38 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: C4DA52B728F542C68B9E4E4EE74BB8FC Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:39Z
timing-allow-origin: *
expires: -1

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 148F 35 KB
36 KB 28ms
28ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c16daeca3f5facb32ff2558718515ef499b8db159065175ee0c2ac4fb67af437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=X5YVapLVA0iZcdNRUxziQg.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 36184
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21327&access_token=4wdZHZD7xGSim0jn81DSlmYPw2SN%2DRKdvOGipNVxk9DQv0cW0TYygzi6%5FuIvqO1ptSn3YU19BFQC31DIqK%2DL5nwPW6Sb7ib3tc4ZbtIa7iFGefBlQowyvfIxin1EGSou4aYSekv5SZ2yM09eLxiNKz5g&access_token_ttl=1623918391046&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjcuMjA4S14_1_348x196.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid: a9a5171c-d688-4a01-8d00-1f6d548fac0a
x-officefd: AM4PEPF0000840D
x-usersessionid: ee7d45cc-b4f2-432b-b319-49886f18c67e
date: Thu, 27 May 2021 08:26:38 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 525E2EFDD9834458B212A39489D2DA4D Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:39Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:39 GMT

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 750C 3 KB
2 KB 30ms
29ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1662413b8ec62b7206a9064bc81526493c61bcdd70a05a93be651c404f63f73e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w_csvebN-vQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF_2gYb6aU7efHhHOmkOpsuz1e_cDeuocH_i3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg
X-UserSessionId: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
X-OfficeVersion: 16.0.14116.40503
X-Key: k+8q9a5Ei9rjjVB5UqleBoutecaMlYZgqD+n4XrV4sA=,637577007913739357
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391040
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1436
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 3b982791-c08e-4324-967d-ef0cef8ac962
x-officefd: AM4PEPF000068A7
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:38 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: F644AFDDAE73454BBDD16D4B173F8406 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:39Z
timing-allow-origin: *
expires: -1

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 750C 45 KB
46 KB 59ms
58ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3&usid=d6b35b6e%2Dae78%2D4f21%2Db9c6%2D5b5b76c75bd2&Rid=S4%5F1%5F348x196%2Epng&waccluster=PNL1&try=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1cb148e6bf281583bd651c8b25e7465e8ab4ff806dc4a626ed60615066be6bfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 46427
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3S4_1_348x196.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 23fb71cc-1228-4f0a-8ab7-163abf2ec219
x-officefd: AM4PEPF000068C7
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:38 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: E0CEB4B731384580BD6F37D53312E7F7 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:39Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:39 GMT

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 148F 24 B
381 B 177ms
45ms XHR
application/json 52.114.77.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.4.6&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,b664cab4b3f24a739be75b93b026749e-65c206a3-a985-48b4-8b50-36c56c3ce309-7201&upload-time=1622103999290&time-delta-to-apply-millis=use-collector-delta&w=2
Requested by: Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/otelFullNext.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.114.77.34 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d

Request headers

Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 27 May 2021 08:26:39 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 146
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://powerpoint.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 750C 3 KB
2 KB 32ms
31ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4211507743ce029bcbdabe06a3edf89caeeed45607fd67cf57fa4f66b8fd0426

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w_csvebN-vQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF_2gYb6aU7efHhHOmkOpsuz1e_cDeuocH_i3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg
X-UserSessionId: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
X-OfficeVersion: 16.0.14116.40503
X-Key: k+8q9a5Ei9rjjVB5UqleBoutecaMlYZgqD+n4XrV4sA=,637577007913739357
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391040
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1391
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: e4b3405f-3284-4494-bfc7-d0f3697617b9
x-officefd: AM4PEPF000068B4
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:38 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 440B9653899E46A9A31193DC212DA61A Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:39Z
timing-allow-origin: *
expires: -1

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 750C 41 KB
42 KB 33ms
31ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3&usid=d6b35b6e%2Dae78%2D4f21%2Db9c6%2D5b5b76c75bd2&Rid=S5%5F1%5F348x196%2Epng&waccluster=PNL1&try=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8d0e17f800b849592fc7a930f6837691aecd5bbeea12201d39e2a553d6c62a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 41971
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3S5_1_348x196.png
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_excelslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 4a055f0f-1e58-457c-9ed2-08de71fb33c2
x-officefd: AM4PEPF000068A2
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:38 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 3C16BC2CE41045B397A9AEFF1F11A2BE Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:39Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:39 GMT

