onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://seyedishop.ir/Index.html/index/onedrive.php
Effective URL:
https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608
Submission: On August 31 via api (August 31st 2021, 10:21:33 pm UTC) from US

Summary HTTP 127 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 11 domains to perform 127 HTTP transactions. The main IP is 13.107.42.13, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is onedrive.live.com.
TLS certificate: Issued by Microsoft RSA TLS CA 01 on August 13th 2021. Valid for: a year.

This is the only time onedrive.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	5.56.133.100 5.56.133.100	50673 (SERVERIUS-AS) (SERVERIUS-AS)
4	13.107.42.13 13.107.42.13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	2.16.186.25 2.16.186.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	13.81.118.91 13.81.118.91	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
17	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
71	2a02:26f0:6c0... 2a02:26f0:6c00:2a3::1c24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2.18.232.120 2.18.232.120	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.111.225.185 104.111.225.185	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.109.76.40 52.109.76.40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	13.104.208.165 13.104.208.165	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2620:1ec:46::45 2620:1ec:46::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	40.126.31.6 40.126.31.6	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
1	104.111.237.183 104.111.237.183	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a02:26f0:6c0... 2a02:26f0:6c00:294::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	13.89.178.26 13.89.178.26	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
127	17

1 5.56.133.100 (Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: webhost1.hostingdnscloud.com

seyedishop.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.107.42.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.16.186.25 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-25.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.81.118.91 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.sfx.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

excel.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
shared.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

71 2a02:26f0:6c00:2a3::1c24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1h-excel-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.232.120 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-120.deploy.static.akamaitechnologies.com

fs.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.225.185 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-225-185.deploy.static.akamaitechnologies.com

static2.sharepointonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.109.76.40 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mrodevicemgr.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.104.208.165 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

skyapi.onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
storage.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

amcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.126.31.6 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.237.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-237-183.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:294::4b36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1-shared-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.89.178.26 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.pipe.aria.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
74	office.net c1h-excel-15.cdn.office.net c1-shared-15.cdn.office.net	4 MB
28	live.com 2 redirects onedrive.live.com excel.officeapps.live.com mrodevicemgr.officeapps.live.com skyapi.onedrive.live.com c.live.com storage.live.com login.live.com shared.officeapps.live.com	151 KB
10	akamaihd.net spoprod-a.akamaihd.net	346 KB
8	microsoft.com fs.microsoft.com browser.pipe.aria.microsoft.com Failed browser.events.data.microsoft.com	2 MB
2	sharepointonline.com static2.sharepointonline.com	68 KB
2	sfx.ms p.sfx.ms	12 KB
1	live.net js.live.net	16 KB
1	aspnetcdn.com ajax.aspnetcdn.com	33 KB
1	bing.com 1 redirects c.bing.com	991 B
1	msftauth.net amcdn.msftauth.net	9 KB
1	seyedishop.ir 1 redirects seyedishop.ir	334 B
127	11

	Domain	Requested by
71	c1h-excel-15.cdn.office.net	excel.officeapps.live.com c1h-excel-15.cdn.office.net
14	excel.officeapps.live.com	onedrive.live.com c1h-excel-15.cdn.office.net c1-shared-15.cdn.office.net
10	spoprod-a.akamaihd.net	onedrive.live.com spoprod-a.akamaihd.net
5	fs.microsoft.com	excel.officeapps.live.com
4	onedrive.live.com	onedrive.live.com
3	c1-shared-15.cdn.office.net	shared.officeapps.live.com
3	shared.officeapps.live.com	c1h-excel-15.cdn.office.net
2	browser.pipe.aria.microsoft.com	p.sfx.ms c1h-excel-15.cdn.office.net
2	c.live.com	1 redirects onedrive.live.com
2	mrodevicemgr.officeapps.live.com	c1h-excel-15.cdn.office.net
2	static2.sharepointonline.com	excel.officeapps.live.com
2	p.sfx.ms	onedrive.live.com
1	browser.events.data.microsoft.com	c1h-excel-15.cdn.office.net
1	js.live.net	c1h-excel-15.cdn.office.net
1	ajax.aspnetcdn.com	skyapi.onedrive.live.com
1	login.live.com	excel.officeapps.live.com
1	storage.live.com	1 redirects
1	c.bing.com	1 redirects
1	amcdn.msftauth.net	c1h-excel-15.cdn.office.net
1	skyapi.onedrive.live.com	spoprod-a.akamaihd.net
1	seyedishop.ir	1 redirects
127	21

This site contains links to these domains. Also see Links.

Domain
profile.live.com

Subject Issuer	Validity	Valid
onedrive.com Microsoft RSA TLS CA 01	`2021-08-13` - `2022-08-13`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
officeapps.live.com DigiCert Cloud Services CA-1	`2021-04-30` - `2022-04-29`	a year	crt.sh
*.cdn.office.net Microsoft RSA TLS CA 02	`2021-01-26` - `2022-01-26`	a year	crt.sh
officecdn.microsoft.com Microsoft RSA TLS CA 01	`2021-05-14` - `2022-05-14`	a year	crt.sh
*.sharepointonline.com Microsoft RSA TLS CA 01	`2021-07-08` - `2022-07-08`	a year	crt.sh
mrodevicemgr.officeapps.live.com Microsoft RSA TLS CA 02	`2020-10-02` - `2021-10-02`	a year	crt.sh
storage.live.com Microsoft RSA TLS CA 01	`2021-08-19` - `2022-08-19`	a year	crt.sh
identitycdn.msauth.net Microsoft Azure TLS Issuing CA 02	`2021-08-29` - `2022-08-24`	a year	crt.sh
c.msn.com Microsoft Azure TLS Issuing CA 02	`2021-06-27` - `2022-06-22`	a year	crt.sh
graph.windows.net DigiCert SHA2 Secure Server CA	`2021-08-26` - `2022-08-26`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2020-11-16` - `2021-11-10`	a year	crt.sh
p.sfx.ms Microsoft RSA TLS CA 02	`2020-09-28` - `2021-09-28`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 05	`2021-08-12` - `2022-08-07`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608
Frame ID: E19638E909053790A0D24AE0FD431E8E
Requests: 18 HTTP requests in this frame

Frame: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=en-US&rs=en-US&hid=w7NAvV1SqEWwOwiDg01s5w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F9E33C105D0E01468%211566&wde=xlsx&sc=host%3D%26qt%3DFolders&wdp=7
Frame ID: 351BA611D2398597AEA9E03E26E9FA88
Requests: 101 HTTP requests in this frame

Frame: https://skyapi.onedrive.live.com/api/proxy?v=3
Frame ID: 357CAFD32E0854F24788AE612E5135AD
Requests: 2 HTTP requests in this frame

Frame: https://shared.officeapps.live.com/clipboard/shared.aspx?CreatorOrigin=https%3A%2F%2Fexcel.officeapps.live.com&usid=2852048e-2856-405d-af71-c59e111533ec&corrid=eee41de5-292c-4366-ae22-c0476b613734&NoAuth=true
Frame ID: 6FF9AB694A787C6BEE2B415279098F62
Requests: 2 HTTP requests in this frame

Frame: https://shared.officeapps.live.com/clipboard/shared.aspx?CreatorOrigin=https%3A%2F%2Fexcel.officeapps.live.com&usid=2852048e-2856-405d-af71-c59e111533ec&corrid=eee41de5-292c-4366-ae22-c0476b613734&NoAuth=true
Frame ID: A45F6D7B6BACAA8B5F4E6A4B5D89F600
Requests: 2 HTTP requests in this frame

Frame: https://shared.officeapps.live.com/clipboard/shared.aspx?CreatorOrigin=https%3A%2F%2Fexcel.officeapps.live.com&usid=2852048e-2856-405d-af71-c59e111533ec&corrid=eee41de5-292c-4366-ae22-c0476b613734&NoAuth=true
Frame ID: DE62424D849AF8DE0B7938D8004B6C82
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PRODUCT LIST WOMEN TIGHT QUOTATION SST22.xlsx - Microsoft Excel Online

Page URL History Show full URLs

https://seyedishop.ir/Index.html/index/onedrive.php HTTP 302
https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6V... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Page Statistics

127
Requests

98 %
HTTPS

28 %
IPv6

11
Domains

21
Subdomains

17
IPs

4
Countries

7007 kB
Transfer

26058 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://profile.live.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://seyedishop.ir/Index.html/index/onedrive.php HTTP 302
https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 97

https://c.live.com/c.gif?DI=15347&wlxid=afa726f0-f469-41ae-9dac-272bd4f779c7&reqid=0019801459c&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRDE42AAC886AA0%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.excel%26PLT%3D4504%26IR%3D1%26EX%3D0%26L.h%3D1205%26L.bc%3D1258%26L.ac%3D1267%26L.f%3D1274%26L.sjs%3D4357%26L.ttg%3D2348%26C.st%3D1630448467106%26N.domIn%3D1274%26N.dns%3D9%26N.tcp%3D17%26N.req%3D975%26N.resp%3D10%26N.navType%3D0%26N.redirectCount%3D0&r=0.24939069334809716 HTTP 302
https://c.bing.com/c.gif?DI=15347&wlxid=afa726f0-f469-41ae-9dac-272bd4f779c7&reqid=0019801459c&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRDE42AAC886AA0%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.excel%26PLT%3D4504%26IR%3D1%26EX%3D0%26L.h%3D1205%26L.bc%3D1258%26L.ac%3D1267%26L.f%3D1274%26L.sjs%3D4357%26L.ttg%3D2348%26C.st%3D1630448467106%26N.domIn%3D1274%26N.dns%3D9%26N.tcp%3D17%26N.req%3D975%26N.resp%3D10%26N.navType%3D0%26N.redirectCount%3D0&r=0.24939069334809716&CtsSyncId=C4C8BF6E2B1C4666A3ED77FAA595F4B3&RedC=c.live.com&MXFR=0301E4638F98610926C9F4C78B98658C HTTP 302
https://c.live.com/c.gif?DI=15347&wlxid=afa726f0-f469-41ae-9dac-272bd4f779c7&reqid=0019801459c&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRDE42AAC886AA0%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.excel%26PLT%3D4504%26IR%3D1%26EX%3D0%26L.h%3D1205%26L.bc%3D1258%26L.ac%3D1267%26L.f%3D1274%26L.sjs%3D4357%26L.ttg%3D2348%26C.st%3D1630448467106%26N.domIn%3D1274%26N.dns%3D9%26N.tcp%3D17%26N.req%3D975%26N.resp%3D10%26N.navType%3D0%26N.redirectCount%3D0&r=0.24939069334809716&CtsSyncId=C4C8BF6E2B1C4666A3ED77FAA595F4B3&MUID=0301E4638F98610926C9F4C78B98658C

Request Chain 99

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1630448471886 HTTP 302
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1630448471&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539

127 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request view.aspx Show response
onedrive.live.com/
Redirect Chain

https://seyedishop.ir/Index.html/index/onedrive.php
https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608

97 KB
32 KB

992ms
965ms

Document
text/html

13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

742ac76db4aa1ff8e53b4752bd2eefbe4c30160ed2ee743e4ce9d2a341af2cb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onedrive.live.com
:scheme: https
:path: /view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
set-cookie: E=P:Jk/hoM1s2Yg=:59TNLulzIdh9QzUqfrsUNSzcqbjdWb6eYAR4rCAKQ/k=:F; domain=.live.com; path=/ xid=afa726f0-f469-41ae-9dac-272bd4f779c7&&RDE42AAC886AA0&287; domain=.live.com; path=/ xidseq=1; domain=.live.com; path=/ LD=; domain=.live.com; expires=Tue, 31-Aug-2021 20:41:07 GMT; path=/ wla42=; domain=live.com; expires=Tue, 07-Sep-2021 22:21:08 GMT; path=/
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-msnserver: RDE42AAC886AA0
x-odwebserver: canadacentral0-odwebpl
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 4A4B8AB5441243868F2127ABB9681329 Ref B: FRAEDGE1308 Ref C: 2021-08-31T22:21:07Z
date: Tue, 31 Aug 2021 22:21:07 GMT

Redirect headers

location: https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Tue, 31 Aug 2021 22:21:07 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 maincss-3d633429.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001// 136 KB
26 KB 60ms
19ms Stylesheet
text/css 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001//maincss-3d633429.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 63aef72d236cde38c258f82e8797d13cb24cd903f01e83732eede839aa5cf2c5

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 Aug 2021 22:21:08 GMT
content-encoding: gzip
content-md5: PWM0KdjmKRxU/0cF4Kv/Uw==
content-length: 25623
x-ms-lease-status: unlocked
last-modified: Fri, 30 Jul 2021 00:24:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D952F053E0907F
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 77e73851-f01e-0067-6b3f-8e96d1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29486754
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001// 85 KB
16 KB 72ms
31ms Stylesheet
text/css 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 Aug 2021 22:21:08 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Fri, 30 Jul 2021 00:23:50 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D952F04E5C464A
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 41158993-e01e-0009-803f-8ec3fe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29486717
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss2-7859787f.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001// 169 KB
30 KB 73ms
32ms Stylesheet
text/css 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001//filescss2-7859787f.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 85b57eaee8f090113ca4eb0584c8e22f1e1a891efbac13b9251676ea5e968449

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 Aug 2021 22:21:08 GMT
content-encoding: gzip
content-md5: eFl4f1R1WfMJocO6wVsUhA==
content-length: 30612
x-ms-lease-status: unlocked
last-modified: Fri, 30 Jul 2021 00:23:52 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D952F04F3B0F09
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 3e8c3eac-401e-0086-373f-8e4a94000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29486840
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 clientstring.mvc Show response
onedrive.live.com/handlers/ 91 KB
25 KB 129ms
128ms Script
text/javascript 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-US&group=Office&v=19.710.0628.2003&useRequiresJs=False

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9edb0a23ab94844e68ea7bd76b2d707d307b6b849be6dd14fd336a73d2b5baa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:path: /handlers/clientstring.mvc?mkt=en-US&group=Office&v=19.710.0628.2003&useRequiresJs=False
pragma: no-cache
cookie: E=P:Jk/hoM1s2Yg=:59TNLulzIdh9QzUqfrsUNSzcqbjdWb6eYAR4rCAKQ/k=:F; xid=afa726f0-f469-41ae-9dac-272bd4f779c7&&RDE42AAC886AA0&287; xidseq=1; wla42=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: onedrive.live.com
referer: https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-msedge-ref: Ref A: 53312982405748EC9EA1DDEA1E54B8D6 Ref B: FRAEDGE1308 Ref C: 2021-08-31T22:21:08Z
x-odwebserver: canadacentral0-odwebpl
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000
date: Tue, 31 Aug 2021 22:21:07 GMT
set-cookie: mkt=en-US; domain=.live.com; expires=Wed, 31-Aug-2022 00:00:00 GMT; path=/ xidseq=2; domain=.live.com; path=/ LD=; domain=.live.com; expires=Tue, 31-Aug-2021 20:41:08 GMT; path=/ E=P:GYB3oc1s2Yg=:bEuYRXXbZqaV5Fh1H77DRiyDTExTounAx4lyz8mJJfc=:F; domain=.live.com; path=/ wla42=; domain=live.com; expires=Tue, 07-Sep-2021 22:21:08 GMT; path=/
x-msnserver: RDE42AAC886AA0
expires: Wed, 31 Aug 2022 22:21:08 GMT

GET
H2 200 clientstring.mvc Show response
onedrive.live.com/handlers/ 4 KB
2 KB 119ms
118ms Script
text/javascript 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/handlers/clientstring.mvc?mkt=en-US&group=GroupFolders&v=19.710.0628.2003&useRequiresJs=False

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3b6839c31dcff12190f4ff74c1841ddc74442f97fb2e1a63aad71f768a754067

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:path: /handlers/clientstring.mvc?mkt=en-US&group=GroupFolders&v=19.710.0628.2003&useRequiresJs=False
pragma: no-cache
cookie: E=P:Jk/hoM1s2Yg=:59TNLulzIdh9QzUqfrsUNSzcqbjdWb6eYAR4rCAKQ/k=:F; xid=afa726f0-f469-41ae-9dac-272bd4f779c7&&RDE42AAC886AA0&287; xidseq=1; wla42=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: onedrive.live.com
referer: https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-msedge-ref: Ref A: 610F43A2C6F3440795739FFC36331289 Ref B: FRAEDGE1308 Ref C: 2021-08-31T22:21:08Z
x-odwebserver: canadacentral0-odwebpl
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000
date: Tue, 31 Aug 2021 22:21:07 GMT
set-cookie: mkt=en-US; domain=.live.com; expires=Wed, 31-Aug-2022 00:00:00 GMT; path=/ xidseq=2; domain=.live.com; path=/ LD=; domain=.live.com; expires=Tue, 31-Aug-2021 20:41:08 GMT; path=/ E=P:7Zl3oc1s2Yg=:ywbDn//EbIRvVXXzl62KAGqm2m4QIxANN0Iky8rOMrE=:F; domain=.live.com; path=/ wla42=; domain=live.com; expires=Tue, 07-Sep-2021 22:21:08 GMT; path=/
x-msnserver: RDE42AAC88DFA5
expires: Wed, 31 Aug 2022 22:21:08 GMT

GET
H2 200 aria-2.5.0.min.js Show response
p.sfx.ms//storage/ 45 KB
12 KB 65ms
19ms Script
application/javascript 13.81.118.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.sfx.ms//storage/aria-2.5.0.min.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.81.118.91 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e62cb84db10132ea9201bc71a8a93663db97092841687e15a2ecbf7d95ccded5

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 22:21:07 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 18:57:26 GMT
server: Microsoft-IIS/10.0
etag: "06f97e26294d71:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=86400
x-odwebserver: westeurope0-odwebp
accept-ranges: bytes
x-msnserver: RD0003FF1D7543
content-length: 12195

GET
H2 200 invis.gif
p.sfx.ms/is/ 43 B
130 B 15ms
15ms Image
image/gif 13.81.118.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.sfx.ms/is/invis.gif
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.81.118.91 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 22:21:07 GMT
x-msnserver: RD0003FF1D7543
last-modified: Wed, 18 Aug 2021 18:57:06 GMT
server: Microsoft-IIS/10.0
etag: "0adabd66294d71:0"
content-type: image/gif
cache-control: public,max-age=86400
x-odwebserver: westeurope0-odwebp
accept-ranges: bytes
content-length: 43

POST
H2 200 xlviewerinternal.aspx Show response
excel.officeapps.live.com/x/_layouts/ Frame 351B 355 KB
67 KB 70ms
42ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=en-US&rs=en-US&hid=w7NAvV1SqEWwOwiDg01s5w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F9E33C105D0E01468%211566&wde=xlsx&sc=host%3D%26qt%3DFolders&wdp=7

Requested by

Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

dd123efa09539d8ce9fd78554845110ac61495e6b5798fc9f5628adf967a454c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: POST
:authority: excel.officeapps.live.com
:scheme: https
:path: /x/_layouts/xlviewerinternal.aspx?ui=en-US&rs=en-US&hid=w7NAvV1SqEWwOwiDg01s5w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F9E33C105D0E01468%211566&wde=xlsx&sc=host%3D%26qt%3DFolders&wdp=7
content-length: 231
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://onedrive.live.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onedrive.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: xid=afa726f0-f469-41ae-9dac-272bd4f779c7&&RDE42AAC886AA0&287; wla42=; mkt=en-US; xidseq=2; E=P:GYB3oc1s2Yg=:bEuYRXXbZqaV5Fh1H77DRiyDTExTounAx4lyz8mJJfc=:F
Upgrade-Insecure-Requests: 1
Origin: https://onedrive.live.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://onedrive.live.com/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: DcLcid=ui=1033&data=1033; expires=Tue, 30-Nov-2021 23:21:08 GMT; path=/; samesite=none; secure; HttpOnly PNL1-Excel-ARRAffinity=2416c2b728e532353e9d7e54072581fd29c685505e3b1368522d6e4dd90af9b8;Path=/;Domain=excel.officeapps.live.com; samesite=none; secure; httponly
x-correlationid: 2852048e-2856-405d-af71-c59e111533ec
x-usersessionid: 2852048e-2856-405d-af71-c59e111533ec
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF00006945
x-officeversion: 16.0.14424.35904
x-officecluster: PNL1
x-content-type-options: nosniff
document-policy: js-profiling
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: font-src data: c1-excel-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-excel-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-excel-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' https:; child-src blob: * ms-excel: https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /x/reportcsp.ashx
x-officefd: AM4PEPF000068B7
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-msedge-ref: Ref A: 6315DF2F8C894DC7A0A21FAF5B1C2469 Ref B: AM3EDGE0907 Ref C: 2021-08-31T22:21:08Z
date: Tue, 31 Aug 2021 22:21:07 GMT

GET
H2 200 Aacorlib.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/ Frame 351B 76 KB
19 KB 33ms
11ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js

