Submitted URL: https://bit.ly/3Bog0mo
Effective URL: https://gemsedu-my.sharepoint.com/personal/dana_s1_akn_gemsedu_com/_layouts/15/WopiFrame.aspx?guestaccesstoken=oAezxK5MMx2mRtnaNEf...
Submission: On July 22 via manual from KW

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 33 HTTP transactions. The main IP is 13.107.138.9, located in Redmond, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is gemsedu-my.sharepoint.com.
TLS certificate: Issued by DigiCert Cloud Services CA-1 on October 1st 2020. Valid for: a year.
This is the only time gemsedu-my.sharepoint.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-PR...)
1 6 13.107.138.9 8068 (MICROSOFT...)
1 13.107.6.171 8068 (MICROSOFT...)
13 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
13 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
33 5
Domain Requested by
13 c1h-excel-15.cdn.office.net euc-excel.officeapps.live.com
c1h-excel-15.cdn.office.net
gemsedu-my.sharepoint.com
13 statica.akamai.odsp.cdn.office.net gemsedu-my.sharepoint.com
statica.akamai.odsp.cdn.office.net
6 gemsedu-my.sharepoint.com 1 redirects gemsedu-my.sharepoint.com
1 euc-excel.officeapps.live.com gemsedu-my.sharepoint.com
1 bit.ly 1 redirects
33 5

This site contains no links.

Subject Issuer Validity Valid
*.sharepoint.com
DigiCert Cloud Services CA-1
2020-10-01 -
2021-10-01
a year crt.sh
officeapps.live.com
DigiCert Cloud Services CA-1
2021-04-30 -
2022-04-29
a year crt.sh
wildcard.akamai.odsp.cdn.office.net
Microsoft RSA TLS CA 01
2020-09-08 -
2021-09-08
a year crt.sh
*.cdn.office.net
Microsoft RSA TLS CA 02
2021-01-26 -
2022-01-26
a year crt.sh

This page contains 2 frames:

Primary Page: https://gemsedu-my.sharepoint.com/personal/dana_s1_akn_gemsedu_com/_layouts/15/WopiFrame.aspx?guestaccesstoken=oAezxK5MMx2mRtnaNEfZwHsjNV1cc%2bJndGEeElX9C6A%3d&docid=1_11612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&action=formsubmit
Frame ID: AFC0060F3157FE5F63B977064A7935D2
Requests: 18 HTTP requests in this frame

Frame: https://euc-excel.officeapps.live.com/x/_layouts/xlform.aspx?ui=en%2DUS&rs=en%2DUS&WOPISrc=https%3A%2F%2Fgemsedu%2Dmy%2Esharepoint%2Ecom%2Fpersonal%2Fdana%5Fs1%5Fakn%5Fgemsedu%5Fcom%2F%5Fvti%5Fbin%2Fwopi%2Eashx%2Ffiles%2F1612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&wdEnableRoaming=1&mscc=0&wdODB=1&hid=19ffdd9f-30e2-c000-426a-ff3d2490df1d
Frame ID: 8280CFD5247B180B3D3BEB8A8BBFF264
Requests: 14 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://bit.ly/3Bog0mo HTTP 301
    https://gemsedu-my.sharepoint.com/personal/dana_s1_akn_gemsedu_com/_layouts/15/guestaccess.aspx?guestaccesstok... HTTP 302
    https://gemsedu-my.sharepoint.com/personal/dana_s1_akn_gemsedu_com/_layouts/15/WopiFrame.aspx?guestaccesstoken... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers microsoftsharepointteamservices /^(.+)$/i
  • headers sprequestguid /(?:)/i