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 750C 3 KB
2 KB 28ms
28ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a5f30f59bf40dc9b887de7626a3d6e0788801b9bd8dafcfddbe4108a32625c20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w_csvebN-vQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF_2gYb6aU7efHhHOmkOpsuz1e_cDeuocH_i3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg
X-UserSessionId: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
X-OfficeVersion: 16.0.14116.40503
X-Key: k+8q9a5Ei9rjjVB5UqleBoutecaMlYZgqD+n4XrV4sA=,637577007913739357
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391040
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1321
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 818409fd-fe1b-4b34-8f82-b5a864a11c1b
x-officefd: AM4PEPF00008652
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:38 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 751223F460D044FD82594024E3CCCC1E Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:39Z
timing-allow-origin: *
expires: -1

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 750C 38 KB
39 KB 53ms
52ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3&usid=d6b35b6e%2Dae78%2D4f21%2Db9c6%2D5b5b76c75bd2&Rid=S6%5F1%5F348x196%2Epng&waccluster=PNL1&try=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1ea9bf9ef16c3ff5dc002616dbfe82200307bd71567ced77d27d89706483f18e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 39232
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3S6_1_348x196.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice_control,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid: 81f1035c-bf73-47ae-a443-30124263722f
x-officefd: AM4PEPF00008652
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:38 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: DAEF49951B654BCAACA63037E6BFA03E Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:39Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:39 GMT

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 750C 4 KB
2 KB 29ms
28ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cf0594fed842212a074fd9cc1a2e5008abca28269e8eea7e2274a8395c711949

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w_csvebN-vQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF_2gYb6aU7efHhHOmkOpsuz1e_cDeuocH_i3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg
X-UserSessionId: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
X-OfficeVersion: 16.0.14116.40503
X-Key: k+8q9a5Ei9rjjVB5UqleBoutecaMlYZgqD+n4XrV4sA=,637577007913739357
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391040
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1499
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: be48e6a3-3dde-4168-993a-994a410d88f6
x-officefd: AM4PEPF000068BB
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:38 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 67E0CB3A39B44DD59E26CB9BE079777F Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:39Z
timing-allow-origin: *
expires: -1

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 750C 46 KB
46 KB 68ms
67ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3&usid=d6b35b6e%2Dae78%2D4f21%2Db9c6%2D5b5b76c75bd2&Rid=S7%5F1%5F348x196%2Epng&waccluster=PNL1&try=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3109b8f9632799ae634dec2092b9c40884dbc3849b42711e2d45baeffdb8753e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 47079
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3S7_1_348x196.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: a6a45ae7-3098-479e-9182-cd498d1130c3
x-officefd: AM4PEPF000068B0
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:38 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: AC418B351F4344F8A740C2253956D7BF Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:39Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:39 GMT

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 750C 3 KB
2 KB 34ms
33ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b06be9135d123d1e53f3fe61506b0f2372c25c075400f70639b7885110aa7f23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w_csvebN-vQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF_2gYb6aU7efHhHOmkOpsuz1e_cDeuocH_i3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg
X-UserSessionId: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
X-OfficeVersion: 16.0.14116.40503
X-Key: k+8q9a5Ei9rjjVB5UqleBoutecaMlYZgqD+n4XrV4sA=,637577007913739357
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391040
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1456
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: cffbd810-b310-433a-9895-7249d6b0482e
x-officefd: AM4PEPF000068C1
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:38 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 791807EEA51A4894B590BC91263586AE Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:39Z
timing-allow-origin: *
expires: -1

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 750C 40 KB
41 KB 39ms
38ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3&usid=d6b35b6e%2Dae78%2D4f21%2Db9c6%2D5b5b76c75bd2&Rid=S8%5F1%5F348x196%2Epng&waccluster=PNL1&try=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d55d5126fb8b74c69477da30ba54362aed32d1482bc854373e46c8130bfd1c97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 41462
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3S8_1_348x196.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 30aede56-9215-4a53-8644-86672a2dd4ae
x-officefd: AM4PEPF000068A9
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:38 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: F9EC39ADB81A4D6FAA8103210BD9155E Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:39Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:39 GMT

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 750C 4 KB
2 KB 29ms
29ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2853bd2a11faf694a74f238ec06b926c72fd273758818baef668fce1349281bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w_csvebN-vQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF_2gYb6aU7efHhHOmkOpsuz1e_cDeuocH_i3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg
X-UserSessionId: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
X-OfficeVersion: 16.0.14116.40503
X-Key: k+8q9a5Ei9rjjVB5UqleBoutecaMlYZgqD+n4XrV4sA=,637577007913739357
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391040
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1453
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 7b5c9257-a6c7-400d-bd11-c91131a273c1
x-officefd: AM4PEPF000068A5
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:39 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 6ECA6FFC5D72448C8CA44E610888C190 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:39Z
timing-allow-origin: *
expires: -1