Requested by

Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=en-US&rs=en-US&hid=w7NAvV1SqEWwOwiDg01s5w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F9E33C105D0E01468%211566&wde=xlsx&sc=host%3D%26qt%3DFolders&wdp=7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3f0015967cfdc00b10ed549580bcfcd6e1ab5aaf057df55855e891ea237fd255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "b1da96345e93d71:0"
x-officecluster: SNL1
x-officeversion: 16.0.14415.35903
x-officefe: AM4PEPF00006A46
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 19067
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice,afd_wordcapacity_2,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
last-modified: Tue, 17 Aug 2021 11:51:24 GMT
x-officefd: AM4PEPF00006A3F
x-msedge-ref: Ref A: A854E24B753E48B08D1B1DDB67C1BC55 Ref B: AMS04EDGE1609 Ref C: 2021-08-20T22:01:32Z
x-usersessionid: cf135632-6e92-4448-8103-59b1bd6601a7
date: Tue, 31 Aug 2021 22:21:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: cf135632-6e92-4448-8103-59b1bd6601a7
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.js Show response
c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/ Frame 351B 3 MB
661 KB 34ms
13ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2fc3f3cc2762eab3e6a5e4abb575e95bce4446b95d7212a1390a36f20d577e19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"dfc77745759ad71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF000068F2
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 674640
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Thu, 26 Aug 2021 12:24:09 GMT
x-officefd: AM4PEPF0000F385
x-msedge-ref: Ref A: F75ADB1030F84EF4A7056B89F366183D Ref B: AMS04EDGE1713 Ref C: 2021-08-26T12:24:09Z
x-usersessionid: 4d42ae7a-ea60-4dbc-a59a-fe1915f9d326
date: Tue, 31 Aug 2021 22:21:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 4d42ae7a-ea60-4dbc-a59a-fe1915f9d326
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.Strings.Wac.js Show response
c1h-excel-15.cdn.office.net/x/s/h077C298CE831FF00__layouts/App_Scripts/1033/ Frame 351B 79 KB
21 KB 37ms
16ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h077C298CE831FF00__layouts/App_Scripts/1033/Ewa.Strings.Wac.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

077c298ce831ff00fb5193f9ca833868111fa8372b69b1bdf88ddb7d51d6181a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"7c943667fa98d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF0000690D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 20809
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice_control,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 24 Aug 2021 15:12:07 GMT
x-officefd: AM4PEPF000068BF
x-msedge-ref: Ref A: 447B85DD222E4F2E8C2B5690A9E20D90 Ref B: AM3EDGE0909 Ref C: 2021-08-24T15:12:07Z
x-usersessionid: 45bf011d-72c0-4aef-b15c-af914b19132d
date: Tue, 31 Aug 2021 22:21:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 45bf011d-72c0-4aef-b15c-af914b19132d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gridRenderer.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hB4DF7F2D12CECA97__layouts/App_Scripts/ Frame 351B 515 KB
104 KB 38ms
16ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hB4DF7F2D12CECA97__layouts/App_Scripts/gridRenderer.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b4df7f2d12ceca979528b7098ce1e6495f4b5a0d0b05ec5aa7eaa1e1faf888df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"e8707645759ad71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF0000690F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 105687
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 26 Aug 2021 12:24:09 GMT
x-officefd: AM4PEPF000068BF
x-msedge-ref: Ref A: A2E5FA71B7C54C96B0C69C751DEBC07A Ref B: AMS04EDGE1311 Ref C: 2021-08-26T12:24:09Z
x-usersessionid: a301f975-77eb-4444-a008-20ff8c81dabb
date: Tue, 31 Aug 2021 22:21:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: a301f975-77eb-4444-a008-20ff8c81dabb
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 clientManifest.js Show response
c1h-excel-15.cdn.office.net/x/s/161442435904__layouts/Resources/en-US/ Frame 351B 110 KB
42 KB 42ms
21ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161442435904__layouts/Resources/en-US/clientManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

763620e41b3bcd0540a6cff70cb23f16d12564f33c70974fe5fdf16642cb643c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"0c11dbfb99cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF00006920
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 42641
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
last-modified: Sun, 29 Aug 2021 09:39:22 GMT
x-officefd: AM4PEPF000068AD
x-msedge-ref: Ref A: 5CE9FEC03C4B41C8982C27B78558E00D Ref B: AMS04EDGE1718 Ref C: 2021-08-29T09:39:22Z
x-usersessionid: df074f23-d25a-40c2-a621-80941f872b25
date: Tue, 31 Aug 2021 22:21:08 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: df074f23-d25a-40c2-a621-80941f872b25
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 richTextEditor.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h32A505AB979FD8C6__layouts/App_Scripts/ Frame 351B 282 KB
58 KB 38ms
17ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h32A505AB979FD8C6__layouts/App_Scripts/richTextEditor.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

32a505ab979fd8c614738033749c061a71262e6bbd906660e040597e0467a5b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"528bb64499d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF00006914
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 58175
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 24 Aug 2021 16:23:37 GMT
x-officefd: AM4PEPF000068A6
x-msedge-ref: Ref A: 928EE9BEE0FA4D15A13DE920E19A9CE0 Ref B: AM3EDGE0717 Ref C: 2021-08-24T16:23:37Z
x-usersessionid: f0e71171-a3ff-443b-94f7-c4baf8632b24
date: Tue, 31 Aug 2021 22:21:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: f0e71171-a3ff-443b-94f7-c4baf8632b24
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.CommonIntl.js Show response
c1h-excel-15.cdn.office.net/x/s/h7BD521B56F43EA97__layouts/App_Scripts/1033/ Frame 351B 81 KB
22 KB 45ms
24ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h7BD521B56F43EA97__layouts/App_Scripts/1033/Ewa.CommonIntl.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7bd521b56f43ea977e5af95bd5f4cfce70a7c719c87391a3e951567ee6ca8df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"71cbfe97499d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF00006926
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3,2pfz=afd_wordcapacity_4
content-length: 21398
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3,afd_wordcapacity_4
last-modified: Tue, 24 Aug 2021 16:25:03 GMT
x-officefd: AM4PEPF000068A5
x-msedge-ref: Ref A: 970FF07EBCB641C9B95C94E56840772D Ref B: AMS04EDGE1421 Ref C: 2021-08-24T16:25:03Z
x-usersessionid: 5283b7be-17de-4066-9d9e-14af93cfb9c0
date: Tue, 31 Aug 2021 22:21:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 5283b7be-17de-4066-9d9e-14af93cfb9c0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 runtime.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hE26C4E03E9BEBA4C__layouts/App_Scripts/ Frame 351B 14 KB
5 KB 41ms
21ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hE26C4E03E9BEBA4C__layouts/App_Scripts/runtime.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e26c4e03e9beba4c780de307cc533d311b0aeb41644fb464ab9bf5713bda8270

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"e066d50499d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF00006903
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3,2pfz=afd_wordcapacity_4_control
content-length: 4453
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3,afd_wordcapacity_4_control
last-modified: Tue, 24 Aug 2021 16:23:03 GMT
x-officefd: AM4PEPF0000601C
x-msedge-ref: Ref A: 4A4E3F363B064F94AB7CDFA24AA178B2 Ref B: AMS04EDGE1719 Ref C: 2021-08-24T16:23:03Z
x-usersessionid: 0b759c29-4426-4a66-872a-5ed2c3872dad
date: Tue, 31 Aug 2021 22:21:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 0b759c29-4426-4a66-872a-5ed2c3872dad
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appChrome.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h36D53B89B8422877__layouts/App_Scripts/ Frame 351B 172 KB
36 KB 45ms
26ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h36D53B89B8422877__layouts/App_Scripts/appChrome.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

36d53b89b8422877799b6d0c344cf281e486861bcb2e72ded32a45b4355f555a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"f7566950499d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF0000690F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 36216
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 24 Aug 2021 16:23:03 GMT
x-officefd: AM4PEPF0000601A
x-msedge-ref: Ref A: 45835FA49BE944C68D0F2F8F2BAEBDB7 Ref B: AMS04EDGE1211 Ref C: 2021-08-24T16:23:03Z
x-usersessionid: 2aa45c04-feac-458a-97a6-b5a5ca159c50
date: Tue, 31 Aug 2021 22:21:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 2aa45c04-feac-458a-97a6-b5a5ca159c50
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 common.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h934C070BCE84B969__layouts/App_Scripts/ Frame 351B 2 MB
454 KB 41ms
22ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h934C070BCE84B969__layouts/App_Scripts/common.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

934c070bce84b96986d63bb797e2e819ce2372cb5f0b27be063495cae8d9a28f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"6a28445a499d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF000068EE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 463258
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Tue, 24 Aug 2021 16:23:20 GMT
x-officefd: AM4PEPF000068AF
x-msedge-ref: Ref A: 78E072693F16497C9A6CEE1426A2789A Ref B: AMS04EDGE1322 Ref C: 2021-08-24T16:23:20Z
x-usersessionid: 4519e35d-f241-4aff-9869-b0b465e0338c
date: Tue, 31 Aug 2021 22:21:08 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 4519e35d-f241-4aff-9869-b0b465e0338c
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excel-app-intl.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h42E5D5834E874978__layouts/App_Scripts/1033/ Frame 351B 373 KB
86 KB 38ms
19ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h42E5D5834E874978__layouts/App_Scripts/1033/excel-app-intl.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

42e5d5834e8749783d3e2d2a3b5c4585ede43cef268dd4b912d880ee9ae92acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"2c53395a499d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF000068DC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 87430
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Tue, 24 Aug 2021 16:23:20 GMT
x-officefd: AM4PEPF0000689D
x-msedge-ref: Ref A: 409754D250F84A29B079CEF5D2992D84 Ref B: AM3EDGE0611 Ref C: 2021-08-24T16:23:20Z
x-usersessionid: 1ab42f31-e702-4844-8c10-3172a56d882f
date: Tue, 31 Aug 2021 22:21:08 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 1ab42f31-e702-4844-8c10-3172a56d882f
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excel-app-mlr-sprite.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hF6B3AAC073BC9A26__layouts/App_Scripts/1033/ Frame 351B 72 KB
12 KB 35ms
17ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hF6B3AAC073BC9A26__layouts/App_Scripts/1033/excel-app-mlr-sprite.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f6b3aac073bc9a2620e8a3272608bd76100f9a304d576fedc60e272c8068f93f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "e1954e39093d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF000068DC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 11563
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 17 Aug 2021 17:47:57 GMT
x-officefd: AM4PEPF000068C0
x-msedge-ref: Ref A: C31093FF301F48BD8696A9DE4229366E Ref B: AM3EDGE0817 Ref C: 2021-08-22T01:35:18Z
x-usersessionid: f0c42ea5-8679-4e87-a8f7-6739b437f07a
date: Tue, 31 Aug 2021 22:21:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: f0c42ea5-8679-4e87-a8f7-6739b437f07a
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwrDefault.css
c1h-excel-15.cdn.office.net/x/s/hB148E5978865B29B__layouts/Resources/1033/ Frame 351B 128 KB
19 KB 24ms
6ms Stylesheet
text/css 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hB148E5978865B29B__layouts/Resources/1033/EwrDefault.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b148e5978865b29b2db0131b628eb963f47e996757bfa8e8fe7c60d7273fb625

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"73522546759ad71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF000068DC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 19174
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 26 Aug 2021 12:24:10 GMT
x-officefd: AM4PEPF000068BF
x-msedge-ref: Ref A: 5AF0DE89F5A5405FA13DDD38321A38A2 Ref B: AMS04EDGE1506 Ref C: 2021-08-26T12:24:10Z
x-usersessionid: 24ecdd11-f053-41fb-85f0-bb578f3ff007
date: Tue, 31 Aug 2021 22:21:08 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 24ecdd11-f053-41fb-85f0-bb578f3ff007
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excelframe.css
c1h-excel-15.cdn.office.net/x/s/hE6BADC2A49867D22__layouts/Resources/1033/ Frame 351B 64 KB
11 KB 27ms
9ms Stylesheet
text/css 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hE6BADC2A49867D22__layouts/Resources/1033/excelframe.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e6badc2a49867d2223c9a45d6cbcdfd79f9d8f3b2e8520e517eea76a8b8c44aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "6749da187a93d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF000068FC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 10153
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 17 Aug 2021 15:11:04 GMT
x-officefd: AM4PEPF000068A5
x-msedge-ref: Ref A: 8957288C25EF4D7EA479BF25CE6BDEAA Ref B: AMS04EDGE1512 Ref C: 2021-08-24T18:11:42Z
x-usersessionid: 43dc1d79-81f1-4273-aa00-d04487a2c073
date: Tue, 31 Aug 2021 22:21:08 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 43dc1d79-81f1-4273-aa00-d04487a2c073
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame 351B 376 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46689198526f176cb3bb2881be2e8f1273be7293fea0625f2c3bfa2058c9b422

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

POST
H2 200 RemoteTelemetry.ashx Show response
excel.officeapps.live.com/x/_layouts/ Frame 351B 0
386 B 22ms
22ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_layouts/RemoteTelemetry.ashx

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=en-US&rs=en-US&hid=w7NAvV1SqEWwOwiDg01s5w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F9E33C105D0E01468%211566&wde=xlsx&sc=host%3D%26qt%3DFolders&wdp=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF000068B8
x-officeversion: 16.0.14424.35904
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid: 757f5e8a-2c29-4da2-82b6-1ca216aa98f9
x-officecluster: PNL1
x-usersessionid: 757f5e8a-2c29-4da2-82b6-1ca216aa98f9
date: Tue, 31 Aug 2021 22:21:08 GMT
x-download-options: noopen
access-control-allow-origin: https://excel.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 78A30188505943D79CC0633C55A350CF Ref B: AM3EDGE0907 Ref C: 2021-08-31T22:21:08Z
timing-allow-origin: *
x-officefe: AM4PEPF00006945

GET
H2 200 segoeui.woff
c1h-excel-15.cdn.office.net/x/s/hE6BADC2A49867D22__layouts/Resources/1033/ Frame 351B 22 KB
23 KB 10ms
7ms Font
font/x-woff 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hE6BADC2A49867D22__layouts/Resources/1033/segoeui.woff

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hE6BADC2A49867D22__layouts/Resources/1033/excelframe.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://c1h-excel-15.cdn.office.net/x/s/hE6BADC2A49867D22__layouts/Resources/1033/excelframe.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"86e099f6849dd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14424.35904
x-officefe: AM4PEPF0000691F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 22720
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 30 Aug 2021 09:54:02 GMT
x-officefd: AM4PEPF000068A5
x-msedge-ref: Ref A: 259A54D398284B2CB8C0147020213AC8 Ref B: AM3EDGE0311 Ref C: 2021-08-30T09:54:02Z
x-usersessionid: c3807650-299b-450b-ad49-f972f9b79996
date: Tue, 31 Aug 2021 22:21:09 GMT
content-type: font/x-woff
access-control-allow-origin: *
x-correlationid: c3807650-299b-450b-ad49-f972f9b79996
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 26892287593
fs.microsoft.com/fs/4.16/rawguids/ Frame 351B 146 KB
86 KB 79ms
28ms Font
application/octet-stream 2.18.232.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.microsoft.com/fs/4.16/rawguids/26892287593
Requested by: Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=en-US&rs=en-US&hid=w7NAvV1SqEWwOwiDg01s5w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F9E33C105D0E01468%211566&wde=xlsx&sc=host%3D%26qt%3DFolders&wdp=7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-120.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1c974a9d4f2c4a220f3017c152078d035f283938fcac06e164ed14b4809e9ddb

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 22:21:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Apr 2021 21:56:24 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "ce86caaf2f2bd71:0"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=167514
Transfer-Encoding: chunked
Content-Disposition: attachment; filename=26892287593
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
X-CID: 2

GET
H/1.1 200
OK 44327025345
fs.microsoft.com/fs/4.7/rawguids/ Frame 351B 1 MB
715 KB 99ms
33ms Font
application/octet-stream 2.18.232.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.microsoft.com/fs/4.7/rawguids/44327025345
Requested by: Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=en-US&rs=en-US&hid=w7NAvV1SqEWwOwiDg01s5w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F9E33C105D0E01468%211566&wde=xlsx&sc=host%3D%26qt%3DFolders&wdp=7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-120.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1522f5c0f14d035c42540d84ad4d00d92b72240e91784c15c59e12921a1f0d79

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 22:21:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 May 2018 19:13:07 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "126af7eedbe3d31:0"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=145111
Transfer-Encoding: chunked
Content-Disposition: attachment; filename=44327025345
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
X-CID: 2

GET
BLOB 200
OK fe4b4206-4cb7-4bf9-8780-bd07564bcd33
https://excel.officeapps.live.com/ Frame 351B 229 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://excel.officeapps.live.com/fe4b4206-4cb7-4bf9-8780-bd07564bcd33
Requested by: Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=en-US&rs=en-US&hid=w7NAvV1SqEWwOwiDg01s5w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F9E33C105D0E01468%211566&wde=xlsx&sc=host%3D%26qt%3DFolders&wdp=7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2820061acdbde09cbfbd98b6a84a4fde4e17b96ef6962d822dd43a4f4084ea2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length: 229
Content-Type: application/javascript

GET
H2 200 Ewa.tmcore.js Show response
c1h-excel-15.cdn.office.net/x/s/h807FB9B42F2B8E29__layouts/App_Scripts/ Frame 351B 20 KB
6 KB 8ms
7ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h807FB9B42F2B8E29__layouts/App_Scripts/Ewa.tmcore.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

807fb9b42f2b8e2966ee5c4281629b90f02e34801b727e40ef520e0aa21788a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"176cb377b99cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF0000692E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 5836
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Sun, 29 Aug 2021 09:37:22 GMT
x-officefd: AM4PEPF000068A6
x-msedge-ref: Ref A: 05C9C20C7D9F4303B148FE69C6A54795 Ref B: AMS04EDGE1613 Ref C: 2021-08-29T09:37:22Z
x-usersessionid: cbdc7601-f6e4-4249-9e43-8a79b9e6857c
date: Tue, 31 Aug 2021 22:21:09 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: cbdc7601-f6e4-4249-9e43-8a79b9e6857c
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excelOnline.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hFE17E686E9DCCAA1__layouts/App_Scripts/ Frame 351B 8 KB
4 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hFE17E686E9DCCAA1__layouts/App_Scripts/excelOnline.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fe17e686e9dccaa14ee296382adece6c855c4586671245fcb42eea8bd1eb4c6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"2f6d155a499d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF00006945
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 3029
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
last-modified: Tue, 24 Aug 2021 16:23:20 GMT
x-officefd: AM4PEPF0000F385
x-msedge-ref: Ref A: EF48755F40094AF3B1842F8873B6FCF4 Ref B: AMS04EDGE1515 Ref C: 2021-08-24T16:23:20Z
x-usersessionid: 4a3b7c98-61bb-4d82-80ab-8c1a871ce2bd
date: Tue, 31 Aug 2021 22:21:09 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 4a3b7c98-61bb-4d82-80ab-8c1a871ce2bd
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 50941620409
fs.microsoft.com/fs/4.7/rawguids/ Frame 351B 910 KB
495 KB 33ms
32ms Font
application/octet-stream 2.18.232.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.microsoft.com/fs/4.7/rawguids/50941620409
Requested by: Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=en-US&rs=en-US&hid=w7NAvV1SqEWwOwiDg01s5w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F9E33C105D0E01468%211566&wde=xlsx&sc=host%3D%26qt%3DFolders&wdp=7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-120.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eb0ab622969875cccbaa658809cc6df6bfd73846f9c6c5e80774936cbc52845c

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 22:21:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 May 2018 19:13:39 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "4433202dce3d31:0"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=132807
Transfer-Encoding: chunked
Content-Disposition: attachment; filename=50941620409
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
X-CID: 2