Page Statistics

33
Requests

97 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

1401 kB
Transfer

6738 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3Bog0mo HTTP 301
    https://gemsedu-my.sharepoint.com/personal/dana_s1_akn_gemsedu_com/_layouts/15/guestaccess.aspx?guestaccesstoken=oAezxK5MMx2mRtnaNEfZwHsjNV1cc%2BJndGEeElX9C6A%3D&docid=1_11612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88-4126-4EA2-8BF1-B2BCC84C03F3%7D HTTP 302
    https://gemsedu-my.sharepoint.com/personal/dana_s1_akn_gemsedu_com/_layouts/15/WopiFrame.aspx?guestaccesstoken=oAezxK5MMx2mRtnaNEfZwHsjNV1cc%2bJndGEeElX9C6A%3d&docid=1_11612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&action=formsubmit Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request WopiFrame.aspx?guestaccesstoken=oAezxK5MMx2mRtnaNEfZwHsjNV1cc%2bJndGEeElX9C6A%3d&docid=1_11612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&action=formsubmit
gemsedu-my.sharepoint.com/personal/dana_s1_akn_gemsedu_com/_layouts/15/
Redirect Chain
  • https://bit.ly/3Bog0mo
  • https://gemsedu-my.sharepoint.com/personal/dana_s1_akn_gemsedu_com/_layouts/15/guestaccess.aspx?guestaccesstoken=oAezxK5MMx2mRtnaNEfZwHsjNV1cc%2BJndGEeElX9C6A%3D&docid=1_11612bd4d7523417abf87a4f0f0...
  • https://gemsedu-my.sharepoint.com/personal/dana_s1_akn_gemsedu_com/_layouts/15/WopiFrame.aspx?guestaccesstoken=oAezxK5MMx2mRtnaNEfZwHsjNV1cc%2bJndGEeElX9C6A%3d&docid=1_11612bd4d7523417abf87a4f0f0b0...
89 KB
54 KB
Document
General
Full URL
https://gemsedu-my.sharepoint.com/personal/dana_s1_akn_gemsedu_com/_layouts/15/WopiFrame.aspx?guestaccesstoken=oAezxK5MMx2mRtnaNEfZwHsjNV1cc%2bJndGEeElX9C6A%3d&docid=1_11612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&action=formsubmit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.138.9 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
0ca6d19ce790c96de0e3db4b4098c6b04fff9625643f1163090b19dc2d188c13
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com *.powerapps.com *.yammer.com *.officeapps.live.com *.office.com *.stream.azure-test.net *.microsoftstream.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
gemsedu-my.sharepoint.com
:scheme
https
:path
/personal/dana_s1_akn_gemsedu_com/_layouts/15/WopiFrame.aspx?guestaccesstoken=oAezxK5MMx2mRtnaNEfZwHsjNV1cc%2bJndGEeElX9C6A%3d&docid=1_11612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&action=formsubmit
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store
pragma
no-cache
content-length
55241
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
-1
vary
Accept-Encoding
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR" CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
x-sharepointhealthscore
3
referrer-policy
no-referrer, strict-origin-when-cross-origin
x-aspnet-version
4.0.30319
sprequestguid
19ffdd9f-30e2-c000-426a-ff3d2490df1d
request-id
19ffdd9f-30e2-c000-426a-ff3d2490df1d
ms-cv
n93/GeIwAMBCav89JJDfHQ.0
report-to
{"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=afa89af7-57d7-469b-a6ea-a45f9958e9e9&destinationEndpoint=Edge-Prod-BUD01r4&frontEnd=AFD"}]}
nel
{"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com *.powerapps.com *.yammer.com *.officeapps.live.com *.office.com *.stream.azure-test.net *.microsoftstream.com;
sprequestduration
181
spiislatency
1
x-powered-by
ASP.NET
microsoftsharepointteamservices
16.0.0.21507
x-content-type-options
nosniff
x-ms-invokeapp
1; RequireReadOnly
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: EF51747F00414BA896CF5E1FB627BE30 Ref B: BUD01EDGE0314 Ref C: 2021-07-22T10:31:02Z