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 750C 40 KB
41 KB 32ms
31ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3&usid=d6b35b6e%2Dae78%2D4f21%2Db9c6%2D5b5b76c75bd2&Rid=S9%5F1%5F348x196%2Epng&waccluster=PNL1&try=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aa80ea11af0ed2a4f48d051951d4bc98a00fee170e108fb69056085dfd85627b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 41006
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3S9_1_348x196.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: b0e20dcc-ce40-4c55-8bdb-a5a11d454336
x-officefd: AM4PEPF000068B4
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:39 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: F2FD524F77594C8B809EC4FA97C41898 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:39Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:39 GMT

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 750C 4 KB
2 KB 848ms
848ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e5c01ddd44754f82d3f7c8b075b016b34bf22302152c49286e9f2bb111df6912

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w_csvebN-vQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF_2gYb6aU7efHhHOmkOpsuz1e_cDeuocH_i3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg
X-UserSessionId: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
X-OfficeVersion: 16.0.14116.40503
X-Key: k+8q9a5Ei9rjjVB5UqleBoutecaMlYZgqD+n4XrV4sA=,637577007913739357
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391040
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1474
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: dc6d64c6-e5e4-4135-a3da-77153f60499b
x-officefd: AM4PEPF000068A8
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:39 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 1EE1733FD579461E8766444761C16D59 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:40Z
timing-allow-origin: *
expires: -1

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 750C 24 B
380 B 39ms
39ms XHR
application/json 52.114.77.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.4.6&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,b664cab4b3f24a739be75b93b026749e-65c206a3-a985-48b4-8b50-36c56c3ce309-7201&upload-time=1622104000241&time-delta-to-apply-millis=use-collector-delta&w=2
Requested by: Host: c1-powerpoint-15.cdn.office.net
URL: https://c1-powerpoint-15.cdn.office.net/p/s/161411640503_PptScripts/otelFullNext.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.114.77.34 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d

Request headers

Referer: https://powerpoint.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 27 May 2021 08:26:40 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 15
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://powerpoint.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 750C 41 KB
41 KB 40ms
40ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3&usid=d6b35b6e%2Dae78%2D4f21%2Db9c6%2D5b5b76c75bd2&Rid=S17%5F1%5F348x196%2Epng&waccluster=PNL1&try=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8b2c572f5cf2f64510986634d345241979f4c99be92cc4145823ce72340934a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 41606
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3S17_1_348x196.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_excelslice_control,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid: 4354f962-412b-4b67-b0da-0fb8a72c21cc
x-officefd: AM4PEPF000068A1
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:39 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: FA68960146374A1D81B4EF3092E190F4 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:40Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:40 GMT

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 750C 4 KB
2 KB 35ms
34ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

524cb6c3f8dc3cb062370a3f0c1011b2a664a371ead6c36f8830cb04ce1d018b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w_csvebN-vQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF_2gYb6aU7efHhHOmkOpsuz1e_cDeuocH_i3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg
X-UserSessionId: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
X-OfficeVersion: 16.0.14116.40503
X-Key: k+8q9a5Ei9rjjVB5UqleBoutecaMlYZgqD+n4XrV4sA=,637577007913739357
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391040
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1426
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_excelslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: faa3ad2d-f041-4212-bf8b-9d908111257c
x-officefd: AM4PEPF000068B4
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:40 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: E92090BFC8B346EF992CEAFAA8A6BC4C Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:40Z
timing-allow-origin: *
expires: -1

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 750C 37 KB
38 KB 30ms
29ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3&usid=d6b35b6e%2Dae78%2D4f21%2Db9c6%2D5b5b76c75bd2&Rid=S16%5F1%5F348x196%2Epng&waccluster=PNL1&try=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d8e30fb1c7e783450bf22db0dcc5126c280b8e663bdf38a63cbf13fa282a4a4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 37908
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3S16_1_348x196.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: 6025fdfb-3d42-4ac4-8a5b-b6101ed53a66
x-officefd: AM4PEPF000068B4
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:40 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 3BD0DD8AA4A642E5B9CD9D6809ED8B01 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:40Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:40 GMT

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 750C 3 KB
2 KB 27ms
27ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1ea93fb4cfea7512c4fb9b5962895eb57d998fd84024e974b2c0c9faa14e4124

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w_csvebN-vQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF_2gYb6aU7efHhHOmkOpsuz1e_cDeuocH_i3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg
X-UserSessionId: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
X-OfficeVersion: 16.0.14116.40503
X-Key: k+8q9a5Ei9rjjVB5UqleBoutecaMlYZgqD+n4XrV4sA=,637577007913739357
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391040
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1438
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: b58db30b-507f-4f1c-8a12-301bc5aebfa2
x-officefd: AM4PEPF000068AC
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:40 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 724D4A9EAB2C49C59FDC8DA36B89C700 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:41Z
timing-allow-origin: *
expires: -1