GET
H2 200 GetRangeContentJson Show response
excel.officeapps.live.com/x/_vti_bin/DynamicGridContent.json/ Frame 351B 25 KB
5 KB 35ms
34ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_vti_bin/DynamicGridContent.json/GetRangeContentJson?context=%7B%22WorkbookMetadataParameter%22%3A%7B%22WorkbookMetadataState%22%3A%7B%22MetadataVersion%22%3A0%2C%22ServerEventVersion%22%3A0%7D%7D%2C%22ClientRequestId%22%3A%22e3ce9ad2-c74f-48d9-af87-14f23a1957d3%22%2C%22MakeInstantaneousChange%22%3Afalse%2C%22SessionId%22%3A%2215.AM4PEPF000069451.A81.1.V25.65504mav%2F1yb8BZqHdS1rbdGJ14.5.en-US5.en-US24.9e33c105d0e01468-Private1.S1.N16.16.0.14424.3590414.5.en-US5.en-US1.V1.N0.1.S%22%2C%22TransientEditSessionToken%22%3Anull%2C%22PermissionFlags%22%3A786363%2C%22Configurations%22%3A1573648%2C%22CompleteResponseTimeout%22%3A0%2C%22IsWindowHidden%22%3Afalse%2C%22MachineCluster%22%3A%22PNL1%22%2C%22AjaxOptions%22%3A0%2C%22ReturnSheetProcessedData%22%3Afalse%7D&ewaControlId=%22m_excelWebRenderer_ewaCtl_m_ewa%22&currentObject=%22Feuil1%22&namedObjectViewData=%7B%22Mode%22%3A1%2C%22Settings%22%3A0%7D&row=28&column=0&rowCount=28&columnCount=30&blockPosition=%7B%22X%22%3A0%2C%22Y%22%3A1%2C%22PaneType%22%3A1%7D&revision=0&previousRevision=-1&digest=%22%22&renderingOptions=24&colorScheme=null&ecsSpreadsheetDigest=null&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5abc6681790b30a89203ee45ca30be85548d9788fbba3d6c49fecd5302f060f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacNoAuth: 1
X-OfficeVersion: 16.0.14424.35904
X-Key: G5Q3ST9OBE1gPsmDpUDPW2IGM4+Vnmy4iQRuhNS8UO4=,637660452686649851
X-Requested-With: XMLHttpRequest
X-xhr: 1
X-XL-SessionId: 15.AM4PEPF000069451.A81.1.V25.65504mav/1yb8BZqHdS1rbdGJ14.5.en-US5.en-US24.9e33c105d0e01468-Private1.S1.N16.16.0.14424.3590414.5.en-US5.en-US1.V1.N0.1.S
haep: 1
X-AccessToken: 4wQIu79qZ45wnQ_DQyKnH1OIAv4sT30wqhSXkfWtadj6tO1MByBaGJBHG8K84TfIcyh6sM5wTb8g9HyLZjJvwGwnSpUDBR1aRfkqzys51e6OAdaRYKRZuTYwDenJhe-5x33LeoQZK-ygR74qOThRObhw
X-UserSessionId: 2852048e-2856-405d-af71-c59e111533ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json; charset=utf-8
X-ClientBootEpochTimeStamp: 1630448468.6649852
X-CorrelationId: d7610126-4530-4cdc-b09c-0176bdd1036f
Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=en-US&rs=en-US&hid=w7NAvV1SqEWwOwiDg01s5w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F9E33C105D0E01468%211566&wde=xlsx&sc=host%3D%26qt%3DFolders&wdp=7
X-UserType: WOPI
X-AccessTokenTtl: 1632262868099
X-WacCluster: PNL1

Response headers

xlsecsid: AM4PEPF00006945
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14424.35904
x-officefe: AM4PEPF00006945
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
xlswfecid: d7610126-4530-4cdc-b09c-0176bdd1036f
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 4538
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: d7610126-4530-4cdc-b09c-0176bdd1036f
x-officefd: AM4PEPF000068C1
x-usersessionid: 2852048e-2856-405d-af71-c59e111533ec
date: Tue, 31 Aug 2021 22:21:08 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, max-age=604800
xlsecscid: d7610126-4530-4cdc-b09c-0176bdd1036f
x-msedge-ref: Ref A: FDF57BCF9DE94643A8295CAC5BA5EC5F Ref B: AM3EDGE0907 Ref C: 2021-08-31T22:21:09Z
timing-allow-origin: *

GET
H2 200 ewr074.png
c1h-excel-15.cdn.office.net/x/s/hA3B235AE8494E074__layouts/Resources/1033/ Frame 351B 929 B
2 KB 7ms
6ms Image
image/png 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hA3B235AE8494E074__layouts/Resources/1033/ewr074.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3b235ae8494e07412786ad460a0b251679b8450abbcbe3b726f334d9b125693

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "92f1fce68993d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF00006941
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control,2pfz=afd_wordcapacity_4_control
content-length: 929
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_visioslice_control,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control,afd_wordcapacity_4_control
last-modified: Tue, 17 Aug 2021 17:04:12 GMT
x-officefd: AM4PEPF0000689E
x-msedge-ref: Ref A: 71381B7DC3784ED09444E8A2592B038B Ref B: AMS04EDGE1105 Ref C: 2021-08-24T21:25:45Z
x-usersessionid: 5c6fa530-b27a-4ff3-8e98-1af7f2f99c14
date: Tue, 31 Aug 2021 22:21:09 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 5c6fa530-b27a-4ff3-8e98-1af7f2f99c14
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
excel.officeapps.live.com/x/ Frame 351B 0
2 KB 122ms
110ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/RemoteUls.ashx?officeserverversion=16.0.14424.35904&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wQIu79qZ45wnQ_DQyKnH1OIAv4sT30wqhSXkfWtadj6tO1MByBaGJBHG8K84TfIcyh6sM5wTb8g9HyLZjJvwGwnSpUDBR1aRfkqzys51e6OAdaRYKRZuTYwDenJhe-5x33LeoQZK-ygR74qOThRObhw
X-UserSessionId: 2852048e-2856-405d-af71-c59e111533ec
X-OfficeVersion: 16.0.14424.35904
X-Key: G5Q3ST9OBE1gPsmDpUDPW2IGM4+Vnmy4iQRuhNS8UO4=,637660452686649851
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=en-US&rs=en-US&hid=w7NAvV1SqEWwOwiDg01s5w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F9E33C105D0E01468%211566&wde=xlsx&sc=host%3D%26qt%3DFolders&wdp=7
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1632262868099
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS4
x-officeversion: 16.0.14423.41001
x-officefe: BL6PEPF0000B9EF
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 5DFFECF679A2FC7C00513A0222E7FDFB9E769F7F
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-buls-suppressedtags: 378069,1671813,2209344,3290144,4298965,4298968,4298969,4751696,5306497,6375195,6572226,6948167,17085210,17085216,17162522,17358857,19743902,21627712,21631370,22401293,22410500,22598977,22680210,22680213,22680214,22836558,22946650,23909858,24401375,24462656,24515087,25514973,33592839,34388130,35682372,36472266,36546380,36546381,36546382,36569418,36708451,36773964,36791688,36811158,36811159,36963655,37288035,37876293,37876294,37889309,38293640,38535900,38543496,38580697,38637954,38922202,39076766,39076767,39105358,39613840,39966341,40437001,40935455,41003225,41207258,41502555,41711299,41952657,41964885,42272991,42496725,42513088,42815875,42857251,50406866,50431969,50619726,50622685,50622687,51451613,51504083,51667010,545783884,557077970,557670930,558735363,559423838,559424262,559486496,559760215,559760216,570507662,571786073,571786074,574468116,575157663,575157664,575157665,575157666,575157667,575157696,575157697,575157698,575157699,575157700,575157701,575157702,577295376,577626581,578164000,587862985,591729363,592556551,592843145,593780815,593838232,594134597,594396706,594830612,595137156,595714715,595895774,596115913,596444186,596464289,845836083,845836084,845836085,846166132,876178018,963472182,1630679666,1630679667,1633958006,1647605351,1664576567,1698260075,1718235956,1765045358,1802139698,1986689397,1986689633,1986689647,1986748791,1986748793,1986749030,1986749288,1986749546,2004443760,2004444278,2004448354,2037215329
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 5b08deb7-1ee6-4ab3-98fe-90b9a0ccf885
x-officefd: BL6PEPF0000B9EF
x-usersessionid: 2852048e-2856-405d-af71-c59e111533ec
date: Tue, 31 Aug 2021 22:21:09 GMT
x-download-options: noopen
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-type: text/plain
access-control-allow-origin: https://excel.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: CD75F250236E405CB5A512BFC75F8C62 Ref B: AM3EDGE0907 Ref C: 2021-08-31T22:21:09Z

GET
H2 200 segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame 351B 35 KB
36 KB 74ms
25ms Font
application/font-woff2 104.111.225.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Requested by: Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=en-US&rs=en-US&hid=w7NAvV1SqEWwOwiDg01s5w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F9E33C105D0E01468%211566&wde=xlsx&sc=host%3D%26qt%3DFolders&wdp=7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.225.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-185.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 31 Aug 2021 22:21:09 GMT
last-modified: Thu, 02 Nov 2017 17:22:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: hl8dtlRfyUovRETdYOe7xg==
etag: 0x8D522163B704E10
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: acf6ab5b-401e-0096-046c-528ffc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=22908680
x-ms-version: 2009-09-19
content-length: 36344

GET
H2 200 excel-app-intl-lazy-exp.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h895EC7D88C4C288C__layouts/App_Scripts/1033/ Frame 351B 373 KB
50 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h895EC7D88C4C288C__layouts/App_Scripts/1033/excel-app-intl-lazy-exp.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

895ec7d88c4c288caddf988ac7e607027f62620fba43df50c89154f002f4ce1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"8be9f473499d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF000068E6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 50830
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Tue, 24 Aug 2021 16:24:03 GMT
x-officefd: AM4PEPF000068AF
x-msedge-ref: Ref A: 7B3B8CBE25544A8E92077522237CC75B Ref B: AM3EDGE0914 Ref C: 2021-08-24T16:24:03Z
x-usersessionid: 867523ab-4154-4c01-9af3-65c979c552c2
date: Tue, 31 Aug 2021 22:21:09 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 867523ab-4154-4c01-9af3-65c979c552c2
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 common50.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h523E66C69E810D5D__layouts/App_Scripts/ Frame 351B 1 MB
239 KB 10ms
10ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h523E66C69E810D5D__layouts/App_Scripts/common50.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hE26C4E03E9BEBA4C__layouts/App_Scripts/runtime.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

523e66c69e810d5dd1d34fcaadd9beb9ce85669784c036f88cf29135292f11f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"c9d93890ba9cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF00006948
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 242996
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Sun, 29 Aug 2021 09:45:12 GMT
x-officefd: AM4PEPF0000601A
x-msedge-ref: Ref A: 35651CE8AFAF4DE4B5EBD0C97C46C0EA Ref B: AM3EDGE0810 Ref C: 2021-08-29T09:45:12Z
x-usersessionid: b6c5406d-9644-429a-9492-f6c693a7bcbe
date: Tue, 31 Aug 2021 22:21:09 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b6c5406d-9644-429a-9492-f6c693a7bcbe
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appChromeLazy.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h10CF3794C7F4996A__layouts/App_Scripts/ Frame 351B 405 KB
93 KB 14ms
14ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h10CF3794C7F4996A__layouts/App_Scripts/appChromeLazy.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hE26C4E03E9BEBA4C__layouts/App_Scripts/runtime.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

10cf3794c7f4996ad37add1681db3419a3014923c49a6ce74d369f7b46dedca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"0793451499d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF000068FD
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 94374
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 24 Aug 2021 16:23:05 GMT
x-officefd: AM4PEPF0000F385
x-msedge-ref: Ref A: C1CF553FCBDA449AB1928B06193C6410 Ref B: AMS04EDGE1515 Ref C: 2021-08-24T16:23:05Z
x-usersessionid: db22063b-d393-45c8-a853-fad8898fe7d7
date: Tue, 31 Aug 2021 22:21:09 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: db22063b-d393-45c8-a853-fad8898fe7d7
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.tm.js Show response
c1h-excel-15.cdn.office.net/x/s/hE80AED26DD45DAEE__layouts/App_Scripts/ Frame 351B 145 KB
37 KB 17ms
15ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hE80AED26DD45DAEE__layouts/App_Scripts/Ewa.tm.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e80aed26dd45daeefa49c42b48410cc226d78c6a8ff28edebe66131c03217f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"97c4c78b99cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF000068E8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 36741
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Sun, 29 Aug 2021 09:37:23 GMT
x-officefd: AM4PEPF000068B7
x-msedge-ref: Ref A: 8CEE8617146049EFBFC13311B2847BF8 Ref B: AM3EDGE0618 Ref C: 2021-08-29T09:37:23Z
x-usersessionid: 6b290c10-c4b8-4126-881d-3c400d48f264
date: Tue, 31 Aug 2021 22:21:09 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 6b290c10-c4b8-4126-881d-3c400d48f264
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.acc.js Show response
c1h-excel-15.cdn.office.net/x/s/h1996937A27ADAA7F__layouts/App_Scripts/ Frame 351B 285 KB
63 KB 19ms
18ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h1996937A27ADAA7F__layouts/App_Scripts/Ewa.acc.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1996937a27adaa7f3c960787f70c61526406b57e13f396380014f6944086c179

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"6cac5278b99cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF0000690A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 63699
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Sun, 29 Aug 2021 09:37:23 GMT
x-officefd: AM4PEPF000068AD
x-msedge-ref: Ref A: 94C68A333F284BC8A60C6EB728B8A97E Ref B: AM3EDGE1016 Ref C: 2021-08-29T09:37:23Z
x-usersessionid: 70d0821d-8495-4847-8393-6980613a80d9
date: Tue, 31 Aug 2021 22:21:09 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 70d0821d-8495-4847-8393-6980613a80d9
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.cuixas.js Show response
c1h-excel-15.cdn.office.net/x/s/h2053DC47F79EE7DF__layouts/App_Scripts/ Frame 351B 755 KB
143 KB 16ms
9ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h2053DC47F79EE7DF__layouts/App_Scripts/Ewa.cuixas.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2053dc47f79ee7dfe973fa1ea4ee8e7493bf26abdba8d280f30a3d6b7791354e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"d9134190ba9cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF00006926
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 145568
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
last-modified: Sun, 29 Aug 2021 09:45:12 GMT
x-officefd: AM4PEPF000068AE
x-msedge-ref: Ref A: 6EA39FFB9BF0443288753B5A6B7796C0 Ref B: AM3EDGE0408 Ref C: 2021-08-29T09:45:12Z
x-usersessionid: ebb79600-0dfb-40e7-bd18-a584e7e926c1
date: Tue, 31 Aug 2021 22:21:09 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: ebb79600-0dfb-40e7-bd18-a584e7e926c1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.tp.js Show response
c1h-excel-15.cdn.office.net/x/s/h59C2F162A8AAE52A__layouts/App_Scripts/ Frame 351B 47 KB
12 KB 20ms
15ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h59C2F162A8AAE52A__layouts/App_Scripts/Ewa.tp.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

59c2f162a8aae52afe0adc519eb083f0cfdc241c1aae34ae9fad80cd08a924e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"9dc06690ba9cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF000068D0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 11751
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
last-modified: Sun, 29 Aug 2021 09:45:13 GMT
x-officefd: AM4PEPF000068BF
x-msedge-ref: Ref A: 9C517B3CDD8B47C883A4939E964037D2 Ref B: AM3EDGE0910 Ref C: 2021-08-29T09:45:13Z
x-usersessionid: 863bbb7f-7b3f-4220-a5d1-b57f8755afb8
date: Tue, 31 Aug 2021 22:21:09 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 863bbb7f-7b3f-4220-a5d1-b57f8755afb8
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.FileMenuSlr.js Show response
c1h-excel-15.cdn.office.net/x/s/hAD26C1D060A66513__layouts/App_Scripts/1033/ Frame 351B 15 KB
3 KB 21ms
16ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hAD26C1D060A66513__layouts/App_Scripts/1033/Ewa.FileMenuSlr.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ad26c1d060a66513500ea9133c8744ae849039530e6984260513679a28a8d353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "53ee535c619ad71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF0000693F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2169
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 26 Aug 2021 10:01:38 GMT
x-officefd: AM4PEPF000068A5
x-msedge-ref: Ref A: 7E4A8DB53E4C42C7A4BF8B1805227178 Ref B: AMS04EDGE1315 Ref C: 2021-08-26T10:42:18Z
x-usersessionid: a9d4c020-b997-4dbf-bc43-7f1c1335bb05
date: Tue, 31 Aug 2021 22:21:09 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: a9d4c020-b997-4dbf-bc43-7f1c1335bb05
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 38613042657
fs.microsoft.com/fs/4.7/rawguids/ Frame 351B 1 MB
542 KB 24ms
24ms Font
application/octet-stream 2.18.232.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.microsoft.com/fs/4.7/rawguids/38613042657
Requested by: Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=en-US&rs=en-US&hid=w7NAvV1SqEWwOwiDg01s5w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F9E33C105D0E01468%211566&wde=xlsx&sc=host%3D%26qt%3DFolders&wdp=7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-120.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ebb2a7b2457c2c4d03b2653248880bc768505208c77d13da7ea9899ac2b475e5

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 22:21:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 May 2018 19:13:41 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "2a49823dce3d31:0"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=79149
Transfer-Encoding: chunked
Content-Disposition: attachment; filename=38613042657
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
X-CID: 2

GET
H2 200 EwrNov.css
c1h-excel-15.cdn.office.net/x/s/hFF4F0503BFB84BC6__layouts/Resources/1033/ Frame 351B 11 KB
3 KB 9ms
8ms Stylesheet
text/css 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hFF4F0503BFB84BC6__layouts/Resources/1033/EwrNov.css

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ff4f0503bfb84bc60a84d31bd5d9dc2d84f42ac8810ea5add2ff09a3d772f817

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "bc252b87e93d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF0000690D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2079
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 17 Aug 2021 15:44:09 GMT
x-officefd: AM4PEPF000068A5
x-msedge-ref: Ref A: 124E5621DD224D3E9FC0B9F6D8A59D09 Ref B: AM3EDGE0407 Ref C: 2021-08-21T07:45:06Z
x-usersessionid: e1af5a7e-3624-45b1-a261-5a4e738ff885
date: Tue, 31 Aug 2021 22:21:10 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: e1af5a7e-3624-45b1-a261-5a4e738ff885
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaNov.png
c1h-excel-15.cdn.office.net/x/s/hF987E2D9828EAD77__layouts/Resources/ Frame 351B 10 KB
11 KB 9ms
8ms Image
image/png 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hF987E2D9828EAD77__layouts/Resources/EwaNov.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f987e2d9828ead776cb236e3efa082920c6605fd4bc3676bc93447ef677657c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "68f4ff898493d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF00006929
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 10090
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
last-modified: Tue, 17 Aug 2021 16:25:49 GMT
x-officefd: AM4PEPF000068B2
x-msedge-ref: Ref A: 26406245C5A8432484A3055581A968E5 Ref B: AMS04EDGE1116 Ref C: 2021-08-20T16:43:06Z
x-usersessionid: ca35e74a-4957-47aa-a3d6-e05380bd5cfa
date: Tue, 31 Aug 2021 22:21:10 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: ca35e74a-4957-47aa-a3d6-e05380bd5cfa
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.StatusBar.js Show response
c1h-excel-15.cdn.office.net/x/s/h11A9FC961777A821__layouts/App_Scripts/1033/ Frame 351B 12 KB
2 KB 6ms
6ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h11A9FC961777A821__layouts/App_Scripts/1033/Ewa.StatusBar.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

11a9fc961777a821d4524e402e6cfd183f55d788560f4c23b9db1d6e84d33ae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "57bb27308493d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF0000692B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1584
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice_control,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 17 Aug 2021 16:23:18 GMT
x-officefd: AM4PEPF000068BF
x-msedge-ref: Ref A: 65B1E8DBDD374803882A522C274C9599 Ref B: AMS04EDGE1115 Ref C: 2021-08-21T00:13:08Z
x-usersessionid: aaf545ff-1fd2-4e07-944f-59b9b0e15770
date: Tue, 31 Aug 2021 22:21:10 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: aaf545ff-1fd2-4e07-944f-59b9b0e15770
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaCommon.png
c1h-excel-15.cdn.office.net/x/s/h2F95CDDC41D79343__layouts/Resources/1033/ Frame 351B 19 KB
20 KB 7ms
7ms Image
image/png 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h2F95CDDC41D79343__layouts/Resources/1033/EwaCommon.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2f95cddc41d79343acd4194569538eb07ae5bdd1ec90469253f41ee5db530b67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "8df89e78509ad71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF0000690A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 19229
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Thu, 26 Aug 2021 08:00:44 GMT
x-officefd: AM4PEPF000068B6
x-msedge-ref: Ref A: C33A84E185AB46CFA4DF1BE10FE84165 Ref B: AM3EDGE0912 Ref C: 2021-08-26T12:39:09Z
x-usersessionid: 2914e563-7d71-4b7a-a35f-5f82338244ac
date: Tue, 31 Aug 2021 22:21:10 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 2914e563-7d71-4b7a-a35f-5f82338244ac
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery-1.7.2-39eeb07e.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/ 92 KB
33 KB 61ms
21ms Script
application/javascript 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 Aug 2021 22:21:10 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Fri, 30 Jul 2021 00:23:58 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D952F052F0FBCD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2617d585-501e-001c-323f-8ed44d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29486706
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 wac_s_office-a592e508.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/ 334 KB
102 KB 72ms
33ms Script
application/javascript 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/wac_s_office-a592e508.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 826c8cb5cf5d54dcc703ee78e087d46bfd2100c170027b6d36515055ab5dbb8c

Request headers

Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 Aug 2021 22:21:10 GMT
content-encoding: gzip
content-md5: pZLlCEL76DqQWxH4Vmkcbw==
content-length: 104197
x-ms-lease-status: unlocked
last-modified: Fri, 30 Jul 2021 00:24:09 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D952F0592AFB78
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d559f06e-f01e-0005-173f-8e54f6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29486805
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 otelFull.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h36DA7C3931E03AE2__layouts/App_Scripts/ Frame 351B 103 KB
29 KB 6ms
6ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h36DA7C3931E03AE2__layouts/App_Scripts/otelFull.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