Redirect headers

cache-control
private
content-length
408
content-type
text/html; charset=utf-8
location
https://gemsedu-my.sharepoint.com/personal/dana_s1_akn_gemsedu_com/_layouts/15/WopiFrame.aspx?guestaccesstoken=oAezxK5MMx2mRtnaNEfZwHsjNV1cc%2bJndGEeElX9C6A%3d&docid=1_11612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&action=formsubmit
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
x-sharepointhealthscore
0
x-aspnet-version
4.0.30319
sprequestguid
19ffdd9f-a0d6-c000-426a-fac58019a5aa
request-id
19ffdd9f-a0d6-c000-426a-fac58019a5aa
ms-cv
n93/GdagAMBCavrFgBmlqg.0
report-to
{"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=afa89af7-57d7-469b-a6ea-a45f9958e9e9&destinationEndpoint=Edge-Prod-BUD01r4&frontEnd=AFD"}]}
nel
{"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com *.powerapps.com *.yammer.com *.officeapps.live.com *.office.com *.stream.azure-test.net *.microsoftstream.com;
sprequestduration
97
spiislatency
3
x-powered-by
ASP.NET
microsoftsharepointteamservices
16.0.0.21507
x-content-type-options
nosniff
x-ms-invokeapp
1; RequireReadOnly
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 5795139EAD2D4F2EBEB687BE01F120AE Ref B: BUD01EDGE0314 Ref C: 2021-07-22T10:31:02Z
xlform.aspx?ui=en%2DUS&rs=en%2DUS&WOPISrc=https%3A%2F%2Fgemsedu%2Dmy%2Esharepoint%2Ecom%2Fpersonal%2Fdana%5Fs1%5Fakn%5Fgemsedu%5Fcom%2F%5Fvti%5Fbin%2Fwopi%2Eashx%2Ffiles%2F1612bd4d7523417abf87a4f0f...
euc-excel.officeapps.live.com/x/_layouts/ Frame 8280
20 KB
9 KB
Document
General
Full URL
https://euc-excel.officeapps.live.com/x/_layouts/xlform.aspx?ui=en%2DUS&rs=en%2DUS&WOPISrc=https%3A%2F%2Fgemsedu%2Dmy%2Esharepoint%2Ecom%2Fpersonal%2Fdana%5Fs1%5Fakn%5Fgemsedu%5Fcom%2F%5Fvti%5Fbin%2Fwopi%2Eashx%2Ffiles%2F1612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&wdEnableRoaming=1&mscc=0&wdODB=1&hid=19ffdd9f-30e2-c000-426a-ff3d2490df1d
Requested by
Host: gemsedu-my.sharepoint.com
URL: https://gemsedu-my.sharepoint.com/personal/dana_s1_akn_gemsedu_com/_layouts/15/WopiFrame.aspx?guestaccesstoken=oAezxK5MMx2mRtnaNEfZwHsjNV1cc%2bJndGEeElX9C6A%3d&docid=1_11612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&action=formsubmit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3c090e03779df65a1a655567667346ac6475fed39b0673f80ba416c39937a8db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
POST
:authority
euc-excel.officeapps.live.com
:scheme
https
:path
/x/_layouts/xlform.aspx?ui=en%2DUS&rs=en%2DUS&WOPISrc=https%3A%2F%2Fgemsedu%2Dmy%2Esharepoint%2Ecom%2Fpersonal%2Fdana%5Fs1%5Fakn%5Fgemsedu%5Fcom%2F%5Fvti%5Fbin%2Fwopi%2Eashx%2Ffiles%2F1612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&wdEnableRoaming=1&mscc=0&wdODB=1&hid=19ffdd9f-30e2-c000-426a-ff3d2490df1d
content-length
1487
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://gemsedu-my.sharepoint.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://gemsedu-my.sharepoint.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
https://gemsedu-my.sharepoint.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gemsedu-my.sharepoint.com/

Response headers

cache-control
no-cache, no-store
pragma
no-cache
content-length
8886
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
-1
vary
Accept-Encoding
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie
DcLcid=ui=1033&data=1033; expires=Fri, 22-Oct-2021 10:31:03 GMT; path=/; samesite=none; secure; HttpOnly GEU9-Excel-ARRAffinity=60e4c79c76702f9b4a8467757c56f80d10f0559e1438d8b8c96950241cd33442;Path=/;Domain=euc-excel.officeapps.live.com; samesite=none; secure
x-correlationid
5515da07-c10e-40bc-9a18-5a477bee693c
x-usersessionid
5515da07-c10e-40bc-9a18-5a477bee693c
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-officefe
PA1PEPF00020DF4
x-officeversion
16.0.14312.35904
x-officecluster
GEU9
x-content-type-options
nosniff
x-officefd
PA1PEPF00020D6D
x-cache
CONFIG_NOCACHE
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-msedge-ref
Ref A: ECF1F83FE1284869822D5C1BF25E5F61 Ref B: VIEEDGE1211 Ref C: 2021-07-22T10:31:03Z
initstrings.js
statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/1033/
23 KB
7 KB
Script
General
Full URL
https://statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/1033/initstrings.js
Requested by
Host: gemsedu-my.sharepoint.com
URL: https://gemsedu-my.sharepoint.com/personal/dana_s1_akn_gemsedu_com/_layouts/15/WopiFrame.aspx?guestaccesstoken=oAezxK5MMx2mRtnaNEfZwHsjNV1cc%2bJndGEeElX9C6A%3d&docid=1_11612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&action=formsubmit
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8738756cf1f86bb9524d1f67adfa02d9aab26d917802f4ca58be0404a922fe0d

Request headers

Referer
https://gemsedu-my.sharepoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 22 Jul 2021 10:31:03 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 02:34:18 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
FN7uqG0aAmlKwp+zoYFS8g==
etag
0x8D94BF009F53F1F
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
91ca2ff2-901e-00f2-6f61-7e273e000000
x-ms-version
2009-09-19
timing-allow-origin
*
content-length
6712
init.js
statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/
333 KB
87 KB
Script
General
Full URL
https://statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/init.js
Requested by
Host: gemsedu-my.sharepoint.com
URL: https://gemsedu-my.sharepoint.com/personal/dana_s1_akn_gemsedu_com/_layouts/15/WopiFrame.aspx?guestaccesstoken=oAezxK5MMx2mRtnaNEfZwHsjNV1cc%2bJndGEeElX9C6A%3d&docid=1_11612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&action=formsubmit
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
333938effaf5df928d87d07597d9abdf80b69c09a60e23a1241e6beb3faa1b4a