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 750C 41 KB
42 KB 55ms
54ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3&usid=d6b35b6e%2Dae78%2D4f21%2Db9c6%2D5b5b76c75bd2&Rid=S15%5F1%5F348x196%2Epng&waccluster=PNL1&try=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

001d6964cc961b750d52f901acf09a2278a1cc09eb40af63342ecbbd6342fe7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 41996
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3S15_1_348x196.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 3e826750-c27c-42e9-ba30-914306485cea
x-officefd: AM4PEPF000068A2
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:40 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: B8AA2276AE7D4F51B40DD0642B25B405 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:41Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:41 GMT

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 750C 3 KB
2 KB 28ms
28ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

80b42a8091a165df0f78b7c77bbe10e2ea5ec7c7e33aa9f3acdeef0c742b96ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w_csvebN-vQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF_2gYb6aU7efHhHOmkOpsuz1e_cDeuocH_i3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg
X-UserSessionId: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
X-OfficeVersion: 16.0.14116.40503
X-Key: k+8q9a5Ei9rjjVB5UqleBoutecaMlYZgqD+n4XrV4sA=,637577007913739357
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391040
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1433
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 0703e11f-29be-4837-a951-b484d69977c1
x-officefd: AM4PEPF0000840E
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:40 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 170D9F9C60334E769FA824FC8E421A94 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:41Z
timing-allow-origin: *
expires: -1

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 750C 44 KB
44 KB 42ms
41ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3&usid=d6b35b6e%2Dae78%2D4f21%2Db9c6%2D5b5b76c75bd2&Rid=S14%5F1%5F348x196%2Epng&waccluster=PNL1&try=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ace5f5c5cbef60396f58701ca939043d6f2589bd38cdb5c64186e2553229b02f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 44722
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3S14_1_348x196.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 7d00015f-76b7-41a2-bbe3-d977f5b04742
x-officefd: AM4PEPF000068BD
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:40 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: F23DA5E0A19E4F3BB2091FC6F268C5E6 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:41Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:41 GMT

POST
H2 404 log Show response
onedrive.live.com/ Frame F170 77 KB
77 KB 133ms
133ms XHR
text/html 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/log

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=2D6FBB7E19934CD1&resid=2D6FBB7E19934CD1%21329&authkey=AEIi2YD-IJsEYj8&em=2&wdAr=1.7777777777777777

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

96bb8781a6adbbe6f0f3e78dbc5abe484da42a787c768fce66b4839eb0021b94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onedrive.live.com/embed?cid=2D6FBB7E19934CD1&resid=2D6FBB7E19934CD1%21329&authkey=AEIi2YD-IJsEYj8&em=2&wdAr=1.7777777777777777
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
x-msnserver: RD00155D995E82
x-content-type-options: nosniff
x-msedge-ref: Ref A: C5A3071C02DB449EBC19379C415578F4 Ref B: FRAEDGE1516 Ref C: 2021-05-27T08:26:41Z
x-odwebserver: eastus0-odwebpl
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
date: Thu, 27 May 2021 08:26:41 GMT
content-length: 78802
expires: -1

POST
H2 404 log Show response
onedrive.live.com/ Frame D87B 77 KB
77 KB 144ms
144ms XHR
text/html 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/log

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=2D6FBB7E19934CD1&resid=2D6FBB7E19934CD1%21327&authkey=AD1tbYxlE8dyKsI&em=2&wdAr=1.7777777777777777

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

073076407d46c945d0f8a92c48d9fd04675b0c9dbabc5593457caf8e370a14d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://onedrive.live.com/embed?cid=2D6FBB7E19934CD1&resid=2D6FBB7E19934CD1%21327&authkey=AD1tbYxlE8dyKsI&em=2&wdAr=1.7777777777777777
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
x-msnserver: RD00155D9977ED
x-content-type-options: nosniff
x-msedge-ref: Ref A: C65AD58468984D6C8B619C892D4DE630 Ref B: FRAEDGE1516 Ref C: 2021-05-27T08:26:41Z
x-odwebserver: eastus0-odwebpl
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
date: Thu, 27 May 2021 08:26:41 GMT
content-length: 78785
expires: -1

POST
H2 200 GetSlide Show response
powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/ Frame 750C 3 KB
2 KB 79ms
79ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerpoint.officeapps.live.com/p/ppt/view.svc/jsonAnonymous/GetSlide