36da7c3931e03ae21506b0e7a9a26573e414d4ca7bb659c7c6c8a421a79efb6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"d0eb954d499d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF00006932
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 28386
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
last-modified: Tue, 24 Aug 2021 16:22:59 GMT
x-officefd: AM4PEPF0000689E
x-msedge-ref: Ref A: 6F3394ECCCE941A686C37C58ADF359A9 Ref B: AMS04EDGE1515 Ref C: 2021-08-24T16:23:09Z
x-usersessionid: 895457c4-3a46-4224-a206-d0ed2e91d3e0
date: Tue, 31 Aug 2021 22:21:10 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 895457c4-3a46-4224-a206-d0ed2e91d3e0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 uiSlice20.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h9615FF4B87D99F98__layouts/App_Scripts/ Frame 351B 546 KB
100 KB 8ms
7ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h9615FF4B87D99F98__layouts/App_Scripts/uiSlice20.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hE26C4E03E9BEBA4C__layouts/App_Scripts/runtime.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9615ff4b87d99f9828dab66cb960228f86461ef0cf4e543fe193996a09df5dc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"58ca4879b99cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF00006919
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 101528
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wordcapacity_control,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Sun, 29 Aug 2021 09:37:24 GMT
x-officefd: AM4PEPF0000689E
x-msedge-ref: Ref A: 5C8E5253D0814382AAE8F5953840835B Ref B: AM3EDGE0813 Ref C: 2021-08-29T09:37:24Z
x-usersessionid: 6ba2fd1b-9189-49e3-aa2b-872471f8ba71
date: Tue, 31 Aug 2021 22:21:10 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 6ba2fd1b-9189-49e3-aa2b-872471f8ba71
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 common50.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h523E66C69E810D5D__layouts/App_Scripts/ Frame 351B 1 MB
239 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h523E66C69E810D5D__layouts/App_Scripts/common50.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

523e66c69e810d5dd1d34fcaadd9beb9ce85669784c036f88cf29135292f11f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"c9d93890ba9cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF00006948
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 242996
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Sun, 29 Aug 2021 09:45:12 GMT
x-officefd: AM4PEPF0000601A
x-msedge-ref: Ref A: 35651CE8AFAF4DE4B5EBD0C97C46C0EA Ref B: AM3EDGE0810 Ref C: 2021-08-29T09:45:12Z
x-usersessionid: b6c5406d-9644-429a-9492-f6c693a7bcbe
date: Tue, 31 Aug 2021 22:21:10 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b6c5406d-9644-429a-9492-f6c693a7bcbe
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
excel.officeapps.live.com/x/ Frame 351B 0
259 B 197ms
196ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/RemoteUls.ashx?officeserverversion=16.0.14424.35904&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wQIu79qZ45wnQ_DQyKnH1OIAv4sT30wqhSXkfWtadj6tO1MByBaGJBHG8K84TfIcyh6sM5wTb8g9HyLZjJvwGwnSpUDBR1aRfkqzys51e6OAdaRYKRZuTYwDenJhe-5x33LeoQZK-ygR74qOThRObhw
X-UserSessionId: 2852048e-2856-405d-af71-c59e111533ec
X-OfficeVersion: 16.0.14424.35904
X-Key: G5Q3ST9OBE1gPsmDpUDPW2IGM4+Vnmy4iQRuhNS8UO4=,637660452686649851
X-bULS-SuppressionETag: 5DFFECF679A2FC7C00513A0222E7FDFB9E769F7F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=en-US&rs=en-US&hid=w7NAvV1SqEWwOwiDg01s5w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F9E33C105D0E01468%211566&wde=xlsx&sc=host%3D%26qt%3DFolders&wdp=7
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1632262868099
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS5
x-officeversion: 16.0.14423.41001
x-officefe: SN3PEPF0000CD68
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 5DFFECF679A2FC7C00513A0222E7FDFB9E769F7F
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 871ea324-7173-4530-9f69-bae2ac03d753
x-officefd: SN3PEPF0000CD68
x-usersessionid: 2852048e-2856-405d-af71-c59e111533ec
date: Tue, 31 Aug 2021 22:21:10 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://excel.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 5B5796EAFF614A4E9C3FE1D0C1B00335 Ref B: AM3EDGE0907 Ref C: 2021-08-31T22:21:10Z

GET
H2 200 dialogControls.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h66DFEC665C0315B6__layouts/App_Scripts/ Frame 351B 21 KB
5 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h66DFEC665C0315B6__layouts/App_Scripts/dialogControls.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

66dfec665c0315b6db48387940314f6d45e523d00ba97b800eb27057aa5ea341

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"78d5179b99cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF000068CE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 4926
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Sun, 29 Aug 2021 09:37:24 GMT
x-officefd: AM4PEPF000068B2
x-msedge-ref: Ref A: A0EF98C1B58146F49EE5C7CA43E20456 Ref B: AM3EDGE0115 Ref C: 2021-08-29T09:37:24Z
x-usersessionid: 71b325e0-57fa-43d2-8434-23e36231ad2b
date: Tue, 31 Aug 2021 22:21:10 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 71b325e0-57fa-43d2-8434-23e36231ad2b
accept-ranges: bytes
timing-allow-origin: *

OPTIONS
H2 200 SDXReleaseDataPackages
mrodevicemgr.officeapps.live.com/mrodevicemgrsvc/api/v1/ Frame 0
0 96ms
28ms Preflight 52.109.76.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mrodevicemgr.officeapps.live.com/mrodevicemgrsvc/api/v1/SDXReleaseDataPackages
Protocol: H2
Server: 52.109.76.40 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,dmsactivityid,haep,x-accesstoken,x-accesstokenttl,x-key,x-officeversion,x-requested-with,x-usersessionid,x-usertype,x-waccluster,x-xhr
Origin: https://excel.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-allow-headers: content-type,dmsactivityid,haep,x-accesstoken,x-accesstokenttl,x-key,x-officeversion,x-requested-with,x-usersessionid,x-usertype,x-waccluster,x-xhr
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Tue, 31 Aug 2021 22:21:10 GMT
content-length: 0

GET
H2 200 Ewa.shell.js Show response
c1h-excel-15.cdn.office.net/x/s/hB40079D2B7F54BD7__layouts/App_Scripts/ Frame 351B 5 KB
2 KB 13ms
6ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hB40079D2B7F54BD7__layouts/App_Scripts/Ewa.shell.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b40079d2b7f54bd72e1aa594a6386e491cc06d21b53fb4d2c6294286937b5363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"4521cf66499d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF0000691F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 1487
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
last-modified: Tue, 24 Aug 2021 16:23:41 GMT
x-officefd: AM4PEPF000068AD
x-msedge-ref: Ref A: D6D8B85D3BE34695AAC3FC827B7F7D2C Ref B: AM3EDGE0818 Ref C: 2021-08-24T16:23:41Z
x-usersessionid: e2fa1338-d30a-47c8-9924-7c27800c038f
date: Tue, 31 Aug 2021 22:21:10 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: e2fa1338-d30a-47c8-9924-7c27800c038f
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 BeaconHandler.ashx
excel.officeapps.live.com/x/_layouts/ Frame 351B 542 B
814 B 109ms
109ms Ping
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_layouts/BeaconHandler.ashx?WacUserType=WOPI&usid=2852048e-2856-405d-af71-c59e111533ec&NoAuth=1&waccluster=PNL1&WebMethod=Xlplt

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5b40665a9c6eda7ee5b01320fae0bc3bda499e8df67c518193f944683dc70c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=en-US&rs=en-US&hid=w7NAvV1SqEWwOwiDg01s5w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F9E33C105D0E01468%211566&wde=xlsx&sc=host%3D%26qt%3DFolders&wdp=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officefd: AM4PEPF0000689F
x-officeversion: 16.0.14424.35904
x-officefe: AM4PEPF00006945
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 421
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 74947628-aa67-4a8d-b755-33393790559c
x-officecluster: PNL1
x-usersessionid: 2852048e-2856-405d-af71-c59e111533ec
date: Tue, 31 Aug 2021 22:21:10 GMT
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://excel.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 9DC9DB9FA53A4AA2B01AD22DDA9AAAF1 Ref B: AM3EDGE0907 Ref C: 2021-08-31T22:21:10Z
timing-allow-origin: *

POST
H2 202 SDXReleaseDataPackages Show response
mrodevicemgr.officeapps.live.com/mrodevicemgrsvc/api/v1/ Frame 351B 5 KB
5 KB 29ms
23ms XHR
application/json 52.109.76.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mrodevicemgr.officeapps.live.com/mrodevicemgrsvc/api/v1/SDXReleaseDataPackages
Requested by: Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.109.76.40 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 967a0c7847dc55938b49b1e4c00b686a0619135f79afc5c3f9c1549966750037

Request headers

DMSActivityId: 8dcc04fb-8cbc-4bda-815a-b8dc1f674b40
haep: 1
X-AccessToken: 4wQIu79qZ45wnQ_DQyKnH1OIAv4sT30wqhSXkfWtadj6tO1MByBaGJBHG8K84TfIcyh6sM5wTb8g9HyLZjJvwGwnSpUDBR1aRfkqzys51e6OAdaRYKRZuTYwDenJhe-5x33LeoQZK-ygR74qOThRObhw
X-UserSessionId: 2852048e-2856-405d-af71-c59e111533ec
X-OfficeVersion: 16.0.14424.35904
X-Key: G5Q3ST9OBE1gPsmDpUDPW2IGM4+Vnmy4iQRuhNS8UO4=,637660452686649851
Content-Type: application/json
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://excel.officeapps.live.com/
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1632262868099
X-WacCluster: PNL1

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 22:21:10 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
content-length: 4811
expires: -1

GET
H2 200 tellme-strings.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hB5BBBAC6F82F08FE__layouts/App_Scripts/1033/ Frame 351B 323 B
871 B 9ms
6ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hB5BBBAC6F82F08FE__layouts/App_Scripts/1033/tellme-strings.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b5bbbac6f82f08fe4a60b10ba1209e77a100d12f4e0ec1673d03900f40e93e85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "5a1270a0829dd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14424.35904
x-officefe: AM4PEPF000068E6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 170
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 30 Aug 2021 09:37:19 GMT
x-officefd: AM4PEPF000068B6
x-msedge-ref: Ref A: 70AF88CA1F60477888AFC6D18A69A228 Ref B: AMS04EDGE1317 Ref C: 2021-08-31T13:10:15Z
x-usersessionid: b135413f-25bf-46f8-bc6d-5d4a2e9179b4
date: Tue, 31 Aug 2021 22:21:10 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b135413f-25bf-46f8-bc6d-5d4a2e9179b4
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excel-uiSlice20-sprite-exp.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h2348B3C2E0885D6E__layouts/App_Scripts/1033/ Frame 351B 1 MB
120 KB 8ms
6ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h2348B3C2E0885D6E__layouts/App_Scripts/1033/excel-uiSlice20-sprite-exp.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2348b3c2e0885d6ef0b5cab433598241fa786dfe011d190a0999fa38d8603c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"6d40ff74499d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF000068DB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 122177
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
last-modified: Tue, 24 Aug 2021 16:24:05 GMT
x-officefd: AM4PEPF0000F385
x-msedge-ref: Ref A: B5B8765FFB2B47BB8DEFC571BAAE205D Ref B: AM3EDGE0617 Ref C: 2021-08-24T16:24:05Z
x-usersessionid: 676fcd0f-8573-4e7a-8b23-8b215240ed3f
date: Tue, 31 Aug 2021 22:21:10 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 676fcd0f-8573-4e7a-8b23-8b215240ed3f
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 shellstrings.json Show response
c1h-excel-15.cdn.office.net/x/s/161442435904__layouts/App_Scripts/suiteux-shell/strings/en/ Frame 351B 13 KB
5 KB 9ms
8ms XHR
application/json 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161442435904__layouts/App_Scripts/suiteux-shell/strings/en/shellstrings.json

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h10CF3794C7F4996A__layouts/App_Scripts/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5bbcdd1950c8ea5dcc245f8db9c7da4c6b323ff5d790140ce198d2ae63da225d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"80d3bd9ba9cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF00006946
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 4314
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
last-modified: Sun, 29 Aug 2021 09:47:15 GMT
x-officefd: AM4PEPF000068B6
x-msedge-ref: Ref A: 8A9F06C552BF417999F062E059229757 Ref B: AM3EDGE0214 Ref C: 2021-08-29T09:47:15Z
x-usersessionid: 68566ded-c888-46dc-8704-146ebb92f92a
date: Tue, 31 Aug 2021 22:21:10 GMT
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-correlationid: 68566ded-c888-46dc-8704-146ebb92f92a
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaOther_m2.png
c1h-excel-15.cdn.office.net/x/s/hDDACFF985568D458__layouts/Resources/1033/ Frame 351B 22 KB
22 KB 11ms
6ms Image
image/png 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hDDACFF985568D458__layouts/Resources/1033/EwaOther_m2.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ddacff985568d4587ff00bcd1e6ec886c89eb143994d862a67338c356e3c42d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "6e708a4b619ad71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF00006942
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3,2pfz=afd_wordcapacity_4_control
content-length: 22266
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3,afd_wordcapacity_4_control
last-modified: Thu, 26 Aug 2021 10:01:10 GMT
x-officefd: AM4PEPF000068B8
x-msedge-ref: Ref A: 2787AAF1DC8445BAB96F27BFDF1CE771 Ref B: AM3EDGE0716 Ref C: 2021-08-27T18:28:24Z
x-usersessionid: 27245719-f4b4-48d6-bb1c-37042f221b4a
date: Tue, 31 Aug 2021 22:21:11 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 27245719-f4b4-48d6-bb1c-37042f221b4a
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.kpae.js Show response
c1h-excel-15.cdn.office.net/x/s/hF21E85D85278E679__layouts/App_Scripts/ Frame 351B 434 KB
101 KB 8ms
6ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hF21E85D85278E679__layouts/App_Scripts/Ewa.kpae.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f21e85d85278e67961225cf71b02aa6d069ee33c871b8bf1cc7c8af377a9275f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"d8dcf67ab99cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF0000601F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 102531
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Sun, 29 Aug 2021 09:37:27 GMT
x-officefd: AM4PEPF000068AE
x-msedge-ref: Ref A: BB3C9971404B4C7981A0557A041F7A5A Ref B: AM3EDGE0518 Ref C: 2021-08-29T09:37:27Z
x-usersessionid: 2523b1b1-78e4-4026-acab-ebeb40309ec1
date: Tue, 31 Aug 2021 22:21:11 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 2523b1b1-78e4-4026-acab-ebeb40309ec1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.commentpane.js Show response
c1h-excel-15.cdn.office.net/x/s/hC3000C7D955AD6F8__layouts/App_Scripts/ Frame 351B 117 KB
30 KB 13ms
12ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hC3000C7D955AD6F8__layouts/App_Scripts/Ewa.commentpane.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c3000c7d955ad6f8c261633f98c86d8fd735714927aa9b531ad54951c7cf37da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"2089f890ba9cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF00006952
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 30062
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Sun, 29 Aug 2021 09:45:14 GMT
x-officefd: AM4PEPF000068AF
x-msedge-ref: Ref A: 5F7DE12426F54AA8A4ADC023E050B5B9 Ref B: AMS04EDGE1112 Ref C: 2021-08-29T09:45:14Z
x-usersessionid: 9ce6b78d-026c-44f4-9790-786d4864a436
date: Tue, 31 Aug 2021 22:21:11 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 9ce6b78d-026c-44f4-9790-786d4864a436
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.pi.js Show response
c1h-excel-15.cdn.office.net/x/s/h9C50F694C2921D7F__layouts/App_Scripts/ Frame 351B 217 KB
50 KB 13ms
11ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h9C50F694C2921D7F__layouts/App_Scripts/Ewa.pi.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9c50f694c2921d7f2e61d60eddb0c21f601da8b37a1b2489b6574c7393f63cf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"e9feaa79b99cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF0000693F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 50353
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Sun, 29 Aug 2021 09:37:25 GMT
x-officefd: AM4PEPF0000601C
x-msedge-ref: Ref A: CF9E2779D84E4E14B5E01C6C1BB390A3 Ref B: AM3EDGE0617 Ref C: 2021-08-29T09:37:25Z
x-usersessionid: 115f23ff-a4b0-4801-b64a-0e73825fdaf9
date: Tue, 31 Aug 2021 22:21:11 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 115f23ff-a4b0-4801-b64a-0e73825fdaf9
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 suiteux.shell.consappdata.js Show response
c1h-excel-15.cdn.office.net/x/s/161442435904__layouts/App_Scripts/suiteux-shell/js/ Frame 351B 7 KB
3 KB 15ms
14ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161442435904__layouts/App_Scripts/suiteux-shell/js/suiteux.shell.consappdata.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h10CF3794C7F4996A__layouts/App_Scripts/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

90d08dcdae93d1b095c4e71601487a1f722e0906ec3807718feef38461a93640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"2a5655fbe9cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF000068E8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1944
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Sun, 29 Aug 2021 10:12:28 GMT
x-officefd: AM4PEPF000068B6
x-msedge-ref: Ref A: 3B7E635577CA4901B8B5829E65CCC532 Ref B: AMS04EDGE1421 Ref C: 2021-08-29T10:12:28Z
x-usersessionid: 35b36c57-1bf6-4a28-b410-03adb71ff690
date: Tue, 31 Aug 2021 22:21:11 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 35b36c57-1bf6-4a28-b410-03adb71ff690
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.oauth.js Show response
c1h-excel-15.cdn.office.net/x/s/hEFB509A9F4B3859D__layouts/App_Scripts/ Frame 351B 27 KB
7 KB 13ms
12ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hEFB509A9F4B3859D__layouts/App_Scripts/Ewa.oauth.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

efb509a9f4b3859de39e800132d5f87347b5d31d04a8f139148f4fa0065c16cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"7dcdfd90ba9cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF000068FE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 6537
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wordcapacity,afd_visioslice,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Sun, 29 Aug 2021 09:45:14 GMT
x-officefd: AM4PEPF000068AD
x-msedge-ref: Ref A: 8F7CCD2BBA9F46FD8C8343FBC72C3081 Ref B: AMS04EDGE1609 Ref C: 2021-08-29T09:45:14Z
x-usersessionid: 1f54ec2f-b6d0-4be2-a9ba-1943745a56d5
date: Tue, 31 Aug 2021 22:21:11 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 1f54ec2f-b6d0-4be2-a9ba-1943745a56d5
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.savestatus.js Show response
c1h-excel-15.cdn.office.net/x/s/hD157B7018ADB5E27__layouts/App_Scripts/ Frame 351B 8 KB
3 KB 14ms
6ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hD157B7018ADB5E27__layouts/App_Scripts/Ewa.savestatus.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d157b7018adb5e27275cd86597988bb2398d266ab0cdaf73c58936ba951344fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"3581ed79b99cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF0000692B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2264
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
last-modified: Sun, 29 Aug 2021 09:37:25 GMT
x-officefd: AM4PEPF000068BF
x-msedge-ref: Ref A: 817DC218FB914368B6EF3B0BF32E4551 Ref B: AM3EDGE0617 Ref C: 2021-08-29T09:37:25Z
x-usersessionid: 9cd6c2af-477c-4a37-ac4a-67071efdfe80
date: Tue, 31 Aug 2021 22:21:11 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 9cd6c2af-477c-4a37-ac4a-67071efdfe80
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.agave.js Show response
c1h-excel-15.cdn.office.net/x/s/hBC97D59CBFBB25F3__layouts/App_Scripts/ Frame 351B 477 KB
93 KB 32ms
1ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hBC97D59CBFBB25F3__layouts/App_Scripts/Ewa.agave.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bc97d59cbfbb25f36df26942e9da2329650fcbd733582aba6007037ad0c7e28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"3925191ba9cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF0000691E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 94254
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Sun, 29 Aug 2021 09:45:14 GMT
x-officefd: AM4PEPF0000601C
x-msedge-ref: Ref A: D4810D6B124840E4B45D938E1ED80B16 Ref B: AMS04EDGE1707 Ref C: 2021-08-29T09:45:14Z
x-usersessionid: 5fd07d08-ad23-4356-939f-b8c26dc4c093
date: Tue, 31 Aug 2021 22:21:11 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 5fd07d08-ad23-4356-939f-b8c26dc4c093
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.le.js Show response
c1h-excel-15.cdn.office.net/x/s/hC5DED20CABD9D33D__layouts/App_Scripts/ Frame 351B 87 KB
21 KB 36ms
5ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hC5DED20CABD9D33D__layouts/App_Scripts/Ewa.le.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c5ded20cabd9d33d15f59f31e00c781c490637bf5b20f0674670189001179c15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"76f797ab99cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF0000690A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 20733
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Sun, 29 Aug 2021 09:37:26 GMT
x-officefd: AM4PEPF0000F385
x-msedge-ref: Ref A: 02EFB9C913984DF29E85ED5DC2749E14 Ref B: AM3EDGE0120 Ref C: 2021-08-29T09:37:26Z
x-usersessionid: 08810371-92e1-44da-8249-c05b38eb39fc
date: Tue, 31 Aug 2021 22:21:11 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 08810371-92e1-44da-8249-c05b38eb39fc
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excel-uiSlice20-sprite.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h8B7E6E9BC542F9D5__layouts/App_Scripts/1033/ Frame 351B 426 KB
49 KB 44ms
12ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h8B7E6E9BC542F9D5__layouts/App_Scripts/1033/excel-uiSlice20-sprite.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8b7e6e9bc542f9d526d4363ce316df91e1eb78e777a104241125dd1cea127a77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"5013075499d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF000068DD
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 49580
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 24 Aug 2021 16:24:05 GMT
x-officefd: AM4PEPF000068C1
x-msedge-ref: Ref A: C74C348912164DC2B9BA2A51E2E5B025 Ref B: AM3EDGE0111 Ref C: 2021-08-24T16:24:05Z
x-usersessionid: 6edaa71f-e6c9-4a21-b4ad-c475ab15a2ea
date: Tue, 31 Aug 2021 22:21:11 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 6edaa71f-e6c9-4a21-b4ad-c475ab15a2ea
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame 351B 2 KB
2 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1b6542ec22e83e7ef429790974aa6b9ddbb8f3ebf6e19a3d1be795ff010d0df