Request headers

Referer
https://gemsedu-my.sharepoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 22 Jul 2021 10:31:03 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 02:42:44 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
1ryhAb84sjvkskRf2oT5aA==
etag
0x8D94BF1378C165B
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d3036371-701e-00b3-4c61-7e3b34000000
x-ms-version
2009-09-19
timing-allow-origin
*
content-length
88929
ScriptResource.axd?d=_NlNLwIne-2DPuphgbgpYrohAtmgAoojLu9ihFaq9Dg3XeHuRUNKJ9uF5if5KSr8bcs51hkHy5RaDFUHTkOqq_HySdWRgsRG2GT1cewkzHmJQ2P9ZWHX43DjqonC9HRe8SV2Zw1KRH0ZtJKdGeHGm6UF-8Y2QI3Io7SvloP1oyvE_ZPh...
gemsedu-my.sharepoint.com/
100 KB
25 KB
Script
General
Full URL
https://gemsedu-my.sharepoint.com/ScriptResource.axd?d=_NlNLwIne-2DPuphgbgpYrohAtmgAoojLu9ihFaq9Dg3XeHuRUNKJ9uF5if5KSr8bcs51hkHy5RaDFUHTkOqq_HySdWRgsRG2GT1cewkzHmJQ2P9ZWHX43DjqonC9HRe8SV2Zw1KRH0ZtJKdGeHGm6UF-8Y2QI3Io7SvloP1oyvE_ZPhsYZgiwRoek7hIn7w0&t=363be08
Requested by
Host: gemsedu-my.sharepoint.com
URL: https://gemsedu-my.sharepoint.com/personal/dana_s1_akn_gemsedu_com/_layouts/15/WopiFrame.aspx?guestaccesstoken=oAezxK5MMx2mRtnaNEfZwHsjNV1cc%2bJndGEeElX9C6A%3d&docid=1_11612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&action=formsubmit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.138.9 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/ScriptResource.axd?d=_NlNLwIne-2DPuphgbgpYrohAtmgAoojLu9ihFaq9Dg3XeHuRUNKJ9uF5if5KSr8bcs51hkHy5RaDFUHTkOqq_HySdWRgsRG2GT1cewkzHmJQ2P9ZWHX43DjqonC9HRe8SV2Zw1KRH0ZtJKdGeHGm6UF-8Y2QI3Io7SvloP1oyvE_ZPhsYZgiwRoek7hIn7w0&t=363be08
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
gemsedu-my.sharepoint.com
referer
https://gemsedu-my.sharepoint.com/personal/dana_s1_akn_gemsedu_com/_layouts/15/WopiFrame.aspx?guestaccesstoken=oAezxK5MMx2mRtnaNEfZwHsjNV1cc%2bJndGEeElX9C6A%3d&docid=1_11612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&action=formsubmit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://gemsedu-my.sharepoint.com/personal/dana_s1_akn_gemsedu_com/_layouts/15/WopiFrame.aspx?guestaccesstoken=oAezxK5MMx2mRtnaNEfZwHsjNV1cc%2bJndGEeElX9C6A%3d&docid=1_11612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&action=formsubmit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Jul 2021 06:34:46 GMT
x-aspnet-version
4.0.30319
x-ms-invokeapp
1; RequireReadOnly
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
cache-control
public
x-msedge-ref
Ref A: 978B75244BBD4CE99534D1106684155D Ref B: BUD01EDGE0314 Ref C: 2021-07-22T10:31:03Z
content-type
application/x-javascript
content-length
25609
microsoftsharepointteamservices
16.0.0.21507
expires
Fri, 22 Jul 2022 06:34:46 GMT
blank.js
statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/
456 B
606 B
Script
General
Full URL
https://statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/blank.js
Requested by
Host: gemsedu-my.sharepoint.com
URL: https://gemsedu-my.sharepoint.com/personal/dana_s1_akn_gemsedu_com/_layouts/15/WopiFrame.aspx?guestaccesstoken=oAezxK5MMx2mRtnaNEfZwHsjNV1cc%2bJndGEeElX9C6A%3d&docid=1_11612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&action=formsubmit
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a9c951c9579fa97b728f0afb62e39b6f33eaedadf2301570ac5cd90cc8f67791