Requested by

Host: c1-officeapps-15.cdn.office.net
URL: https://c1-officeapps-15.cdn.office.net/p/s/h4DDC354F0F9CEFBE_App_Scripts/MicrosoftAjax.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0599a51bef14427fb7ec69d1a86715eb470bad5a5839c32b6e40c4c50639a1eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4w_csvebN-vQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF_2gYb6aU7efHhHOmkOpsuz1e_cDeuocH_i3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg
X-UserSessionId: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
X-OfficeVersion: 16.0.14116.40503
X-Key: k+8q9a5Ei9rjjVB5UqleBoutecaMlYZgqD+n4XrV4sA=,637577007913739357
Content-Type: application/json; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1623918391040
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1380
x-cache: CONFIG_NOCACHE
pragma: no-cache
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: ead7be78-d7a4-4ea7-b16a-dfb9bef78aca
x-officefd: AM4PEPF000087E2
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:40 GMT
x-download-options: noopen
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store
x-msedge-ref: Ref A: 6F143F7991CD49309D03D78348E8E685 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:41Z
timing-allow-origin: *
expires: -1

GET
H2 200 imagehandler.ashx
powerpoint.officeapps.live.com/p/ Frame 750C 42 KB
42 KB 69ms
68ms Image
image/png 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerpoint.officeapps.live.com/p/imagehandler.ashx?PV=6&PF=3&WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3&usid=d6b35b6e%2Dae78%2D4f21%2Db9c6%2D5b5b76c75bd2&Rid=S13%5F1%5F348x196%2Epng&waccluster=PNL1&try=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

94f2446ad9e97c27ee1e631cad14c571545f42827d287e079419f8782808d9b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerpoint.officeapps.live.com/p/PowerPointFrame.aspx?PowerPointView=ChromelessView&Embed=1&ui=en-US&rs=en-US&hid=w6+41sDiYkWIYc2XYFw8qA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&wdAr=1.7777777777777777&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14116.40503
x-officefe: AM4PEPF00006967
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 42671
etag: WOPIsrc=https%3A%2F%2Fwopi%2Eonedrive%2Ecom%2Fwopi%2Ffiles%2F2D6FBB7E19934CD1%21329&access_token=4w%5FcsvebN%2DvQacynfJM7l7NAAjylSuSUGSxFeOvlIBw6D7u8llIS0XC1nTEKyeegUQz38Cj8bw7DxZsHcurF%5F2gYb6aU7efHhHOmkOpsuz1e%5FcDeuocH%5Fi3rAB5jYgmAfxVdM7wNYZINcmm7mRFQtkNg&access_token_ttl=1623918391040&z=aMkQ2RkJCN0UxOTkzNENEMSEzMjkuMzk3S13_1_348x196.png
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: f2080dfb-da10-4939-8898-3110fbb179b8
x-officefd: AM4PEPF00007454
x-usersessionid: d6b35b6e-ae78-4f21-b9c6-5b5b76c75bd2
date: Thu, 27 May 2021 08:26:40 GMT
x-download-options: noopen
content-type: image/png
cache-control: private
x-msedge-ref: Ref A: 83A358AD82BD43AC88241545AFFB5666 Ref B: AMS04EDGE0907 Ref C: 2021-05-27T08:26:41Z
timing-allow-origin: *
expires: Fri, 27 May 2022 08:26:41 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			powerpoint.officeapps.live.com/	1969-12-31 23:59:59	Name: BIGipCookie Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
			.powerpoint.officeapps.live.com/	1969-12-31 23:59:59	Name: PNL1-ARRAffinity Value: 011cdf0ef0b59312599a8c83e632dd0300bc554001ce8961b96f30b67af2c80f