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
H2 200 segoeui-semilight-final.woff
c1h-excel-15.cdn.office.net/x/s/hE6BADC2A49867D22__layouts/Resources/1033/ Frame 351B 25 KB
26 KB 25ms
2ms Font
font/x-woff 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hE6BADC2A49867D22__layouts/Resources/1033/segoeui-semilight-final.woff

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hE6BADC2A49867D22__layouts/Resources/1033/excelframe.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e018e8b8973a4a204f322e3afe6439ac1055c5a52b9b8dcf63635e42fe89003c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://c1h-excel-15.cdn.office.net/x/s/hE6BADC2A49867D22__layouts/Resources/1033/excelframe.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"9c1bed6ca898d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF000068DB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 25997
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Tue, 24 Aug 2021 05:25:18 GMT
x-officefd: AM4PEPF0000601B
x-msedge-ref: Ref A: 5C1E20A585E84F559C59015E71EE9C01 Ref B: AM3EDGE0608 Ref C: 2021-08-24T05:25:17Z
x-usersessionid: cfb333d9-e2d9-4b6a-898c-bd9d1c32f962
date: Tue, 31 Aug 2021 22:21:11 GMT
content-type: font/x-woff
access-control-allow-origin: *
x-correlationid: cfb333d9-e2d9-4b6a-898c-bd9d1c32f962
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 segoeui-semibold.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame 351B 31 KB
32 KB 26ms
25ms Font
application/font-woff2 104.111.225.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2
Requested by: Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=en-US&rs=en-US&hid=w7NAvV1SqEWwOwiDg01s5w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F9E33C105D0E01468%211566&wde=xlsx&sc=host%3D%26qt%3DFolders&wdp=7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.225.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-225-185.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 31 Aug 2021 22:21:11 GMT
last-modified: Thu, 26 Oct 2017 19:02:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: ZtEeVbekE932qE6Fhpfntg==
etag: 0x8D51CA4122953A7
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: 7e674b6c-001e-0087-216e-521548000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=22909809
x-ms-version: 2009-09-19
content-length: 31824

GET
H2 200 suiteux.shell.core.js Show response
c1h-excel-15.cdn.office.net/x/s/161442435904__layouts/App_Scripts/suiteux-shell/js/ Frame 351B 259 KB
71 KB 8ms
6ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161442435904__layouts/App_Scripts/suiteux-shell/js/suiteux.shell.core.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h10CF3794C7F4996A__layouts/App_Scripts/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b91e8650f0b8f369d9d4646b494fcde7f635dd31e5af8ef3bd82f18f4bbdf17b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"3925191ba9cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF0000691E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 71445
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_visioslice_control,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Sun, 29 Aug 2021 09:45:14 GMT
x-officefd: AM4PEPF000068B2
x-msedge-ref: Ref A: AA7ADE81A1D344F689064056F2E46533 Ref B: AMS04EDGE1607 Ref C: 2021-08-29T09:45:14Z
x-usersessionid: ce79807c-d0ec-4304-bcd8-a9a0941892e1
date: Tue, 31 Aug 2021 22:21:11 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: ce79807c-d0ec-4304-bcd8-a9a0941892e1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wac2-bf8b3319.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/ 310 KB
107 KB 20ms
19ms Script
application/javascript 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/wac2-bf8b3319.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 71d842c9de99f8965d973113b192dd688f1b5d6615a177251c3f141e2ef5f771

Request headers

Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 Aug 2021 22:21:11 GMT
content-encoding: gzip
content-md5: v4szGe0O1pyqsqnSLW8nTQ==
content-length: 109104
x-ms-lease-status: unlocked
last-modified: Fri, 30 Jul 2021 00:24:09 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D952F0592CD092
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 850a30aa-901e-004e-493f-8ea8a5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29486763
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 wac0-efa56458.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/ 15 KB
6 KB 22ms
22ms Script
application/javascript 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/wac0-efa56458.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 09f6c8293dec26567f220f12acd488876fbbf40ad2c67e0f0f4766de6bda8981

Request headers

Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 Aug 2021 22:21:11 GMT
content-encoding: gzip
content-md5: 76VkWOHqhHqIEEUyr6GMKg==
content-length: 5910
x-ms-lease-status: unlocked
last-modified: Fri, 30 Jul 2021 00:24:08 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D952F058CC2867
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e20a47cb-c01e-001e-5b3f-8e6af5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29486711
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 wac1-cdc297b4.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/ 47 KB
14 KB 23ms
22ms Script
application/javascript 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/wac1-cdc297b4.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b323d86681653d7e2e92716f79f18a324b1337dd9ad3d456644ca9fb7493ffa3

Request headers

Origin: https://onedrive.live.com
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 Aug 2021 22:21:11 GMT
content-encoding: gzip
content-md5: zcKXtFHbuejuppPFKcKOyw==
content-length: 14062
x-ms-lease-status: unlocked
last-modified: Fri, 30 Jul 2021 00:24:08 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D952F058E8B64C
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: df61373a-e01e-0026-593f-8ece35000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29486758
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 Ewa.kffa.js Show response
c1h-excel-15.cdn.office.net/x/s/hE5E17BCEA988CD66__layouts/App_Scripts/ Frame 351B 400 KB
90 KB 9ms
8ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hE5E17BCEA988CD66__layouts/App_Scripts/Ewa.kffa.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e5e17bcea988cd66d1785c1465c194e051ff90ce8148ffeb8ab6678c3b983d76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"5c26877ab99cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF00006914
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 90787
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
last-modified: Sun, 29 Aug 2021 09:37:26 GMT
x-officefd: AM4PEPF0000689D
x-msedge-ref: Ref A: CB2E5995E9464AF0A9DADF78A9AAA8FA Ref B: AM3EDGE0813 Ref C: 2021-08-29T09:37:26Z
x-usersessionid: b3a4ed49-6a0c-4582-9c52-161bed8fd8a2
date: Tue, 31 Aug 2021 22:21:11 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b3a4ed49-6a0c-4582-9c52-161bed8fd8a2
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.zoom.js Show response
c1h-excel-15.cdn.office.net/x/s/h36C30040BE91BD7A__layouts/App_Scripts/ Frame 351B 17 KB
5 KB 8ms
7ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h36C30040BE91BD7A__layouts/App_Scripts/Ewa.zoom.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

36c30040be91bd7ab9a9d6b2f7b1ea1b7d3a69031bb0d64050aee0fc6d59d3d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"4fd5867ab99cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF00006943
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control,2pfz=afd_wordcapacity_4_control
content-length: 4394
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_visioslice_control,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control,afd_wordcapacity_4_control
last-modified: Sun, 29 Aug 2021 09:37:26 GMT
x-officefd: AM4PEPF000068A5
x-msedge-ref: Ref A: 7B51869B71B0423682AA029E1E796C78 Ref B: AM3EDGE0614 Ref C: 2021-08-29T09:37:26Z
x-usersessionid: 2b70ae3b-f0b3-469a-8292-007e69e6755f
date: Tue, 31 Aug 2021 22:21:11 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 2b70ae3b-f0b3-469a-8292-007e69e6755f
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.calc.js Show response
c1h-excel-15.cdn.office.net/x/s/hA0ED8E0F46AB470C__layouts/App_Scripts/ Frame 351B 80 KB
20 KB 8ms
7ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hA0ED8E0F46AB470C__layouts/App_Scripts/Ewa.calc.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a0ed8e0f46ab470cacef268dad03349e5fb931a902c380ebea1bbd7f187f2af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"c220a07ab99cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF00006919
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 19718
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
last-modified: Sun, 29 Aug 2021 09:37:27 GMT
x-officefd: AM4PEPF0000F385
x-msedge-ref: Ref A: E8ABF0E0652F40EBB14151509C99CBC8 Ref B: AMS04EDGE1206 Ref C: 2021-08-29T09:37:27Z
x-usersessionid: 8953b26d-67d2-4f01-9f9a-33ff3e113898
date: Tue, 31 Aug 2021 22:21:11 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 8953b26d-67d2-4f01-9f9a-33ff3e113898
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
excel.officeapps.live.com/x/ Frame 351B 0
673 B 149ms
148ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/RemoteUls.ashx?officeserverversion=16.0.14424.35904&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wQIu79qZ45wnQ_DQyKnH1OIAv4sT30wqhSXkfWtadj6tO1MByBaGJBHG8K84TfIcyh6sM5wTb8g9HyLZjJvwGwnSpUDBR1aRfkqzys51e6OAdaRYKRZuTYwDenJhe-5x33LeoQZK-ygR74qOThRObhw
X-UserSessionId: 2852048e-2856-405d-af71-c59e111533ec
X-OfficeVersion: 16.0.14424.35904
X-Key: G5Q3ST9OBE1gPsmDpUDPW2IGM4+Vnmy4iQRuhNS8UO4=,637660452686649851
X-bULS-SuppressionETag: 5DFFECF679A2FC7C00513A0222E7FDFB9E769F7F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=en-US&rs=en-US&hid=w7NAvV1SqEWwOwiDg01s5w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F9E33C105D0E01468%211566&wde=xlsx&sc=host%3D%26qt%3DFolders&wdp=7
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1632262868099
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS5
x-officeversion: 16.0.14423.41001
x-officefe: SN3PEPF0000C070
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 5DFFECF679A2FC7C00513A0222E7FDFB9E769F7F
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3,2pfz=afd_wordcapacity_4_control
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3,afd_wordcapacity_4_control
x-correlationid: b4b67609-661f-4a50-98f4-cb9fc584d0cc
x-officefd: SN3PEPF0000C070
x-usersessionid: 2852048e-2856-405d-af71-c59e111533ec
date: Tue, 31 Aug 2021 22:21:10 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://excel.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: B6DF40725453463AB13845D33296F23D Ref B: AM3EDGE0907 Ref C: 2021-08-31T22:21:11Z

GET
H2 200 copyPasteInfra.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h09CBE101E5BB7202__layouts/App_Scripts/ Frame 351B 112 KB
22 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h09CBE101E5BB7202__layouts/App_Scripts/copyPasteInfra.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

09cbe101e5bb72022ec7a00caf0abb027a7c7a9c0206e0d1c364cd8190fd48a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"1bd0fc67499d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF000068EF
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3,2pfz=afd_wordcapacity_4_control
content-length: 21591
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3,afd_wordcapacity_4_control
last-modified: Tue, 24 Aug 2021 16:23:43 GMT
x-officefd: AM4PEPF000068A5
x-msedge-ref: Ref A: 313DF3FBB6F34067BFC0C9EBEB65E517 Ref B: AM3EDGE0709 Ref C: 2021-08-24T16:23:43Z
x-usersessionid: 382df36a-a7dc-4bed-9820-55bc3fd4319a
date: Tue, 31 Aug 2021 22:21:11 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 382df36a-a7dc-4bed-9820-55bc3fd4319a
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 clipboardPlatform.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h67624C3C844278CD__layouts/App_Scripts/ Frame 351B 157 KB
30 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h67624C3C844278CD__layouts/App_Scripts/clipboardPlatform.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

67624c3c844278cdd81dd835c2e981abd992e107f945babfd16f7a08299ef9c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"4649668499d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF0000690A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3,2pfz=afd_wordcapacity_4
content-length: 29824
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3,afd_wordcapacity_4
last-modified: Tue, 24 Aug 2021 16:23:43 GMT
x-officefd: AM4PEPF000068C0
x-msedge-ref: Ref A: 76E6252AC4D54C978A47C3101CB419FD Ref B: AM3EDGE0617 Ref C: 2021-08-24T16:23:43Z
x-usersessionid: 0af4f725-a46b-43a8-bdd5-119da56d1de8
date: Tue, 31 Aug 2021 22:21:11 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 0af4f725-a46b-43a8-bdd5-119da56d1de8
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 makerstorage.js Show response
c1h-excel-15.cdn.office.net/x/s/h53410C4D9D9B2ADE__layouts/App_Scripts/ Frame 351B 81 KB
12 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h53410C4D9D9B2ADE__layouts/App_Scripts/makerstorage.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

53410c4d9d9b2ade43bde400537d1749c8415e0c1350ddd790fab0dc3a3138f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "ccf38d3a8493d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF00006926
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 11659
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 17 Aug 2021 16:23:35 GMT
x-officefd: AM4PEPF000068AD
x-msedge-ref: Ref A: 24B50D4073494D53B2F8DEF9DF793C07 Ref B: AMS04EDGE1208 Ref C: 2021-08-21T05:24:13Z
x-usersessionid: 2e8ce651-b7a9-4784-a810-2af9d3df0d61
date: Tue, 31 Aug 2021 22:21:11 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 2e8ce651-b7a9-4784-a810-2af9d3df0d61
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 hammer.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h883922A710E857E9__layouts/App_Scripts/ Frame 351B 24 KB
6 KB 6ms
6ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h883922A710E857E9__layouts/App_Scripts/hammer.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

883922a710e857e94b35fd6748792782280a859e154e4db2e4c0b4876dfa61ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "1799ee78699ad71:0"
x-officecluster: PIE1
x-officeversion: 16.0.14422.35901
x-officefe: DB5PEPF00008318
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 5366
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Thu, 26 Aug 2021 10:59:42 GMT
x-officefd: DB5PEPF000082C6
x-usersessionid: 65e453f5-0b5b-4d6c-827e-391e2832cdbe
date: Tue, 31 Aug 2021 22:21:11 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 65e453f5-0b5b-4d6c-827e-391e2832cdbe
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excelOnlineCalcStable.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h19AB948818896C4E__layouts/App_Scripts/ Frame 351B 945 KB
216 KB 6ms
6ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h19AB948818896C4E__layouts/App_Scripts/excelOnlineCalcStable.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

19ab948818896c4ede59b390be0e79b04105e88dee774c8d868eb96ae3f88178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"c695267bb99cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF000068FE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 219799
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Sun, 29 Aug 2021 09:37:27 GMT
x-officefd: AM4PEPF000068B7
x-msedge-ref: Ref A: 58407B6A85F24DFC8F3D9A7F755C5F40 Ref B: AM3EDGE1016 Ref C: 2021-08-29T09:37:27Z
x-usersessionid: 3ec60ebb-47d3-4694-b53e-395ffec4b5f5
date: Tue, 31 Aug 2021 22:21:11 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 3ec60ebb-47d3-4694-b53e-395ffec4b5f5
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.commonui.js Show response
c1h-excel-15.cdn.office.net/x/s/hEE5E764672602931__layouts/App_Scripts/ Frame 351B 21 KB
6 KB 10ms
10ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hEE5E764672602931__layouts/App_Scripts/Ewa.commonui.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ee5e764672602931f31d681fcd0e1150d617a8e4d8bbcd999ed51930f53b8664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"9c693f91ba9cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF0000692B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 5390
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
last-modified: Sun, 29 Aug 2021 09:45:14 GMT
x-officefd: AM4PEPF0000601C
x-msedge-ref: Ref A: D1924F8CC1464281BE6747894ADD4929 Ref B: AM3EDGE0208 Ref C: 2021-08-29T09:45:14Z
x-usersessionid: c81fbe50-ab43-445a-b3af-d14c78c0c28b
date: Tue, 31 Aug 2021 22:21:11 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: c81fbe50-ab43-445a-b3af-d14c78c0c28b
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 proxy Show response
skyapi.onedrive.live.com/api/ Frame 357C 448 B
555 B 91ms
30ms Document
text/html 13.104.208.165
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://skyapi.onedrive.live.com/api/proxy?v=3

Requested by

Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/wac_s_office-a592e508.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.104.208.165 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b75e2161fc0e6fdadef210b391b117852f75fa88b85e057092b18b1fe0b60f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: skyapi.onedrive.live.com
:scheme: https
:path: /api/proxy?v=3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onedrive.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: xid=afa726f0-f469-41ae-9dac-272bd4f779c7&&RDE42AAC886AA0&287; wla42=; mkt=en-US; xidseq=2; E=P:GYB3oc1s2Yg=:bEuYRXXbZqaV5Fh1H77DRiyDTExTounAx4lyz8mJJfc=:F
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://onedrive.live.com/

Response headers

cache-control: public
content-length: 295
content-type: text/html
content-encoding: gzip
expires: Wed, 31 Aug 2022 22:21:11 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-msnserver: DB3PPF1DA0962A1
strict-transport-security: max-age=31536000; includeSubDomains
ms-cv: e7lTkAUSrUe5REaiKplRkw.0
x-asmversion: UNKNOWN; 19.742.813.2004
date: Tue, 31 Aug 2021 22:21:10 GMT

GET
H2 200 officebrowserfeedback_floodgate.js Show response
c1h-excel-15.cdn.office.net/x/s/hFBAA3C48C9EEB1D1__layouts/App_Scripts/Feedback/latest/ Frame 351B 494 KB
96 KB 6ms
6ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hFBAA3C48C9EEB1D1__layouts/App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fbaa3c48c9eeb1d12294075cf9b0038e4e952acf821e68b3e52f89a96ac1c90c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "1ef446a2769dd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14424.35904
x-officefe: AM4PEPF00006941
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 97105
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 30 Aug 2021 08:11:28 GMT
x-officefd: AM4PEPF000068A7
x-msedge-ref: Ref A: 5303EC0E1EBC4FBE93588657E5BBBDE8 Ref B: AM3EDGE0907 Ref C: 2021-08-31T13:03:27Z
x-usersessionid: 6e102b12-5804-4a2c-9f5d-34ddf0964aa1
date: Tue, 31 Aug 2021 22:21:11 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 6e102b12-5804-4a2c-9f5d-34ddf0964aa1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.tlv.js Show response
c1h-excel-15.cdn.office.net/x/s/h0B90CAFB7EB27240__layouts/App_Scripts/ Frame 351B 162 KB
37 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h0B90CAFB7EB27240__layouts/App_Scripts/Ewa.tlv.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0b90cafb7eb27240a2495d2db6cc2d1f579668b7d04d540e87844ad384fa9d1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"4f154291ba9cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF00006915
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 37350
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_excelslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Sun, 29 Aug 2021 09:45:14 GMT
x-officefd: AM4PEPF000068AD
x-msedge-ref: Ref A: 30886F77D185466DA09BB79D67D8CEF0 Ref B: AMS04EDGE1319 Ref C: 2021-08-29T09:45:14Z
x-usersessionid: fb4695ee-4b4e-4b78-92c5-712ce5d72e6c
date: Tue, 31 Aug 2021 22:21:11 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: fb4695ee-4b4e-4b78-92c5-712ce5d72e6c
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.kmhv.js Show response
c1h-excel-15.cdn.office.net/x/s/h46AC0EC77BDC063F__layouts/App_Scripts/ Frame 351B 468 KB
101 KB 12ms
7ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h46AC0EC77BDC063F__layouts/App_Scripts/Ewa.kmhv.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

46ac0ec77bdc063f357b5db0836f05a4b380a7ed1385703996cf8a5fd77746a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "9ab18579b99cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF00006912
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 102438
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Sun, 29 Aug 2021 09:37:25 GMT
x-officefd: AM4PEPF000068AD
x-msedge-ref: Ref A: B9E183773E6447329A05B488D008B06F Ref B: AM3EDGE1010 Ref C: 2021-08-29T09:45:14Z
x-usersessionid: 56c9572f-53ec-45a2-b50e-5d032a430154
date: Tue, 31 Aug 2021 22:21:11 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 56c9572f-53ec-45a2-b50e-5d032a430154
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 me Show response
amcdn.msftauth.net/ Frame 351B 27 KB
9 KB 30ms
9ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://amcdn.msftauth.net/me?partner=ExcelOnline&version=10.21153.1&market=EN-US&wrapperId=suiteshell

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/161442435904__layouts/App_Scripts/suiteux-shell/js/suiteux.shell.core.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