Request headers

Referer
https://gemsedu-my.sharepoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 22 Jul 2021 10:31:03 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 02:34:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
bgZ9UFS7GodDhdMSzwvw/A==
etag
0x8D94BF00FFA2F35
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5961e986-001e-00bd-4661-7e566a000000
x-ms-version
2009-09-19
timing-allow-origin
*
content-length
274
ScriptResource.axd?d=A5bpPh8CzBU9cXul0dovtAk3PYZ6ToFhhvsrN7VlXmUK6VhYo-gcjanCyH2RIq1fZMKk7AOGZm-trXtaz-9Iv3x6DJs1C8n9BhQhbUApwvGK0wcQBPCwQay11Z_5r8yG1y5wM1KlwN55v6b5JSAgLOrQUQ7hxiAFYFeMOm0gyzaduFSC...
gemsedu-my.sharepoint.com/
39 KB
10 KB
Script
General
Full URL
https://gemsedu-my.sharepoint.com/ScriptResource.axd?d=A5bpPh8CzBU9cXul0dovtAk3PYZ6ToFhhvsrN7VlXmUK6VhYo-gcjanCyH2RIq1fZMKk7AOGZm-trXtaz-9Iv3x6DJs1C8n9BhQhbUApwvGK0wcQBPCwQay11Z_5r8yG1y5wM1KlwN55v6b5JSAgLOrQUQ7hxiAFYFeMOm0gyzaduFSCZqR4KWAJfguw-99j0&t=363be08
Requested by
Host: gemsedu-my.sharepoint.com
URL: https://gemsedu-my.sharepoint.com/personal/dana_s1_akn_gemsedu_com/_layouts/15/WopiFrame.aspx?guestaccesstoken=oAezxK5MMx2mRtnaNEfZwHsjNV1cc%2bJndGEeElX9C6A%3d&docid=1_11612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&action=formsubmit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.138.9 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/ScriptResource.axd?d=A5bpPh8CzBU9cXul0dovtAk3PYZ6ToFhhvsrN7VlXmUK6VhYo-gcjanCyH2RIq1fZMKk7AOGZm-trXtaz-9Iv3x6DJs1C8n9BhQhbUApwvGK0wcQBPCwQay11Z_5r8yG1y5wM1KlwN55v6b5JSAgLOrQUQ7hxiAFYFeMOm0gyzaduFSCZqR4KWAJfguw-99j0&t=363be08
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
gemsedu-my.sharepoint.com
referer
https://gemsedu-my.sharepoint.com/personal/dana_s1_akn_gemsedu_com/_layouts/15/WopiFrame.aspx?guestaccesstoken=oAezxK5MMx2mRtnaNEfZwHsjNV1cc%2bJndGEeElX9C6A%3d&docid=1_11612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&action=formsubmit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://gemsedu-my.sharepoint.com/personal/dana_s1_akn_gemsedu_com/_layouts/15/WopiFrame.aspx?guestaccesstoken=oAezxK5MMx2mRtnaNEfZwHsjNV1cc%2bJndGEeElX9C6A%3d&docid=1_11612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&action=formsubmit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Jul 2021 05:37:42 GMT
x-aspnet-version
4.0.30319
x-ms-invokeapp
1; RequireReadOnly
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
cache-control
public
x-msedge-ref
Ref A: 4E096592B0EB43718E9B1D794B6EEE2D Ref B: BUD01EDGE0314 Ref C: 2021-07-22T10:31:03Z
content-type
application/x-javascript
content-length
9984
microsoftsharepointteamservices
16.0.0.21507
expires
Fri, 22 Jul 2022 05:37:42 GMT
WebResource.axd?d=qc3PgbKUrlzqmLq1Q7vkviYt4ybMbz5CheSke3FetG9mivaQHKh9nqyLFLwvmsbje3137VlNjD7qvLR1lI4BD5EeiH9xUaUPJNVRlp4eTfo1&t=637453780754849868
gemsedu-my.sharepoint.com/
23 KB
6 KB
Script
General
Full URL
https://gemsedu-my.sharepoint.com/WebResource.axd?d=qc3PgbKUrlzqmLq1Q7vkviYt4ybMbz5CheSke3FetG9mivaQHKh9nqyLFLwvmsbje3137VlNjD7qvLR1lI4BD5EeiH9xUaUPJNVRlp4eTfo1&t=637453780754849868
Requested by
Host: gemsedu-my.sharepoint.com
URL: https://gemsedu-my.sharepoint.com/personal/dana_s1_akn_gemsedu_com/_layouts/15/WopiFrame.aspx?guestaccesstoken=oAezxK5MMx2mRtnaNEfZwHsjNV1cc%2bJndGEeElX9C6A%3d&docid=1_11612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&action=formsubmit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.138.9 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/WebResource.axd?d=qc3PgbKUrlzqmLq1Q7vkviYt4ybMbz5CheSke3FetG9mivaQHKh9nqyLFLwvmsbje3137VlNjD7qvLR1lI4BD5EeiH9xUaUPJNVRlp4eTfo1&t=637453780754849868
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
gemsedu-my.sharepoint.com
referer
https://gemsedu-my.sharepoint.com/personal/dana_s1_akn_gemsedu_com/_layouts/15/WopiFrame.aspx?guestaccesstoken=oAezxK5MMx2mRtnaNEfZwHsjNV1cc%2bJndGEeElX9C6A%3d&docid=1_11612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&action=formsubmit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://gemsedu-my.sharepoint.com/personal/dana_s1_akn_gemsedu_com/_layouts/15/WopiFrame.aspx?guestaccesstoken=oAezxK5MMx2mRtnaNEfZwHsjNV1cc%2bJndGEeElX9C6A%3d&docid=1_11612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&action=formsubmit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 Jan 2021 01:27:55 GMT
x-aspnet-version
4.0.30319
x-ms-invokeapp
1; RequireReadOnly
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
cache-control
public
x-msedge-ref
Ref A: A51E4BD31A8F45A79CDF158E5248FAF5 Ref B: BUD01EDGE0314 Ref C: 2021-07-22T10:31:03Z
content-type
application/x-javascript
content-length
6007
microsoftsharepointteamservices
16.0.0.21507
expires
Fri, 22 Jul 2022 06:34:42 GMT
sp.res.js
statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/1033/
36 KB
11 KB
Script
General
Full URL
https://statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/1033/sp.res.js
Requested by
Host: statica.akamai.odsp.cdn.office.net
URL: https://statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/init.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1324c5317d5917a5f18b6da980b1f4f6b624c8e2d67ed611fb17178c427191b7