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=120
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aoifehillen.com
browser.events.data.microsoft.com
c1-officeapps-15.cdn.office.net
c1-powerpoint-15.cdn.office.net
e6fcd9df-8009-41fd-a42a-f01dd358fd37.htmlcomponentservice.com
fonts.gstatic.com
frog.wix.com
i.ytimg.com
images-vod.wixmp.com
js.live.net
onedrive.live.com
powerpoint.officeapps.live.com
siteassets.parastorage.com
spoprod-a.akamaihd.net
static.parastorage.com
static.wixstatic.com
www.aoifehillen.com
104.111.237.183
13.107.42.13
185.230.63.107
2.16.186.40
2620:1ec:a92::171
2a00:1450:4001:809::2003
2a00:1450:4001:828::2016
2a00:1450:400d:802::2013
2a02:26f0:6c00:2a3::4b36
2a02:26f0:6c00:2a4::4b36
34.102.176.152
34.117.140.164
34.96.106.200
35.242.251.130
52.114.77.34
54.175.222.143
001d6964cc961b750d52f901acf09a2278a1cc09eb40af63342ecbbd6342fe7f
039e2e0ba0169bd3c543f5b5868db3f7cb5a7c606ce9ac6de57b451dbcc9c418
0599a51bef14427fb7ec69d1a86715eb470bad5a5839c32b6e40c4c50639a1eb
06700629096ff2664a27f48994a5f7f450e0c0bae691cb7a8c8cc0b6d7fb51ad
073076407d46c945d0f8a92c48d9fd04675b0c9dbabc5593457caf8e370a14d7
089881fd26c7b891972da420809f411ab4fa0f2b5f0a57f35e56d2a9855d75f5
08e45b8d109e16e1c5a7792a5a5b1aa1bd6ab720c4017e26e3ffcbe8e1076ec8
09d2c318a76a940635ebba08783505f748eaf7d28cae6d319bea4a146557913b
09e17dfc0f3ee136f965092891346b63f86837b99dd4747783d115d019a47fa7
0bbf7c7615d77464b08670fc6a916821689147153b57a7e431442081a0e72931
0ddce0e617794fd30b60e5c829fe12b9d7eeba14e561e7d89da5fcaf2fe900c3
0e0bc2d20172f6d654d9adb595d1d19d5d115cbbef72750f3938660125738da7
10beda763c8ffef18bdfb6b20e255cc854ff6be3adf287addf2b0a584c262fd3
12acadf7be772d2954d123baabf6127b98bc02dbfafcc1e254b2d7d29064a9cf
1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e
1662413b8ec62b7206a9064bc81526493c61bcdd70a05a93be651c404f63f73e
17a4345a63ca25c62e6fd06ead5de07c8106c71bfd286c4d8dd58f6f97e2e4f5
1cb148e6bf281583bd651c8b25e7465e8ab4ff806dc4a626ed60615066be6bfe
1db642b94ecc59302b25020f0b056b414c79b193580c7bd06a8926c99832c5c3
1e5c1e70a9d4dc871f971e912dc476cf777d795ea72519e01975b0f5287eb928
1ea93fb4cfea7512c4fb9b5962895eb57d998fd84024e974b2c0c9faa14e4124
1ea9bf9ef16c3ff5dc002616dbfe82200307bd71567ced77d27d89706483f18e
1eb6c3fa0b412d0a37bb48f55682b1a0b1a648628ef0e029fdb688ffa4575aed
21f445bc22557953299a056b0afbc24c9149bbb745ab7853d7fde7bd300415b7
234cae682920ab63f3184948f1e4103b89201a274977ed31097b844cc323afa1
23a3e2cb63ee79e19981f7d254408f06110b6fc1fc03585e811c557864e44389
24fcc4f2835c1b75536fea9222a1569feba63109bc0da1187dc42bffe38158f7
26fd54ade7e147a1ab241bf0a57264d2a0a3e706868f03377910098717bd93c4
2853bd2a11faf694a74f238ec06b926c72fd273758818baef668fce1349281bb
2b11300bd87773022916fa0f283ea9ad1af85992e062b1c212b990fa6772b0cd
2b92a91765a1b59363195c0b8e10ce21525c551d43fec8e801aaa096f081f313
2c08f0102f28378ff928a9f2333ae272791ddaaf9dd6712d029140fe091c3228
2c9277c97f1cf90d9e18c00df2df9c068002d505bd633e40da4edafb095669a0
2d1735a3af3a220ca5770776c2f2999413bfa1bf2e71a924847bd987c7a3db5d
309ed813e0adb33ddcfc0f67a779d75f7d87b16a7f592092975cfa821cfc3b95
3109b8f9632799ae634dec2092b9c40884dbc3849b42711e2d45baeffdb8753e
33ee10ef8b921b7d8cbe871fa5e6c81af28f815a0d618fa819642f3b35243b9f
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
356e97a56d1de326e2cd19e5c9e9c1e8aece42a306f294532386e7242e046dc9
3884ddca442a1fd6ee1952fc3d9c0c43a3863a0d3b5e21375076ad74a849b72e
390577d35c959ffe7dd2af4519c04410a04fdc4a433b151e27b049fc4a1ab3e9
3bed91d014766e341d0bf574061e3e67993ac8409b3b900d028e3083a16c3dab
3c65f42e71f2c92634d8f80136ad676f3b104d437c901e5bc74a5f192cf4746f