51a744c5188361c8108bd0b7494d5008812a4a64eb7f5537012c2e87180759b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 0YJkuYQAAAABhLxN2tK8LSIe9mkudeiU0TE9OMjFFREdFMDIyMQBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
date: Tue, 31 Aug 2021 22:21:10 GMT
x-azure-ref: 0V6suYQAAAACjqciqkuWzQaTUBVuRw3xrRlJBRURHRTEwMjEAZWFjNWY0OWYtZTAyZC00ZjQxLWIwYTYtMmQ1MGY5ZmNmODRh
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, no-transform, max-age=43200
x-ua-compatible: IE=edge
expires: Wed, 01 Sep 2021 02:54:23 GMT

GET
H2 200 suiteux.shell.plus.js Show response
c1h-excel-15.cdn.office.net/x/s/161442435904__layouts/App_Scripts/suiteux-shell/js/ Frame 351B 274 KB
60 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161442435904__layouts/App_Scripts/suiteux-shell/js/suiteux.shell.plus.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h10CF3794C7F4996A__layouts/App_Scripts/appChromeLazy.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4908bd972c8d649b6b0880fad7ce375e2e36275293622c46faf31b812d01b8d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"66804891ba9cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF00006922
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 60430
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
last-modified: Sun, 29 Aug 2021 09:45:14 GMT
x-officefd: AM4PEPF0000601A
x-msedge-ref: Ref A: 8FCDF32900F3429E94642B6B7EBA76FD Ref B: AMS04EDGE1414 Ref C: 2021-08-29T09:45:14Z
x-usersessionid: 751a8042-febb-42b3-9755-928ea9304f07
date: Tue, 31 Aug 2021 22:21:11 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 751a8042-febb-42b3-9755-928ea9304f07
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
excel.officeapps.live.com/x/ Frame 351B 0
263 B 173ms
170ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/RemoteUls.ashx?officeserverversion=16.0.14424.35904&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wQIu79qZ45wnQ_DQyKnH1OIAv4sT30wqhSXkfWtadj6tO1MByBaGJBHG8K84TfIcyh6sM5wTb8g9HyLZjJvwGwnSpUDBR1aRfkqzys51e6OAdaRYKRZuTYwDenJhe-5x33LeoQZK-ygR74qOThRObhw
X-UserSessionId: 2852048e-2856-405d-af71-c59e111533ec
X-OfficeVersion: 16.0.14424.35904
X-Key: G5Q3ST9OBE1gPsmDpUDPW2IGM4+Vnmy4iQRuhNS8UO4=,637660452686649851
X-bULS-SuppressionETag: 5DFFECF679A2FC7C00513A0222E7FDFB9E769F7F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=en-US&rs=en-US&hid=w7NAvV1SqEWwOwiDg01s5w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F9E33C105D0E01468%211566&wde=xlsx&sc=host%3D%26qt%3DFolders&wdp=7
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1632262868099
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS1
x-officeversion: 16.0.14423.41001
x-officefe: BY3PEPF0000D6FC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 5DFFECF679A2FC7C00513A0222E7FDFB9E769F7F
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
x-correlationid: cbee162a-e916-42e2-9b58-3f1de5759d4d
x-officefd: BY3PEPF0000D6FC
x-usersessionid: 2852048e-2856-405d-af71-c59e111533ec
date: Tue, 31 Aug 2021 22:21:11 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://excel.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 9CCCABDE98414F62913A77DEECB573F2 Ref B: AM3EDGE0907 Ref C: 2021-08-31T22:21:11Z

GET
H2 200 filesbucket3-5286f09d.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001// 8 KB
8 KB 19ms
19ms Image
text/css 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001//filesbucket3-5286f09d.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 Aug 2021 22:21:11 GMT
content-encoding: gzip
content-md5: UobwnR6NXQP2kdlZShV5Pw==
content-length: 2247
x-ms-lease-status: unlocked
last-modified: Fri, 30 Jul 2021 00:23:49 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D952F04DB6994D
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: e0d3d670-801e-0042-723f-8e3fad000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29486858
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2

200

c.gif
c.live.com/
Redirect Chain

https://c.live.com/c.gif?DI=15347&wlxid=afa726f0-f469-41ae-9dac-272bd4f779c7&reqid=0019801459c&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRDE42AAC886AA0%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.bing.com/c.gif?DI=15347&wlxid=afa726f0-f469-41ae-9dac-272bd4f779c7&reqid=0019801459c&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRDE42AAC886AA0%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A...
https://c.live.com/c.gif?DI=15347&wlxid=afa726f0-f469-41ae-9dac-272bd4f779c7&reqid=0019801459c&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRDE42AAC886AA0%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A...

42 B
278 B

29ms
28ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.live.com/c.gif?DI=15347&wlxid=afa726f0-f469-41ae-9dac-272bd4f779c7&reqid=0019801459c&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRDE42AAC886AA0%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.excel%26PLT%3D4504%26IR%3D1%26EX%3D0%26L.h%3D1205%26L.bc%3D1258%26L.ac%3D1267%26L.f%3D1274%26L.sjs%3D4357%26L.ttg%3D2348%26C.st%3D1630448467106%26N.domIn%3D1274%26N.dns%3D9%26N.tcp%3D17%26N.req%3D975%26N.resp%3D10%26N.navType%3D0%26N.redirectCount%3D0&r=0.24939069334809716&CtsSyncId=C4C8BF6E2B1C4666A3ED77FAA595F4B3&MUID=0301E4638F98610926C9F4C78B98658C
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Aug 2021 22:21:12 GMT
last-modified: Fri, 02 Jul 2021 16:12:32 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "9d284f105d6fd71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 31 Aug 2021 22:21:11 GMT
x-msedge-ref: Ref A: B93AF83F6F05492C85C18A4E2443387F Ref B: FRAEDGE1312 Ref C: 2021-08-31T22:21:12Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.live.com/c.gif?DI=15347&wlxid=afa726f0-f469-41ae-9dac-272bd4f779c7&reqid=0019801459c&csiperf=ANON%3D%26NL%3D0%26TP%3D0%26CL%3DRDE42AAC886AA0%26MA%3Den-US%26B%3D0.0.0%26TR%3DNA%252ANA%252A%253ASDX.Skydrive%252AWac.view.F.U.excel%26PLT%3D4504%26IR%3D1%26EX%3D0%26L.h%3D1205%26L.bc%3D1258%26L.ac%3D1267%26L.f%3D1274%26L.sjs%3D4357%26L.ttg%3D2348%26C.st%3D1630448467106%26N.domIn%3D1274%26N.dns%3D9%26N.tcp%3D17%26N.req%3D975%26N.resp%3D10%26N.navType%3D0%26N.redirectCount%3D0&r=0.24939069334809716&CtsSyncId=C4C8BF6E2B1C4666A3ED77FAA595F4B3&MUID=0301E4638F98610926C9F4C78B98658C
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST /
browser.pipe.aria.microsoft.com/Collector/3.0/ 0
0

GET
H/1.1

200
OK

https://storage.live.com/mydata/myprofile/expressionprofile/profilephoto:UserTileStatic,UserTileSmall/MeControlMediumUserTile?ck=1&ex=24&fofoff=1&sc=1630448471886
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1630448471&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252f...

0
0

210ms
115ms

Image
text/html

40.126.31.6
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1630448471&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
Requested by: Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=en-US&rs=en-US&hid=w7NAvV1SqEWwOwiDg01s5w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F9E33C105D0E01468%211566&wde=xlsx&sc=host%3D%26qt%3DFolders&wdp=7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.126.31.6 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
x-msnserver: DB3PPF1DA0962A1
x-qosstats: {"ApiId":0,"ResultType":2,"SourcePropertyId":0,"TargetPropertyId":42}
x-asmversion: UNKNOWN; 19.742.813.2004
date: Tue, 31 Aug 2021 22:21:11 GMT
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1630448471&rver=7.3.6962.0&wp=MBI_SSL&wreply=https:%2F%2Fstorage.live.com%2Fstorageservice%2Fpassport%2Fauth.aspx%3Fsru%3Dhttps:%252f%252fstorage.live.com%252fmydata%252fmyprofile%252fexpressionprofile%252fprofilephoto:UserTileStatic%252cUserTileSmall%252fMeControlMediumUserTile&lc=1033&id=63539
x-throwsite: 4212.9205
x-clienterrorcode: PassportAuthFail
ms-cv: TPcSooQPZ0GGPbRsr0OYmA.0
content-length: 0
x-errorcodechain: Unauthenticated

GET
H2 200 officebrowserfeedback.css
c1h-excel-15.cdn.office.net/x/s/hF38CE06529719C5B__layouts/App_Scripts/Feedback/latest/ Frame 351B 17 KB
3 KB 7ms
6ms Stylesheet
text/css 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hF38CE06529719C5B__layouts/App_Scripts/Feedback/latest/officebrowserfeedback.css

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hFBAA3C48C9EEB1D1__layouts/App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f38ce06529719c5b1b9a7dc1872e73b1f276d69073395208fc2569235f514130

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "7f2c5b526b9ad71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF000068F5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2613
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 26 Aug 2021 11:12:56 GMT
x-officefd: AM4PEPF0000601A
x-msedge-ref: Ref A: F9CFA05478684067A811B6B1A7F61859 Ref B: AM3EDGE0915 Ref C: 2021-08-26T19:26:36Z
x-usersessionid: 4cc2e5d8-9606-4010-b25d-d6c2acd79829
date: Tue, 31 Aug 2021 22:21:12 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 4cc2e5d8-9606-4010-b25d-d6c2acd79829
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officebrowserfeedbackstrings.js Show response
c1h-excel-15.cdn.office.net/x/s/161442435904__layouts/App_Scripts/Feedback/latest/Intl/en/ Frame 351B 2 KB
1 KB 9ms
7ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161442435904__layouts/App_Scripts/Feedback/latest/Intl/en/officebrowserfeedbackstrings.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hFBAA3C48C9EEB1D1__layouts/App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

66a7b3384214fc3480358d41cbcb8bbafe31dc1f4cb4332289f701ccbb85ed1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"7b8d9591ba9cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF000068D0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 722
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Sun, 29 Aug 2021 09:45:15 GMT
x-officefd: AM4PEPF000068B7
x-msedge-ref: Ref A: 31DB0CECB3404C8CB2DF99BDBEBE3F1C Ref B: AM3EDGE0117 Ref C: 2021-08-29T09:45:15Z
x-usersessionid: a714ba92-fe54-4e0f-bf1b-ceda8f9b6347
date: Tue, 31 Aug 2021 22:21:12 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: a714ba92-fe54-4e0f-bf1b-ceda8f9b6347
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 filesbucket3-5286f09d.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001// 8 KB
3 KB 21ms
19ms Stylesheet
text/css 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001//filesbucket3-5286f09d.css
Requested by: Host: spoprod-a.akamaihd.net
URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20210729.001/wac2-bf8b3319.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e4151339e7a1da93c261fe04058e39b43ff0ada1af6a13664df1a582f418a9a6

Request headers

Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 31 Aug 2021 22:21:12 GMT
content-encoding: gzip
content-md5: UobwnR6NXQP2kdlZShV5Pw==
content-length: 2247
x-ms-lease-status: unlocked
last-modified: Fri, 30 Jul 2021 00:23:49 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D952F04DB6994D
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: e0d3d670-801e-0042-723f-8e3fad000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=29486857
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 jquery-1.7.2.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ Frame 357C 93 KB
33 KB 9ms
8ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.7.2.min.js

Requested by

Host: skyapi.onedrive.live.com
URL: https://skyapi.onedrive.live.com/api/proxy?v=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F12) /

Resource Hash

e441bb2cea80ca356c69595682c3b7d76c341566b5f851b352434e9eaadf136b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://skyapi.onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 22:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7062967
x-cache: HIT
content-length: 33717
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:10:59 GMT
server: ECAcc (frc/8F12)
etag: "80385acc33d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 uiFabricLazy.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h4AA0C4620F0D256D__layouts/App_Scripts/ Frame 351B 2 KB
1 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h4AA0C4620F0D256D__layouts/App_Scripts/uiFabricLazy.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hE26C4E03E9BEBA4C__layouts/App_Scripts/runtime.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4aa0c4620f0d256d1d9a7d58e4be78611bc00719f4295555535ae7355e5782b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"3ebbe567499d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF000068E5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3,2pfz=afd_wordcapacity_4
content-length: 764
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3,afd_wordcapacity_4
last-modified: Tue, 24 Aug 2021 16:23:43 GMT
x-officefd: AM4PEPF000068B6
x-msedge-ref: Ref A: EF8347D8DA784618937809F036020DA1 Ref B: AM3EDGE0709 Ref C: 2021-08-24T16:23:43Z
x-usersessionid: 45acf116-fd2f-4dc0-83e4-1b72759614b4
date: Tue, 31 Aug 2021 22:21:12 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 45acf116-fd2f-4dc0-83e4-1b72759614b4
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame 351B 42 KB
16 KB 125ms
27ms Script
application/javascript 104.111.237.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 104.111.237.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-237-183.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 22:21:12 GMT
X-MSNServer: RD0003FF242117
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=65258, public
X-ODWebServer: westeurope1-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

GET
H2 200 shared.aspx Show response
shared.officeapps.live.com/clipboard/ Frame 6FF9 2 KB
2 KB 27ms
19ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://shared.officeapps.live.com/clipboard/shared.aspx?CreatorOrigin=https%3A%2F%2Fexcel.officeapps.live.com&usid=2852048e-2856-405d-af71-c59e111533ec&corrid=eee41de5-292c-4366-ae22-c0476b613734&NoAuth=true

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h67624C3C844278CD__layouts/App_Scripts/clipboardPlatform.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

288949fadd140b5d1ace61f28ed9a8ba2ef36bb718f4d85429fde4625a6dbac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: shared.officeapps.live.com
:scheme: https
:path: /clipboard/shared.aspx?CreatorOrigin=https%3A%2F%2Fexcel.officeapps.live.com&usid=2852048e-2856-405d-af71-c59e111533ec&corrid=eee41de5-292c-4366-ae22-c0476b613734&NoAuth=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://excel.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: xid=afa726f0-f469-41ae-9dac-272bd4f779c7&&RDE42AAC886AA0&287; wla42=; mkt=en-US; xidseq=2; E=P:GYB3oc1s2Yg=:bEuYRXXbZqaV5Fh1H77DRiyDTExTounAx4lyz8mJJfc=:F; BP=l=SDX.Skydrive&FR=&ST=; MUID=0301E4638F98610926C9F4C78B98658C
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://excel.officeapps.live.com/

Response headers

cache-control: private
content-length: 1110
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: DcLcid=ui=1033&data=1033; expires=Tue, 30-Nov-2021 23:21:12 GMT; path=/; samesite=none; secure; HttpOnly PNL1-ARRAffinity=50a0ecc90baec842f1320946ce5c6d780a2a8a2818c18eb86bd1b2ed0192075c;Path=/;Domain=shared.officeapps.live.com; samesite=none; secure
x-correlationid: eee41de5-292c-4366-ae22-c0476b613734
x-usersessionid: 2852048e-2856-405d-af71-c59e111533ec
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF0000601E
x-officeversion: 16.0.14424.35904
x-officecluster: PNL1
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-site
x-officefd: AM4PEPF000068B7
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-msedge-ref: Ref A: 26776A734EF044D9A3AD726AA11D990B Ref B: AM3EDGE0907 Ref C: 2021-08-31T22:21:12Z
date: Tue, 31 Aug 2021 22:21:11 GMT

GET
H2 200 GetObjectMetadata Show response
excel.officeapps.live.com/x/_vti_bin/EwaInternalWebService.json/ Frame 351B 6 KB
2 KB 28ms
27ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_vti_bin/EwaInternalWebService.json/GetObjectMetadata?context=%7B%22WorkbookMetadataParameter%22%3A%7B%22WorkbookMetadataState%22%3A%7B%22MetadataVersion%22%3A0%2C%22ServerEventVersion%22%3A0%7D%7D%2C%22ClientRequestId%22%3A%2264ca6698-f576-41b2-8af1-a4ad9d8c5397%22%2C%22MakeInstantaneousChange%22%3Afalse%2C%22SessionId%22%3A%2215.AM4PEPF000069451.A81.1.V25.65504mav%2F1yb8BZqHdS1rbdGJ14.5.en-US5.en-US24.9e33c105d0e01468-Private1.S1.N16.16.0.14424.3590414.5.en-US5.en-US1.V1.N0.1.S%22%2C%22TransientEditSessionToken%22%3Anull%2C%22PermissionFlags%22%3A786363%2C%22Configurations%22%3A1573648%2C%22CompleteResponseTimeout%22%3A0%2C%22IsWindowHidden%22%3Afalse%2C%22CollaborationParameter%22%3A%7B%22CollaborationState%22%3A%7B%22CollabStateId%22%3A0%2C%22UserListVersion%22%3A0%7D%7D%2C%22ViewModeStateId%22%3A0%2C%22MachineCluster%22%3A%22PNL1%22%2C%22AjaxOptions%22%3A0%2C%22ReturnSheetProcessedData%22%3Afalse%7D&objectMetadataType=3&currentSheetName=%22Feuil1%22&version=-1&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6ca82e755d5f4a9c8b9f31dc50a5cc67f5e18ea44cc33254abeb02762d8cb0a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacNoAuth: 1
X-OfficeVersion: 16.0.14424.35904
X-Key: G5Q3ST9OBE1gPsmDpUDPW2IGM4+Vnmy4iQRuhNS8UO4=,637660452686649851
X-Requested-With: XMLHttpRequest
X-AccessToken: 4wQIu79qZ45wnQ_DQyKnH1OIAv4sT30wqhSXkfWtadj6tO1MByBaGJBHG8K84TfIcyh6sM5wTb8g9HyLZjJvwGwnSpUDBR1aRfkqzys51e6OAdaRYKRZuTYwDenJhe-5x33LeoQZK-ygR74qOThRObhw
X-xhr: 1
X-XL-SessionId: 15.AM4PEPF000069451.A81.1.V25.65504mav/1yb8BZqHdS1rbdGJ14.5.en-US5.en-US24.9e33c105d0e01468-Private1.S1.N16.16.0.14424.3590414.5.en-US5.en-US1.V1.N0.1.S
haep: 1
X-CorrelationId: 48bdc7f5-53a5-44b0-9c2e-1568c90430a9
X-UserSessionId: 2852048e-2856-405d-af71-c59e111533ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json; charset=utf-8
Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=en-US&rs=en-US&hid=w7NAvV1SqEWwOwiDg01s5w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F9E33C105D0E01468%211566&wde=xlsx&sc=host%3D%26qt%3DFolders&wdp=7
X-UserType: WOPI
X-AccessTokenTtl: 1632262868099
X-WacCluster: PNL1

Response headers

xlsecsid: AM4PEPF00006945
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14424.35904
x-officefe: AM4PEPF00006945
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
xlswfecid: 48bdc7f5-53a5-44b0-9c2e-1568c90430a9
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1430
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 48bdc7f5-53a5-44b0-9c2e-1568c90430a9
x-officefd: AM4PEPF000068B2
x-usersessionid: 2852048e-2856-405d-af71-c59e111533ec
date: Tue, 31 Aug 2021 22:21:11 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, max-age=604800
xlsecscid: 48bdc7f5-53a5-44b0-9c2e-1568c90430a9
x-msedge-ref: Ref A: A2BF4A52A615486EB26EC94F83F866A4 Ref B: AM3EDGE0907 Ref C: 2021-08-31T22:21:12Z
timing-allow-origin: *

GET
H2 200 comment-pane-strings.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h3A2C33DAFBB46725__layouts/App_Scripts/1033/ Frame 351B 9 KB
3 KB 9ms
6ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h3A2C33DAFBB46725__layouts/App_Scripts/1033/comment-pane-strings.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3a2c33dafbb46725336e7c4d28662f28331daf07215d754c1802e8112005f1be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "42b31b9d9493d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF000068F5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 2233
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
last-modified: Tue, 17 Aug 2021 18:20:53 GMT
x-officefd: AM4PEPF000068AD
x-msedge-ref: Ref A: 47DD39C594C744EDA6884C897CEABC20 Ref B: AM3EDGE0214 Ref C: 2021-08-24T21:28:11Z
x-usersessionid: 3bf11f19-441f-4cb8-8801-ce5462037dd7
date: Tue, 31 Aug 2021 22:21:12 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 3bf11f19-441f-4cb8-8801-ce5462037dd7
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteTelemetry.ashx Show response
excel.officeapps.live.com/x/_layouts/ Frame 351B 0
359 B 23ms
23ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_layouts/RemoteTelemetry.ashx

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=en-US&rs=en-US&hid=w7NAvV1SqEWwOwiDg01s5w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F9E33C105D0E01468%211566&wde=xlsx&sc=host%3D%26qt%3DFolders&wdp=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF0000689F
x-officeversion: 16.0.14424.35904
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: aba739d1-1bb1-4756-8b7c-56cf5235dc2a
x-officecluster: PNL1
x-usersessionid: aba739d1-1bb1-4756-8b7c-56cf5235dc2a
date: Tue, 31 Aug 2021 22:21:11 GMT
x-download-options: noopen
access-control-allow-origin: https://excel.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 0CF89B647AE14A4AB1790A575CEB84B6 Ref B: AM3EDGE0907 Ref C: 2021-08-31T22:21:12Z
timing-allow-origin: *
x-officefe: AM4PEPF00006945