Request headers

Referer
https://gemsedu-my.sharepoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 22 Jul 2021 10:31:03 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 02:34:36 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
Xwr8oqG4UbWk/NJOarptdg==
etag
0x8D94BF014E365E2
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
88366b71-001e-00e0-0e61-7e5cee000000
x-ms-version
2009-09-19
timing-allow-origin
*
content-length
11019
sp.init.js
statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/
32 KB
9 KB
Script
General
Full URL
https://statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/sp.init.js
Requested by
Host: statica.akamai.odsp.cdn.office.net
URL: https://statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/init.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e96aeb8c605e69d61bfaf5f5803d7151388dcdc16e18059f38338e908e2f7a43

Request headers

Referer
https://gemsedu-my.sharepoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 22 Jul 2021 10:31:03 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 02:42:30 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
Cd6FwlTWgpuuXhAy0GHOSA==
etag
0x8D94BF12F4F2484
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
628ade9c-001e-0070-2961-7eb277000000
x-ms-version
2009-09-19
timing-allow-origin
*
content-length
8647
corev15.css?rev=SfAuTrPENSqTWpS0DFSAng%3D%3DTAG817
gemsedu-my.sharepoint.com/_layouts/15/1033/styles/
333 KB
48 KB
Stylesheet
General
Full URL
https://gemsedu-my.sharepoint.com/_layouts/15/1033/styles/corev15.css?rev=SfAuTrPENSqTWpS0DFSAng%3D%3DTAG817
Requested by
Host: gemsedu-my.sharepoint.com
URL: https://gemsedu-my.sharepoint.com/personal/dana_s1_akn_gemsedu_com/_layouts/15/WopiFrame.aspx?guestaccesstoken=oAezxK5MMx2mRtnaNEfZwHsjNV1cc%2bJndGEeElX9C6A%3d&docid=1_11612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&action=formsubmit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.138.9 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
7238ac97fd86b6268c59fdb98759d28c7849487ad1bd69c810686b40cae99bc4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/_layouts/15/1033/styles/corev15.css?rev=SfAuTrPENSqTWpS0DFSAng%3D%3DTAG817
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
gemsedu-my.sharepoint.com
referer
https://gemsedu-my.sharepoint.com/personal/dana_s1_akn_gemsedu_com/_layouts/15/WopiFrame.aspx?guestaccesstoken=oAezxK5MMx2mRtnaNEfZwHsjNV1cc%2bJndGEeElX9C6A%3d&docid=1_11612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&action=formsubmit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://gemsedu-my.sharepoint.com/personal/dana_s1_akn_gemsedu_com/_layouts/15/WopiFrame.aspx?guestaccesstoken=oAezxK5MMx2mRtnaNEfZwHsjNV1cc%2bJndGEeElX9C6A%3d&docid=1_11612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&action=formsubmit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 21 Jul 2021 02:41:05 GMT
x-msedge-ref
Ref A: 1764DAB658644C9ABEADC5A2B7354BC1 Ref B: BUD01EDGE0314 Ref C: 2021-07-22T10:31:03Z
x-ms-invokeapp
1; RequireReadOnly
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
cache-control
max-age=31536000
accept-ranges
bytes
content-type
text/css
content-length
49279
etag
"80367dad97dd71:0"
microsoftsharepointteamservices
16.0.0.21507
strings.js
statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/1033/
182 KB
50 KB
Script
General
Full URL
https://statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/1033/strings.js
Requested by
Host: statica.akamai.odsp.cdn.office.net
URL: https://statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/init.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
41dec0f91f824fa2b3ad2cb794344086e545e0da384e3dd5b898cf8fa0e8d915