4211507743ce029bcbdabe06a3edf89caeeed45607fd67cf57fa4f66b8fd0426
47050a6daec9fa964ce9e124d4901be456d597539468216ee2a224786cce2656
4795a1c2517089e4df569afd77c04e949139cf299c87f012b894fccf91df4594
48c31bf7490c53731e4760b41f5e023b4e41adee78200faa301cfc43790b2ff6
4954d47aec6d06321b97bf93d1c573762b90bcbda1d366f3b587f41e2a292650
49f5cd81bdfa181e92c526573e4511c8e7a0ba609eb76c1b8a836af359746f7c
4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553
4ddc354f0f9cefbe066f62418b719e96ab7a788249dbdfc3aa570755ab5c3171
4f347aa968989a54f1e462eda5db59b22bcff8104033c55897e3e8cf97a38c2f
51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d
524cb6c3f8dc3cb062370a3f0c1011b2a664a371ead6c36f8830cb04ce1d018b
55e35a1415438685f71fe809dfb0e94ff9d3b994dd8d8ae8f7206bb878d59a84
57095de0cee1418da13ec6aab1b820f9b906c2347d699a43e43bd415f6049214
57d424110c744f98e60ea34b68244a364d24567e8c0f759b1ab66e1dd1d19291
58086c30123c639cc4c4998d3b83748f6b74c6c37202d5bd9386434d4bd9515b
59d727aa6f53db9e0765b1addc20fcaaa93260772c0d48b4edace0fd449ce7f5
5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb
5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c
62e13e8c0c66c75118c08dec86854467dcd920372dcc0e21f60f6b1d1895e167
6a5e82c72f803be166337a1e6a751189cee9c0aed878d563606af7a23ccb0705
6b6b44f0e6523913a5a26392ab7f95ee1fb028a7593676ebc12ecb9c6ff7ce69
6f5db1c4232abaf08194310d536967987e69c5a9c1575d6f6fc7c307f1839475
7225e597b529ca1e9a90fb49b03fa9e57862cff2edc05714b857cae47ffdc905
797469bc16a9eb4a5f82cc2e26c8e53768e6221958343c668c80d5429b6914fa
7ad67c5f455f9d2dd9d47779912847501d9fe448230bdb59d64a4db5e92aca2b
7b813ea7314cb0d4837354094d04854a96d28057e6ff7c25f30abf161101489b
7c47ad8944a0c9fb6c7b6deaba4f2c3ce90ff8ae5f8b5446facdd9d5b649874e
7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
7ea3273b175706e791f4c3d51a8ece1bfa20a5c1f1f9c94bf66c06ec27ac928d
7f4cbeb2e4b341bfc52fc33df72b4b5455f00ba316fe4c12f17a0c3ae0df490a
802cc9e92c6573fc2a40028ad7b8f20f279cc520c7d554efa6b592dfd34a2988
80b42a8091a165df0f78b7c77bbe10e2ea5ec7c7e33aa9f3acdeef0c742b96ee
8336ab02e289f0a53587d36be6e7cb8a4bbc20e222a9c0492b8fd41c572ae5a0
866b77f72e93a18db4cecb3d9c2383d93389a933952a36bffbdc66d559ef9193
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8839a0b7ed21aeb6fe4d005e25b889f06864058b2359076672e2b825dba0d349
8b2c572f5cf2f64510986634d345241979f4c99be92cc4145823ce72340934a7
8d0e17f800b849592fc7a930f6837691aecd5bbeea12201d39e2a553d6c62a00
929047fe7031389f8d6995cefbdff6eeff9174dcb7bdcbeb6ec59fd7bedd9a65
94f2446ad9e97c27ee1e631cad14c571545f42827d287e079419f8782808d9b9
964f37a6f549148d0aa1d34712c6b7139e4eb15c113c1b081f49bcb33c55250d
965ef2d8d9852ee04dd4c91dac3c8f82763e89ca45886e66943e5741d82ff1db
96bb8781a6adbbe6f0f3e78dbc5abe484da42a787c768fce66b4839eb0021b94
989f460a59ca022f2e1fc9a4a497622f768d2f77dd23a7ea294f51ab97273d73
99ab41688b6c6eb69936938eaabc8adc72574777b8b485fef0000c28eba08f52
9f553f430e2fc8e45625b192b1cccc849b538c19f4951909f2690039ae3a509d
a055462e069ab37c3c269bf8b80c7c1aafa72b7d2f0b7699833f87558b06a0cc
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
a5631a904d3a31cdf27b50d39253b70f0157c17db8b130c4a16bd05b56f80afc
a5dc0d4aa3ec2383971c4a92d1257ee6245153474e978402c920c33ec3091096
a5f30f59bf40dc9b887de7626a3d6e0788801b9bd8dafcfddbe4108a32625c20
a70baa88f089faafaf819863b21846f05697e7c25474040d44641e3816b5fe3c
aa01b2179f1b220121a7cfdfefad321119a48972c3414e044b551ca3dae03f7c
aa80ea11af0ed2a4f48d051951d4bc98a00fee170e108fb69056085dfd85627b
ac608231eb68ff291a9667d84ebbbe96edafb0639f72d44dc59509632b52d273
ace5f5c5cbef60396f58701ca939043d6f2589bd38cdb5c64186e2553229b02f
ad862be01b6e73d60ab2e7d8f2347731198d611004364bf9deb028340b8037ac