GET
H2 200 sharedComments.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hB798F0B7B611960F__layouts/App_Scripts/ Frame 351B 411 KB
79 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hB798F0B7B611960F__layouts/App_Scripts/sharedComments.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b798f0b7b611960f602a0188ee89a220faa7d4ebb7412310f7694b5b67f841ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"2a15fb91ba9cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF00006916
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 80518
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Sun, 29 Aug 2021 09:45:15 GMT
x-officefd: AM4PEPF0000F385
x-msedge-ref: Ref A: 8DC8F66D1F2246F69C908696FE7CC719 Ref B: AMS04EDGE1607 Ref C: 2021-08-29T09:45:15Z
x-usersessionid: 0c1652d7-c8d8-4959-8382-ad7718d8e8f5
date: Tue, 31 Aug 2021 22:21:12 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 0c1652d7-c8d8-4959-8382-ad7718d8e8f5
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK sharedclipboard.min.js Show response
c1-shared-15.cdn.office.net/clipboard/s/161442435904_App_Scripts/ Frame 6FF9 66 KB
15 KB 33ms
10ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-shared-15.cdn.office.net/clipboard/s/161442435904_App_Scripts/sharedclipboard.min.js

Requested by

Host: shared.officeapps.live.com
URL: https://shared.officeapps.live.com/clipboard/shared.aspx?CreatorOrigin=https%3A%2F%2Fexcel.officeapps.live.com&usid=2852048e-2856-405d-af71-c59e111533ec&corrid=eee41de5-292c-4366-ae22-c0476b613734&NoAuth=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

729505f53f34362e4c35dd04ef79ee35c8f3128ea4e5a71f7d2047d5380ff5b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://shared.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"982ee6b7ba9cd71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14422.35901
X-OfficeFE: AM4PEPF000068FF
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 14260
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Sun, 29 Aug 2021 09:46:19 GMT
X-OFFICEFD: AM4PEPF000068AF
X-MSEdge-Ref: Ref A: 0265AB74FE804A32B79D493B5AA62D13 Ref B: AM3EDGE0418 Ref C: 2021-08-29T09:46:19Z
X-UserSessionId: f307456a-fac5-4fb6-9a7a-adf7a8141332
Date: Tue, 31 Aug 2021 22:21:12 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: f307456a-fac5-4fb6-9a7a-adf7a8141332
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 GetHasUntrustedImageUrls Show response
excel.officeapps.live.com/x/_vti_bin/EwaInternalWebService.json/ Frame 351B 1 KB
1 KB 27ms
26ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_vti_bin/EwaInternalWebService.json/GetHasUntrustedImageUrls?context=%7B%22WorkbookMetadataParameter%22%3A%7B%22WorkbookMetadataState%22%3A%7B%22MetadataVersion%22%3A0%2C%22ServerEventVersion%22%3A0%7D%7D%2C%22ClientRequestId%22%3A%221e50a7a3-2d5b-419a-9223-adba04660c7e%22%2C%22MakeInstantaneousChange%22%3Afalse%2C%22SessionId%22%3A%2215.AM4PEPF000069451.A81.1.V25.65504mav%2F1yb8BZqHdS1rbdGJ14.5.en-US5.en-US24.9e33c105d0e01468-Private1.S1.N16.16.0.14424.3590414.5.en-US5.en-US1.V1.N0.1.S%22%2C%22TransientEditSessionToken%22%3Anull%2C%22PermissionFlags%22%3A786363%2C%22Configurations%22%3A1573648%2C%22CompleteResponseTimeout%22%3A0%2C%22IsWindowHidden%22%3Afalse%2C%22CollaborationParameter%22%3A%7B%22CollaborationState%22%3A%7B%22CollabStateId%22%3A0%2C%22UserListVersion%22%3A0%7D%7D%2C%22ViewModeStateId%22%3A0%2C%22MachineCluster%22%3A%22PNL1%22%2C%22AjaxOptions%22%3A0%2C%22ReturnSheetProcessedData%22%3Afalse%7D&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

73f7eea3a67786f37e4a340c748ed25c67ccc230f3873f50f8ce7ad0ebe56469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacNoAuth: 1
X-OfficeVersion: 16.0.14424.35904
X-Key: G5Q3ST9OBE1gPsmDpUDPW2IGM4+Vnmy4iQRuhNS8UO4=,637660452686649851
X-Requested-With: XMLHttpRequest
X-AccessToken: 4wQIu79qZ45wnQ_DQyKnH1OIAv4sT30wqhSXkfWtadj6tO1MByBaGJBHG8K84TfIcyh6sM5wTb8g9HyLZjJvwGwnSpUDBR1aRfkqzys51e6OAdaRYKRZuTYwDenJhe-5x33LeoQZK-ygR74qOThRObhw
X-xhr: 1
X-XL-SessionId: 15.AM4PEPF000069451.A81.1.V25.65504mav/1yb8BZqHdS1rbdGJ14.5.en-US5.en-US24.9e33c105d0e01468-Private1.S1.N16.16.0.14424.3590414.5.en-US5.en-US1.V1.N0.1.S
haep: 1
X-CorrelationId: 1f383010-c8a8-4c8c-a833-eda7cfffea6c
X-UserSessionId: 2852048e-2856-405d-af71-c59e111533ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json; charset=utf-8
Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=en-US&rs=en-US&hid=w7NAvV1SqEWwOwiDg01s5w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F9E33C105D0E01468%211566&wde=xlsx&sc=host%3D%26qt%3DFolders&wdp=7
X-UserType: WOPI
X-AccessTokenTtl: 1632262868099
X-WacCluster: PNL1

Response headers

xlsecsid: AM4PEPF00006945
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14424.35904
x-officefe: AM4PEPF00006945
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
xlswfecid: 1f383010-c8a8-4c8c-a833-eda7cfffea6c
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 883
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: 1f383010-c8a8-4c8c-a833-eda7cfffea6c
x-officefd: AM4PEPF0000601A
x-usersessionid: 2852048e-2856-405d-af71-c59e111533ec
date: Tue, 31 Aug 2021 22:21:11 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
xlsecscid: 1f383010-c8a8-4c8c-a833-eda7cfffea6c
x-msedge-ref: Ref A: D52EB1E9E1E14A76947CDAF098E1EFBA Ref B: AM3EDGE0907 Ref C: 2021-08-31T22:21:12Z
timing-allow-origin: *

GET
H2 200 floatingContainerManager.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hE13FE31829960C08__layouts/App_Scripts/ Frame 351B 39 KB
9 KB 9ms
6ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hE13FE31829960C08__layouts/App_Scripts/floatingContainerManager.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e13fe31829960c08b8ebac3106026055fd8dce0f5e2000f723e1c1e51c38b92a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"bffc06a499d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF00006938
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control,2pfz=afd_wordcapacity_4_control
content-length: 8727
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control,afd_wordcapacity_4_control
last-modified: Tue, 24 Aug 2021 16:23:46 GMT
x-officefd: AM4PEPF000068C0
x-msedge-ref: Ref A: 111B1EC9ED864361955C9D9FDFF04385 Ref B: AMS04EDGE1322 Ref C: 2021-08-24T16:23:46Z
x-usersessionid: 3c99a9b3-76fb-4b48-889c-a8d8fe290318
date: Tue, 31 Aug 2021 22:21:12 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 3c99a9b3-76fb-4b48-889c-a8d8fe290318
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.safelinks.js Show response
c1h-excel-15.cdn.office.net/x/s/h9066D80C5CD524F2__layouts/App_Scripts/ Frame 351B 14 KB
4 KB 8ms
7ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h9066D80C5CD524F2__layouts/App_Scripts/Ewa.safelinks.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2FC3F3CC2762EAB3__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9066d80c5cd524f2e536bfedf82c68ecddedba113e25d4e1aea1ddaa852310b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"d0a8827ab99cd71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14422.35901
x-officefe: AM4PEPF0000690E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 3839
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Sun, 29 Aug 2021 09:37:26 GMT
x-officefd: AM4PEPF0000F385
x-msedge-ref: Ref A: C22BB6DCFB7A4E9690D4818D291BC906 Ref B: AM3EDGE1016 Ref C: 2021-08-29T09:37:26Z
x-usersessionid: fcab90f4-ea5f-457b-a716-f8c04e0859cb
date: Tue, 31 Aug 2021 22:21:12 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: fcab90f4-ea5f-457b-a716-f8c04e0859cb
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 shared.aspx Show response
shared.officeapps.live.com/clipboard/ Frame A45F 2 KB
1 KB 21ms
20ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h67624C3C844278CD__layouts/App_Scripts/clipboardPlatform.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

288949fadd140b5d1ace61f28ed9a8ba2ef36bb718f4d85429fde4625a6dbac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: shared.officeapps.live.com
:scheme: https
:path: /clipboard/shared.aspx?CreatorOrigin=https%3A%2F%2Fexcel.officeapps.live.com&usid=2852048e-2856-405d-af71-c59e111533ec&corrid=eee41de5-292c-4366-ae22-c0476b613734&NoAuth=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://excel.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: xid=afa726f0-f469-41ae-9dac-272bd4f779c7&&RDE42AAC886AA0&287; wla42=; mkt=en-US; xidseq=2; E=P:GYB3oc1s2Yg=:bEuYRXXbZqaV5Fh1H77DRiyDTExTounAx4lyz8mJJfc=:F; BP=l=SDX.Skydrive&FR=&ST=; MUID=0301E4638F98610926C9F4C78B98658C; DcLcid=ui=1033&data=1033; PNL1-ARRAffinity=50a0ecc90baec842f1320946ce5c6d780a2a8a2818c18eb86bd1b2ed0192075c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://excel.officeapps.live.com/

Response headers

cache-control: private
content-length: 1110
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: DcLcid=ui=1033&data=1033; expires=Tue, 30-Nov-2021 23:21:12 GMT; path=/; samesite=none; secure; HttpOnly
x-correlationid: eee41de5-292c-4366-ae22-c0476b613734
x-usersessionid: 2852048e-2856-405d-af71-c59e111533ec
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF0000601E
x-officeversion: 16.0.14424.35904
x-officecluster: PNL1
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-site
x-officefd: AM4PEPF000068C1
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-msedge-ref: Ref A: DE5C1B5022684844A8BEB2FBEB21FFB0 Ref B: AM3EDGE0907 Ref C: 2021-08-31T22:21:12Z
date: Tue, 31 Aug 2021 22:21:11 GMT

GET
H2 200 GetObjectMetadata Show response
excel.officeapps.live.com/x/_vti_bin/EwaInternalWebService.json/ Frame 351B 1 KB
1 KB 25ms
25ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_vti_bin/EwaInternalWebService.json/GetObjectMetadata?context=%7B%22WorkbookMetadataParameter%22%3A%7B%22WorkbookMetadataState%22%3A%7B%22MetadataVersion%22%3A0%2C%22ServerEventVersion%22%3A0%7D%7D%2C%22ClientRequestId%22%3A%22ebdfdfa9-db78-466f-8017-7b68714bae2a%22%2C%22MakeInstantaneousChange%22%3Afalse%2C%22SessionId%22%3A%2215.AM4PEPF000069451.A81.1.V25.65504mav%2F1yb8BZqHdS1rbdGJ14.5.en-US5.en-US24.9e33c105d0e01468-Private1.S1.N16.16.0.14424.3590414.5.en-US5.en-US1.V1.N0.1.S%22%2C%22TransientEditSessionToken%22%3Anull%2C%22PermissionFlags%22%3A786363%2C%22Configurations%22%3A1573648%2C%22CompleteResponseTimeout%22%3A0%2C%22IsWindowHidden%22%3Afalse%2C%22CollaborationParameter%22%3A%7B%22CollaborationState%22%3A%7B%22CollabStateId%22%3A0%2C%22UserListVersion%22%3A0%7D%7D%2C%22ViewModeStateId%22%3A0%2C%22MachineCluster%22%3A%22PNL1%22%2C%22AjaxOptions%22%3A0%2C%22ReturnSheetProcessedData%22%3Afalse%7D&objectMetadataType=3&currentSheetName=%22Feuil1%22&version=0&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4fbc4e02994fcdce092ebab49d88864438b24fb033ac31ba545765da782281b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacNoAuth: 1
X-OfficeVersion: 16.0.14424.35904
X-Key: G5Q3ST9OBE1gPsmDpUDPW2IGM4+Vnmy4iQRuhNS8UO4=,637660452686649851
X-Requested-With: XMLHttpRequest
X-AccessToken: 4wQIu79qZ45wnQ_DQyKnH1OIAv4sT30wqhSXkfWtadj6tO1MByBaGJBHG8K84TfIcyh6sM5wTb8g9HyLZjJvwGwnSpUDBR1aRfkqzys51e6OAdaRYKRZuTYwDenJhe-5x33LeoQZK-ygR74qOThRObhw
X-xhr: 1
X-XL-SessionId: 15.AM4PEPF000069451.A81.1.V25.65504mav/1yb8BZqHdS1rbdGJ14.5.en-US5.en-US24.9e33c105d0e01468-Private1.S1.N16.16.0.14424.3590414.5.en-US5.en-US1.V1.N0.1.S
haep: 1
X-CorrelationId: bac719a2-cca6-4c51-9367-c1b6e300ea70
X-UserSessionId: 2852048e-2856-405d-af71-c59e111533ec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json; charset=utf-8
Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=en-US&rs=en-US&hid=w7NAvV1SqEWwOwiDg01s5w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F9E33C105D0E01468%211566&wde=xlsx&sc=host%3D%26qt%3DFolders&wdp=7
X-UserType: WOPI
X-AccessTokenTtl: 1632262868099
X-WacCluster: PNL1

Response headers

xlsecsid: AM4PEPF00006945
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14424.35904
x-officefe: AM4PEPF00006945
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
xlswfecid: bac719a2-cca6-4c51-9367-c1b6e300ea70
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 860
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: bac719a2-cca6-4c51-9367-c1b6e300ea70
x-officefd: AM4PEPF0000601A
x-usersessionid: 2852048e-2856-405d-af71-c59e111533ec
date: Tue, 31 Aug 2021 22:21:11 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, max-age=604800
xlsecscid: bac719a2-cca6-4c51-9367-c1b6e300ea70
x-msedge-ref: Ref A: 2D4A10DAA08240D9AB27D3CF7C393FF3 Ref B: AM3EDGE0907 Ref C: 2021-08-31T22:21:12Z
timing-allow-origin: *

GET
H2 200 sharedCommentsLazy.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h1D200033E5897086__layouts/App_Scripts/ Frame 351B 482 KB
93 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:2a3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h1D200033E5897086__layouts/App_Scripts/sharedCommentsLazy.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hE26C4E03E9BEBA4C__layouts/App_Scripts/runtime.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1d200033e5897086605f643addc43cb81dcebc4550d09735a891e2f08a115a78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"c289186a499d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14411.35900
x-officefe: AM4PEPF00006921
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 94045
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 24 Aug 2021 16:23:46 GMT
x-officefd: AM4PEPF000068B7
x-msedge-ref: Ref A: F21E695F2D76465BADF7A5DFC5A51F60 Ref B: AM3EDGE0217 Ref C: 2021-08-24T16:23:46Z
x-usersessionid: 43724075-0c35-4ca7-ad9b-784e58dbecaa
date: Tue, 31 Aug 2021 22:21:12 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 43724075-0c35-4ca7-ad9b-784e58dbecaa
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
excel.officeapps.live.com/x/ Frame 351B 0
612 B 178ms
178ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/RemoteUls.ashx?officeserverversion=16.0.14424.35904&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wQIu79qZ45wnQ_DQyKnH1OIAv4sT30wqhSXkfWtadj6tO1MByBaGJBHG8K84TfIcyh6sM5wTb8g9HyLZjJvwGwnSpUDBR1aRfkqzys51e6OAdaRYKRZuTYwDenJhe-5x33LeoQZK-ygR74qOThRObhw
X-UserSessionId: 2852048e-2856-405d-af71-c59e111533ec
X-OfficeVersion: 16.0.14424.35904
X-Key: G5Q3ST9OBE1gPsmDpUDPW2IGM4+Vnmy4iQRuhNS8UO4=,637660452686649851
X-bULS-SuppressionETag: 5DFFECF679A2FC7C00513A0222E7FDFB9E769F7F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=en-US&rs=en-US&hid=w7NAvV1SqEWwOwiDg01s5w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F9E33C105D0E01468%211566&wde=xlsx&sc=host%3D%26qt%3DFolders&wdp=7
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1632262868099
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS1
x-officeversion: 16.0.14423.41001
x-officefe: BY3PEPF0000D6C9
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 5DFFECF679A2FC7C00513A0222E7FDFB9E769F7F
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
x-correlationid: 72e45c22-0aef-4ce7-92cb-70b97198a03c
x-officefd: BY3PEPF0000D6C9
x-usersessionid: 2852048e-2856-405d-af71-c59e111533ec
date: Tue, 31 Aug 2021 22:21:12 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://excel.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: D8A6162BF928467EAA95079B6E52F5CE Ref B: AM3EDGE0907 Ref C: 2021-08-31T22:21:12Z

GET
H/1.1 200
OK sharedclipboard.min.js Show response
c1-shared-15.cdn.office.net/clipboard/s/161442435904_App_Scripts/ Frame A45F 66 KB
15 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-shared-15.cdn.office.net/clipboard/s/161442435904_App_Scripts/sharedclipboard.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

729505f53f34362e4c35dd04ef79ee35c8f3128ea4e5a71f7d2047d5380ff5b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://shared.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"982ee6b7ba9cd71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14422.35901
X-OfficeFE: AM4PEPF000068FF
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 14260
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Sun, 29 Aug 2021 09:46:19 GMT
X-OFFICEFD: AM4PEPF000068AF
X-MSEdge-Ref: Ref A: 0265AB74FE804A32B79D493B5AA62D13 Ref B: AM3EDGE0418 Ref C: 2021-08-29T09:46:19Z
X-UserSessionId: f307456a-fac5-4fb6-9a7a-adf7a8141332
Date: Tue, 31 Aug 2021 22:21:12 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: f307456a-fac5-4fb6-9a7a-adf7a8141332
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 shared.aspx Show response
shared.officeapps.live.com/clipboard/ Frame DE62 2 KB
2 KB 24ms
24ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h67624C3C844278CD__layouts/App_Scripts/clipboardPlatform.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

288949fadd140b5d1ace61f28ed9a8ba2ef36bb718f4d85429fde4625a6dbac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: shared.officeapps.live.com
:scheme: https
:path: /clipboard/shared.aspx?CreatorOrigin=https%3A%2F%2Fexcel.officeapps.live.com&usid=2852048e-2856-405d-af71-c59e111533ec&corrid=eee41de5-292c-4366-ae22-c0476b613734&NoAuth=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://excel.officeapps.live.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://excel.officeapps.live.com/

Response headers

cache-control: private
content-length: 1110
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: DcLcid=ui=1033&data=1033; expires=Tue, 30-Nov-2021 23:21:12 GMT; path=/; samesite=none; secure; HttpOnly PNL1-ARRAffinity=5e02bd0d542ddf6953502106489213f9fa61ece60237e17d810ba73f1d5ad152;Path=/;Domain=shared.officeapps.live.com; samesite=none; secure
x-correlationid: eee41de5-292c-4366-ae22-c0476b613734
x-usersessionid: 2852048e-2856-405d-af71-c59e111533ec
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF000068CB
x-officeversion: 16.0.14424.35904
x-officecluster: PNL1
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-site
x-officefd: AM4PEPF000068A6
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-msedge-ref: Ref A: 98228AC1A5B54C42A5B43CF46A6A38FB Ref B: AM3EDGE0907 Ref C: 2021-08-31T22:21:12Z
date: Tue, 31 Aug 2021 22:21:12 GMT

GET
H/1.1 200
OK sharedclipboard.min.js Show response
c1-shared-15.cdn.office.net/clipboard/s/161442435904_App_Scripts/ Frame DE62 66 KB
15 KB 30ms
29ms Script
application/javascript 2a02:26f0:6c00:294::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-shared-15.cdn.office.net/clipboard/s/161442435904_App_Scripts/sharedclipboard.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

729505f53f34362e4c35dd04ef79ee35c8f3128ea4e5a71f7d2047d5380ff5b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://shared.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"982ee6b7ba9cd71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14422.35901
X-OfficeFE: AM4PEPF000068FF
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 14260
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5
Last-Modified: Sun, 29 Aug 2021 09:46:19 GMT
X-OFFICEFD: AM4PEPF000068AF
X-MSEdge-Ref: Ref A: 0265AB74FE804A32B79D493B5AA62D13 Ref B: AM3EDGE0418 Ref C: 2021-08-29T09:46:19Z
X-UserSessionId: f307456a-fac5-4fb6-9a7a-adf7a8141332
Date: Tue, 31 Aug 2021 22:21:12 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: f307456a-fac5-4fb6-9a7a-adf7a8141332
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx
excel.officeapps.live.com/x/ Frame DE62 0
0 20ms
20ms Ping
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://excel.officeapps.live.com/x/RemoteUls.ashx?usid=2852048e-2856-405d-af71-c59e111533ec
Requested by: Host: c1-shared-15.cdn.office.net
URL: https://c1-shared-15.cdn.office.net/clipboard/s/161442435904_App_Scripts/sharedclipboard.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shared.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://shared.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags

GET
H/1.1 200
OK flat_officeFontsPreview.ttf
fs.microsoft.com/fs/4.9/ Frame 351B 616 KB
354 KB 35ms
34ms Font
application/octet-stream 2.18.232.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.microsoft.com/fs/4.9/flat_officeFontsPreview.ttf
Requested by: Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlviewerinternal.aspx?ui=en-US&rs=en-US&hid=w7NAvV1SqEWwOwiDg01s5w.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F9E33C105D0E01468%211566&wde=xlsx&sc=host%3D%26qt%3DFolders&wdp=7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-120.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f0338a27d7ce3a39ee72a3333bfbc656517010a4fa8e526ccb89e47c71451f37

Request headers

Origin: https://excel.officeapps.live.com
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 22:21:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Oct 2019 21:25:30 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "964dee7d582d51:0"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=131875
Transfer-Encoding: chunked
Content-Disposition: attachment; filename=flat_officeFontsPreview.ttf
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
X-CID: 2

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame 351B 0
397 B 511ms
127ms XHR
application/json 13.89.178.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-CJS-1.2.2&x-apikey=d79e824386c4441cb8c1d4ae15690526-bd443309-5494-444a-aba9-0af9eef99f84-7360
Requested by: Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hFBAA3C48C9EEB1D1__layouts/App_Scripts/Feedback/latest/officebrowserfeedback_floodgate.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.178.26 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 22:21:13 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 435
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 351B 24 B
376 B 530ms
137ms XHR
application/json 13.89.178.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.4.6&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,fad3bd1d8e4b4c06894bd7bac80e4f02-67df67b4-f1fd-4ecd-9d55-4d41540b1757-7724,31d9dd3e4c7046a696537586281d7ed1-06d11dd6-a946-4281-8ac3-a7c2ab4776f5-7063,c274b3e05ac5448dae8fbb7466da6acb-fd6dc8de-18b7-409c-a696-4bd66f7a5322-7902&upload-time=1630448473264&time-delta-to-apply-millis=use-collector-delta&w=2
Requested by: Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h36DA7C3931E03AE2__layouts/App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.178.26 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: f4ce35331abe9a6735c904a3f76fbcbfb547702a7a73ccb2fc135b5abef90b8f

Request headers

Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 31 Aug 2021 22:21:13 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 450
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://excel.officeapps.live.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

POST
H/1.1 200
OK / Show response
browser.pipe.aria.microsoft.com/Collector/3.0/ Frame 351B 0
396 B 126ms
126ms XHR
application/json 13.89.178.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.8.9&x-apikey=c6c190a1b73c4a63bba89835d546cf28-f2a0482f-a00d-48d9-822e-e89cc89eb64d-7688&client-time-epoch-millis=1630448473900&time-delta-to-apply-millis=use-collector-delta
Requested by: Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/161442435904__layouts/App_Scripts/suiteux-shell/js/suiteux.shell.plus.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.178.26 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 22:21:13 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 53
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: kill-tokens, kill-duration-seconds, time-delta-millis
Access-Control-Allow-Headers: Accept, Content-Type, Content-Encoding, Client-Id
Content-Length: 0

GET
H2 200 Plt.mvc
onedrive.live.com/Handlers/ 42 B
506 B 136ms
136ms Image
image/gif 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onedrive.live.com/Handlers/Plt.mvc?bicild=&v=0.0.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:path: /Handlers/Plt.mvc?bicild=&v=0.0.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: onedrive.live.com
referer: https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://onedrive.live.com/view.aspx?resid=9E33C105D0E01468!1566&ithint=file%2cxlsx&authkey=!AGD3BUsv6VK8608
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-msedge-ref: Ref A: 14411F5525E247248DF4A20032498FDF Ref B: FRAEDGE1308 Ref C: 2021-08-31T22:21:16Z
x-odwebserver: canadacentral0-odwebpl
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: image/gif
cache-control: private, max-age=31536000
date: Tue, 31 Aug 2021 22:21:16 GMT
set-cookie: xid=45155e66-d30b-4191-87b6-6257d7932164&&RDE42AAC88DFA5&287; domain=.live.com; path=/ xidseq=1; domain=.live.com; path=/ E=P:4Jp3ps1s2Yg=:hbgDtgVl+YEDG4Scc/LRfijhBkDKWRM6pm+DISCQjQg=:F; domain=.live.com; path=/ pltmode=1; domain=.live.com; expires=Tue, 31-Aug-2021 22:21:26 GMT; path=/ wla42=; domain=live.com; expires=Tue, 07-Sep-2021 22:21:16 GMT; path=/
x-msnserver: RDE42AAC88DFA5
expires: Wed, 31 Aug 2022 22:21:16 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: browser.pipe.aria.microsoft.com
URL: https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=ACT-Web-JS-2.5.0&x-apikey=a23e4f242c9c4097a968f28c62633e19-62d0d830-5afd-4df3-8e40-351c8711cf5c-7157

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.shared.officeapps.live.com/	1969-12-31 23:59:59	Name: PNL1-ARRAffinity Value: 5e02bd0d542ddf6953502106489213f9fa61ece60237e17d810ba73f1d5ad152
			shared.officeapps.live.com/	1970-01-19 23:05:14	Name: DcLcid Value: ui=1033&data=1033

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://c1h-excel-15.cdn.office.net/x/s/h934C070BCE84B969__layouts/App_Scripts/common.min.js(Line 60) Message: Some icons were re-registered. Applications should only call registerIcons for any given icon once. Redefining what an icon is may have unintended consequences. Duplicates include: Search_20, ExcelLogo_36x36x32, Function_20, InsertPicture_20, AppForOfficeLogo_20, PageSetup_20, Requery_20, TextToTable_20, ValidationDefine_20, GroupCells_20 (+ 373 more)
console-api	log	URL: https://c1-shared-15.cdn.office.net/clipboard/s/161442435904_App_Scripts/sharedclipboard.min.js(Line 1) Message: traceTag 596452423 getValidatedOrigin: origin = 'https://excel.officeapps.live.com'; validated origin = 'https://excel.officeapps.live.com' 0 50
console-api	log	URL: https://c1-shared-15.cdn.office.net/clipboard/s/161442435904_App_Scripts/sharedclipboard.min.js(Line 1) Message: traceTag 596452423 getValidatedOrigin: origin = 'https://shared.officeapps.live.com'; validated origin = 'https://shared.officeapps.live.com' 0 50
console-api	log	URL: https://c1-shared-15.cdn.office.net/clipboard/s/161442435904_App_Scripts/sharedclipboard.min.js(Line 1) Message: traceTag 596452423 getValidatedOrigin: origin = 'https://excel.officeapps.live.com'; validated origin = 'https://excel.officeapps.live.com' 0 50
console-api	log	URL: https://c1-shared-15.cdn.office.net/clipboard/s/161442435904_App_Scripts/sharedclipboard.min.js(Line 1) Message: traceTag 596452423 getValidatedOrigin: origin = 'https://shared.officeapps.live.com'; validated origin = 'https://shared.officeapps.live.com' 0 50
console-api	log	URL: https://c1-shared-15.cdn.office.net/clipboard/s/161442435904_App_Scripts/sharedclipboard.min.js(Line 1) Message: traceTag 596452423 getValidatedOrigin: origin = 'https://excel.officeapps.live.com'; validated origin = 'https://excel.officeapps.live.com' 0 50
console-api	log	URL: https://c1-shared-15.cdn.office.net/clipboard/s/161442435904_App_Scripts/sharedclipboard.min.js(Line 1) Message: traceTag 596452423 getValidatedOrigin: origin = 'https://shared.officeapps.live.com'; validated origin = 'https://shared.officeapps.live.com' 0 50
console-api	warning	URL: https://c1h-excel-15.cdn.office.net/x/s/h934C070BCE84B969__layouts/App_Scripts/common.min.js(Line 60) Message: Some icons were re-registered. Applications should only call registerIcons for any given icon once. Redefining what an icon is may have unintended consequences. Duplicates include: Clear_20, DeleteFilter_20, ChartTypeClusteredColumn_48, ChartTypeLine_48, ChartTypePie_48, ChartTypeClusteredBar_48, ChartTypeArea_48, ChartTypeScatter_48, ChartTypeWaterfall_48, ChartTitlesElement_32 (+ 116 more)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
amcdn.msftauth.net
browser.events.data.microsoft.com
browser.pipe.aria.microsoft.com
c.bing.com
c.live.com
c1-shared-15.cdn.office.net
c1h-excel-15.cdn.office.net
excel.officeapps.live.com
fs.microsoft.com
js.live.net
login.live.com
mrodevicemgr.officeapps.live.com
onedrive.live.com
p.sfx.ms
seyedishop.ir
shared.officeapps.live.com
skyapi.onedrive.live.com
spoprod-a.akamaihd.net
static2.sharepointonline.com
storage.live.com
browser.pipe.aria.microsoft.com
104.111.225.185
104.111.237.183
13.104.208.165
13.107.42.13
13.81.118.91
13.89.178.26
152.199.19.160
2.16.186.25
2.18.232.120
2620:1ec:46::45
2620:1ec:a92::171
2620:1ec:c11::200
2a02:26f0:6c00:294::4b36
2a02:26f0:6c00:2a3::1c24
40.126.31.6
5.56.133.100
52.109.76.40
52.142.114.2
077c298ce831ff00fb5193f9ca833868111fa8372b69b1bdf88ddb7d51d6181a
09cbe101e5bb72022ec7a00caf0abb027a7c7a9c0206e0d1c364cd8190fd48a2
09f6c8293dec26567f220f12acd488876fbbf40ad2c67e0f0f4766de6bda8981
0b90cafb7eb27240a2495d2db6cc2d1f579668b7d04d540e87844ad384fa9d1c
10cf3794c7f4996ad37add1681db3419a3014923c49a6ce74d369f7b46dedca8
11a9fc961777a821d4524e402e6cfd183f55d788560f4c23b9db1d6e84d33ae9
1522f5c0f14d035c42540d84ad4d00d92b72240e91784c15c59e12921a1f0d79
1996937a27adaa7f3c960787f70c61526406b57e13f396380014f6944086c179
19ab948818896c4ede59b390be0e79b04105e88dee774c8d868eb96ae3f88178
1c974a9d4f2c4a220f3017c152078d035f283938fcac06e164ed14b4809e9ddb
1d200033e5897086605f643addc43cb81dcebc4550d09735a891e2f08a115a78
2053dc47f79ee7dfe973fa1ea4ee8e7493bf26abdba8d280f30a3d6b7791354e
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
2348b3c2e0885d6ef0b5cab433598241fa786dfe011d190a0999fa38d8603c92
288949fadd140b5d1ace61f28ed9a8ba2ef36bb718f4d85429fde4625a6dbac6
2f95cddc41d79343acd4194569538eb07ae5bdd1ec90469253f41ee5db530b67
2fc3f3cc2762eab3e6a5e4abb575e95bce4446b95d7212a1390a36f20d577e19
32a505ab979fd8c614738033749c061a71262e6bbd906660e040597e0467a5b1
36c30040be91bd7ab9a9d6b2f7b1ea1b7d3a69031bb0d64050aee0fc6d59d3d1
36d53b89b8422877799b6d0c344cf281e486861bcb2e72ded32a45b4355f555a
36da7c3931e03ae21506b0e7a9a26573e414d4ca7bb659c7c6c8a421a79efb6c
3a2c33dafbb46725336e7c4d28662f28331daf07215d754c1802e8112005f1be
3b6839c31dcff12190f4ff74c1841ddc74442f97fb2e1a63aad71f768a754067
3d785eb0a0168e5c79e66aa0085a932d5fe2ad04f3577547e2267fa589df677d
3f0015967cfdc00b10ed549580bcfcd6e1ab5aaf057df55855e891ea237fd255
42e5d5834e8749783d3e2d2a3b5c4585ede43cef268dd4b912d880ee9ae92acc
46689198526f176cb3bb2881be2e8f1273be7293fea0625f2c3bfa2058c9b422
46ac0ec77bdc063f357b5db0836f05a4b380a7ed1385703996cf8a5fd77746a1
4908bd972c8d649b6b0880fad7ce375e2e36275293622c46faf31b812d01b8d8
4aa0c4620f0d256d1d9a7d58e4be78611bc00719f4295555535ae7355e5782b1
4fbc4e02994fcdce092ebab49d88864438b24fb033ac31ba545765da782281b4
51a744c5188361c8108bd0b7494d5008812a4a64eb7f5537012c2e87180759b1
523e66c69e810d5dd1d34fcaadd9beb9ce85669784c036f88cf29135292f11f2
53410c4d9d9b2ade43bde400537d1749c8415e0c1350ddd790fab0dc3a3138f9
59c2f162a8aae52afe0adc519eb083f0cfdc241c1aae34ae9fad80cd08a924e6
5abc6681790b30a89203ee45ca30be85548d9788fbba3d6c49fecd5302f060f7
5b40665a9c6eda7ee5b01320fae0bc3bda499e8df67c518193f944683dc70c79
5bbcdd1950c8ea5dcc245f8db9c7da4c6b323ff5d790140ce198d2ae63da225d
63aef72d236cde38c258f82e8797d13cb24cd903f01e83732eede839aa5cf2c5
66a7b3384214fc3480358d41cbcb8bbafe31dc1f4cb4332289f701ccbb85ed1b
66dfec665c0315b6db48387940314f6d45e523d00ba97b800eb27057aa5ea341
67624c3c844278cdd81dd835c2e981abd992e107f945babfd16f7a08299ef9c4
6ca82e755d5f4a9c8b9f31dc50a5cc67f5e18ea44cc33254abeb02762d8cb0a6
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
71d842c9de99f8965d973113b192dd688f1b5d6615a177251c3f141e2ef5f771
729505f53f34362e4c35dd04ef79ee35c8f3128ea4e5a71f7d2047d5380ff5b2
73f7eea3a67786f37e4a340c748ed25c67ccc230f3873f50f8ce7ad0ebe56469
742ac76db4aa1ff8e53b4752bd2eefbe4c30160ed2ee743e4ce9d2a341af2cb4
763620e41b3bcd0540a6cff70cb23f16d12564f33c70974fe5fdf16642cb643c
7bd521b56f43ea977e5af95bd5f4cfce70a7c719c87391a3e951567ee6ca8df9
807fb9b42f2b8e2966ee5c4281629b90f02e34801b727e40ef520e0aa21788a2
826c8cb5cf5d54dcc703ee78e087d46bfd2100c170027b6d36515055ab5dbb8c
85b57eaee8f090113ca4eb0584c8e22f1e1a891efbac13b9251676ea5e968449
883922a710e857e94b35fd6748792782280a859e154e4db2e4c0b4876dfa61ae
895ec7d88c4c288caddf988ac7e607027f62620fba43df50c89154f002f4ce1a
8b7e6e9bc542f9d526d4363ce316df91e1eb78e777a104241125dd1cea127a77
9066d80c5cd524f2e536bfedf82c68ecddedba113e25d4e1aea1ddaa852310b7
90d08dcdae93d1b095c4e71601487a1f722e0906ec3807718feef38461a93640
934c070bce84b96986d63bb797e2e819ce2372cb5f0b27be063495cae8d9a28f
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
9615ff4b87d99f9828dab66cb960228f86461ef0cf4e543fe193996a09df5dc7
967a0c7847dc55938b49b1e4c00b686a0619135f79afc5c3f9c1549966750037
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c50f694c2921d7f2e61d60eddb0c21f601da8b37a1b2489b6574c7393f63cf3
9edb0a23ab94844e68ea7bd76b2d707d307b6b849be6dd14fd336a73d2b5baa5
a0ed8e0f46ab470cacef268dad03349e5fb931a902c380ebea1bbd7f187f2af1
a3b235ae8494e07412786ad460a0b251679b8450abbcbe3b726f334d9b125693
ad26c1d060a66513500ea9133c8744ae849039530e6984260513679a28a8d353
b148e5978865b29b2db0131b628eb963f47e996757bfa8e8fe7c60d7273fb625
b1b6542ec22e83e7ef429790974aa6b9ddbb8f3ebf6e19a3d1be795ff010d0df
b323d86681653d7e2e92716f79f18a324b1337dd9ad3d456644ca9fb7493ffa3
b40079d2b7f54bd72e1aa594a6386e491cc06d21b53fb4d2c6294286937b5363
b4df7f2d12ceca979528b7098ce1e6495f4b5a0d0b05ec5aa7eaa1e1faf888df
b5bbbac6f82f08fe4a60b10ba1209e77a100d12f4e0ec1673d03900f40e93e85
b75e2161fc0e6fdadef210b391b117852f75fa88b85e057092b18b1fe0b60f1d
b798f0b7b611960f602a0188ee89a220faa7d4ebb7412310f7694b5b67f841ec
b91e8650f0b8f369d9d4646b494fcde7f635dd31e5af8ef3bd82f18f4bbdf17b
bc97d59cbfbb25f36df26942e9da2329650fcbd733582aba6007037ad0c7e28b
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
c3000c7d955ad6f8c261633f98c86d8fd735714927aa9b531ad54951c7cf37da
c5ded20cabd9d33d15f59f31e00c781c490637bf5b20f0674670189001179c15
cb725f174a86bcf23b5b9f53e5b60d53eaa1524f88f4dcec165670a3b0eb6c2c
d157b7018adb5e27275cd86597988bb2398d266ab0cdaf73c58936ba951344fd
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f
dd123efa09539d8ce9fd78554845110ac61495e6b5798fc9f5628adf967a454c
ddacff985568d4587ff00bcd1e6ec886c89eb143994d862a67338c356e3c42d6
e018e8b8973a4a204f322e3afe6439ac1055c5a52b9b8dcf63635e42fe89003c
e13fe31829960c08b8ebac3106026055fd8dce0f5e2000f723e1c1e51c38b92a
e26c4e03e9beba4c780de307cc533d311b0aeb41644fb464ab9bf5713bda8270
e2820061acdbde09cbfbd98b6a84a4fde4e17b96ef6962d822dd43a4f4084ea2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4151339e7a1da93c261fe04058e39b43ff0ada1af6a13664df1a582f418a9a6
e441bb2cea80ca356c69595682c3b7d76c341566b5f851b352434e9eaadf136b
e5e17bcea988cd66d1785c1465c194e051ff90ce8148ffeb8ab6678c3b983d76
e62cb84db10132ea9201bc71a8a93663db97092841687e15a2ecbf7d95ccded5
e6badc2a49867d2223c9a45d6cbcdfd79f9d8f3b2e8520e517eea76a8b8c44aa
e80aed26dd45daeefa49c42b48410cc226d78c6a8ff28edebe66131c03217f97
eb0ab622969875cccbaa658809cc6df6bfd73846f9c6c5e80774936cbc52845c
ebb2a7b2457c2c4d03b2653248880bc768505208c77d13da7ea9899ac2b475e5
ee5e764672602931f31d681fcd0e1150d617a8e4d8bbcd999ed51930f53b8664
efb509a9f4b3859de39e800132d5f87347b5d31d04a8f139148f4fa0065c16cc
f0338a27d7ce3a39ee72a3333bfbc656517010a4fa8e526ccb89e47c71451f37
f21e85d85278e67961225cf71b02aa6d069ee33c871b8bf1cc7c8af377a9275f
f38ce06529719c5b1b9a7dc1872e73b1f276d69073395208fc2569235f514130
f4ce35331abe9a6735c904a3f76fbcbfb547702a7a73ccb2fc135b5abef90b8f
f6b3aac073bc9a2620e8a3272608bd76100f9a304d576fedc60e272c8068f93f
f987e2d9828ead776cb236e3efa082920c6605fd4bc3676bc93447ef677657c2
fbaa3c48c9eeb1d12294075cf9b0038e4e952acf821e68b3e52f89a96ac1c90c
fe17e686e9dccaa14ee296382adece6c855c4586671245fcb42eea8bd1eb4c6e
ff4f0503bfb84bc60a84d31bd5d9dc2d84f42ac8810ea5add2ff09a3d772f817

onedrive.live.com Open in urlscan Pro 13.107.42.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

127 Requests

98 %HTTPS

28 %IPv6

11 Domains

21 Subdomains

17 IPs

4 Countries

7007 kBTransfer

26058 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

onedrive.live.com Open in urlscan Pro
13.107.42.13 Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

98 %
HTTPS

28 %
IPv6

11
Domains

21
Subdomains

17
IPs

4
Countries

7007 kB
Transfer

26058 kB
Size

2
Cookies

127 HTTP transactions
2 data transactions