Request headers

Referer
https://gemsedu-my.sharepoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 22 Jul 2021 10:31:03 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 02:33:42 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
mdFPdANofOfVO66Frc9Ezg==
etag
0x8D94BEFF4855D21
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a74fd8d3-401e-0058-3261-7e0728000000
x-ms-version
2009-09-19
timing-allow-origin
*
content-length
50702
core.js
statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/
502 KB
132 KB
Script
General
Full URL
https://statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/core.js
Requested by
Host: statica.akamai.odsp.cdn.office.net
URL: https://statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/init.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
07b4288c318eb6671b3f960da2a78ed6d54672081e2274b15ada52361f3ecf28

Request headers

Referer
https://gemsedu-my.sharepoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 22 Jul 2021 10:31:03 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 02:34:02 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
A5uRolESfbsXZGRCfu6mjQ==
etag
0x8D94BF000ADC7C4
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
50c6e397-701e-012e-6061-7e736d000000
x-ms-version
2009-09-19
timing-allow-origin
*
content-length
134575
mquery.js
statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/
22 KB
6 KB
Script
General
Full URL
https://statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/mquery.js
Requested by
Host: statica.akamai.odsp.cdn.office.net
URL: https://statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/init.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b1ed6c9bfafca04189598b99bb121f1a2a240a617641c85088a5371e1745d8c0

Request headers

Referer
https://gemsedu-my.sharepoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 22 Jul 2021 10:31:03 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 02:34:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
Fkk2Ezp/1Ds6anFzC2aj+Q==
etag
0x8D94BF00D5F2C34
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8d5cbe4a-801e-00d1-3a61-7ebdfd000000
x-ms-version
2009-09-19
timing-allow-origin
*
content-length
6002
sp.core.js
statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/
86 KB
22 KB
Script
General
Full URL
https://statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/sp.core.js
Requested by
Host: statica.akamai.odsp.cdn.office.net
URL: https://statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/init.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
09461d2ae938dd8efc62e8543f3fd65379460e01e615c19b6178a1ad7a0ff46a

Request headers

Referer
https://gemsedu-my.sharepoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 22 Jul 2021 10:31:03 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 02:42:44 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
lQrjroYut06vkkXiZoaF3A==
etag
0x8D94BF1380EFB07
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a06e7f7e-101e-010d-4a61-7e68ea000000
x-ms-version
2009-09-19
timing-allow-origin
*
content-length
22461
sp.ui.dialog.js
statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/
44 KB
11 KB
Script
General
Full URL
https://statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/sp.ui.dialog.js
Requested by
Host: statica.akamai.odsp.cdn.office.net
URL: https://statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/init.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ac55c42494f1d4c25aae2ae3308b02b0e903db7fc9ad2b2b3800842ed263dfec

Request headers

Referer
https://gemsedu-my.sharepoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 22 Jul 2021 10:31:03 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 02:33:53 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
W6ygA9m7ZsLaA09s1KNwWg==
etag
0x8D94BEFFB55DB36
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0da22d4f-801e-00ee-0561-7e755e000000
x-ms-version
2009-09-19
timing-allow-origin
*
content-length
10438
sp.runtime.js
statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/
113 KB
24 KB
Script
General
Full URL
https://statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/sp.runtime.js
Requested by
Host: statica.akamai.odsp.cdn.office.net
URL: https://statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/init.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
82fc1914631487db7a59c2d11e87f0d44ecaa7ec7b604722c86ec6ee88666795