b06be9135d123d1e53f3fe61506b0f2372c25c075400f70639b7885110aa7f23
b0cfe1ec4b6028292899a88ecae8185de942d0520650bbe73d214196aaebad0a
b0e9a314c4d9cf612703c4d6f265f2ffcb2374ffafb93d779d75646c361d17d9
b639eecc5e632284f25af9b4152a97bd0c72aa41f627a5b33592ff6ccb20655f
b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547
b8b405702d44273aeab8f4c6304f19892e3f0546642c1c399c785ffbd744eb16
bc5b7797e8a595e365c1385b0d47683d3a85f3533c58d499659b771c48ec6d25
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
bec66c71587db3476e44fc93c747cf05631607b2f47d5679e93dfb3b529d9cd8
c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54
c16daeca3f5facb32ff2558718515ef499b8db159065175ee0c2ac4fb67af437
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c6362aec18d0ccb9398b659e45240cd052a28051c8dbc13533c62ae8b56b02ad
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c9486f126615859fc61ac84840a02b2efc920d287a71d99d708c74b2947750fe
c977197617e0be5db64e5c1df90caaeb72517cd8e2311eef5a50f02bd8bd75f6
ca260c4b70168bb499df0204ef4cf32f659baeb71dddedfd4c18b79ce8182130
ca26be5008ebddc5c69ce0349719f783ddd52f7fe0bc269ca53fde54b55595aa
cf0594fed842212a074fd9cc1a2e5008abca28269e8eea7e2274a8395c711949
cff62f558835506eb62ecbe138a63f93f55072b2d1ec0016cbd51db673114186
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d55d5126fb8b74c69477da30ba54362aed32d1482bc854373e46c8130bfd1c97
d5f10f852b112a514a19f2b778eef5d2d1307878757f0a24539c051831cefaf8
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f
d6f31ad1b27465308a769225a8672d9ac90f9ca0e38ac74305be73ec91def11a
d76c7074b6ad270ce52ac59a9774c3a9214e0181ca314cd7b9f8c8f2972aefe7
d8e30fb1c7e783450bf22db0dcc5126c280b8e663bdf38a63cbf13fa282a4a4b
da7d4cc72a3f57c3cb4ab76ea8a77953e82fc966d12e30a5c517efc903a24505
e1c109f6c8713923904e75ec919510e2cccc75ff2771ef02c5b9793c9c77a4c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40046aaa2a8c4d762527c54280fdb939f52490e42ff3355276833bbb08ed540
e5a4419c8ae0d7c50387094eefe71724328b9793475890cef26fc745932d062c
e5c01ddd44754f82d3f7c8b075b016b34bf22302152c49286e9f2bb111df6912
eb87dbe6a282bdfba9394314932f0e8d5ca56c8cf6e862f5db30d47de82fa41e
ed159882d15b93d186074311ad9eeff849ca1764d9e9724c6c2b5c536606c3d1
f1fc060c5564a2c3ce42c1713d18b0288374a8d8d5096e6437a14c193054f779
f2b2946b3fedffb0f7acba063d82da43b73c8d258ead26262ed3828253ad60ea
f32f89b7d9d866727b5264ffba2882177366e3360aeef5d36160b18bea676937
f55825bf744e331c1c5768eb9c02abff69929ab67defcd8c7ea80b1a8d6475e8
f55d28bc8c05dcf8cdb3160da74b71a084f1ed9a063950a96d3d7cc7e6b29231
f8d9f07595b9911ef81cf188e4dc3ce2f98b4d3ddc380bcb20223949782f38c5
fa8172f512d2e72c87caf45b724bdc4ccc5ae41548cb7cfcb77a3cd4ae12b034
fb099c2c6a3ee590ce321bebddbcd722bba64f257a535616302d91e0fa8344c7
fbb608d1b37eb3991af39a15f8823acdb81c4ed982095eee61b82b88bcd015bd
fd983492ecda7581f9ce22d7b0880ec353016936fb85193cf4457950cfbfdb33
fe469f7853d1175e533768803e7eae4cb937e98ea8cd047ed1a3de0b9ae0c088
feb95fb64b51050428a5b622579f5e88929d0a0ea289ed9a968dc634f0c48e29

www.aoifehillen.com Open in urlscan Pro 35.242.251.130 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

207 Requests

99 %HTTPS

38 %IPv6

13 Domains

17 Subdomains

16 IPs

3 Countries

4903 kBTransfer

13748 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

207 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.aoifehillen.com Open in urlscan Pro
35.242.251.130 Public Scan

Screenshot
Live screenshot

Full Image

207
Requests

99 %
HTTPS

38 %
IPv6

13
Domains

17
Subdomains

16
IPs

3
Countries

4903 kB
Transfer

13748 kB
Size

2
Cookies

207 HTTP transactions
4 data transactions