Request headers

Referer
https://gemsedu-my.sharepoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 22 Jul 2021 10:31:03 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 02:43:02 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
XdXWLTBtnfGCw8SqI/XTWA==
etag
0x8D94BF142992C1F
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ae2258c2-c01e-00c7-4961-7ebd72000000
x-ms-version
2009-09-19
timing-allow-origin
*
content-length
23769
sp.js
statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/
1 MB
158 KB
Script
General
Full URL
https://statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/sp.js
Requested by
Host: statica.akamai.odsp.cdn.office.net
URL: https://statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/init.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2e263437f86fd1f0c17b58aa3badd8b3dac839b7852576e6d08d2893c2292e32

Request headers

Referer
https://gemsedu-my.sharepoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 22 Jul 2021 10:31:03 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 02:34:22 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
oaYECCSK9urEkess61tiHQ==
etag
0x8D94BF00CBD4E61
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9d450f8f-001e-00f0-5161-7e9986000000
x-ms-version
2009-09-19
timing-allow-origin
*
content-length
161252
sp.wopimessagehandler.js
statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/
33 KB
6 KB
Script
General
Full URL
https://statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/sp.wopimessagehandler.js
Requested by
Host: statica.akamai.odsp.cdn.office.net
URL: https://statica.akamai.odsp.cdn.office.net/bld/_layouts/15/16.0.21507.12004/init.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
44811803e9582cf86ff89eadef49b5ab6944bc7875c180ea1c038d700f643f86

Request headers

Referer
https://gemsedu-my.sharepoint.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 22 Jul 2021 10:31:03 GMT
content-encoding
gzip
last-modified
Wed, 21 Jul 2021 02:34:21 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
0QeX0cRQlR7CWwvGEx8ROw==
etag
0x8D94BF00BFBFB91
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
65d8dc46-301e-0172-0469-7e2635000000
x-ms-version
2009-09-19
timing-allow-origin
*
content-length
6027
AccessServicesExternal.css
c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/Resources/1033/ Frame 8280
29 KB
7 KB
Stylesheet
General
Full URL
https://c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/Resources/1033/AccessServicesExternal.css
Requested by
Host: euc-excel.officeapps.live.com
URL: https://euc-excel.officeapps.live.com/x/_layouts/xlform.aspx?ui=en%2DUS&rs=en%2DUS&WOPISrc=https%3A%2F%2Fgemsedu%2Dmy%2Esharepoint%2Ecom%2Fpersonal%2Fdana%5Fs1%5Fakn%5Fgemsedu%5Fcom%2F%5Fvti%5Fbin%2Fwopi%2Eashx%2Ffiles%2F1612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&wdEnableRoaming=1&mscc=0&wdODB=1&hid=19ffdd9f-30e2-c000-426a-ff3d2490df1d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
67ba7573b1873bb2e9c98929d7a1deaf4939930e861e024a5fb4eda098292b1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://euc-excel.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"08ac49a8279d71:0"
x-officecluster
PNL1
x-officeversion
16.0.14307.31875
x-officefe
AM4PEPF000068F7
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
6351
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified
Thu, 15 Jul 2021 14:06:28 GMT
x-officefd
AM4PEPF000068A8
x-msedge-ref
Ref A: D97EE8A81CE8475D854E2FF1CECD59DB Ref B: AMS04EDGE1711 Ref C: 2021-07-15T14:06:28Z
x-usersessionid
6ce5184f-47b4-4f95-a4bd-bc6d85a7c89c
date
Thu, 22 Jul 2021 10:31:04 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-correlationid
6ce5184f-47b4-4f95-a4bd-bc6d85a7c89c
accept-ranges
bytes
timing-allow-origin
*
EwrForm.css
c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/Resources/1033/ Frame 8280
21 KB
3 KB
Stylesheet
General
Full URL
https://c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/Resources/1033/EwrForm.css
Requested by
Host: euc-excel.officeapps.live.com
URL: https://euc-excel.officeapps.live.com/x/_layouts/xlform.aspx?ui=en%2DUS&rs=en%2DUS&WOPISrc=https%3A%2F%2Fgemsedu%2Dmy%2Esharepoint%2Ecom%2Fpersonal%2Fdana%5Fs1%5Fakn%5Fgemsedu%5Fcom%2F%5Fvti%5Fbin%2Fwopi%2Eashx%2Ffiles%2F1612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&wdEnableRoaming=1&mscc=0&wdODB=1&hid=19ffdd9f-30e2-c000-426a-ff3d2490df1d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9ca162ccf1873d0e2456c9663c7b6a58eec1efad62582668be08e24090784df9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://euc-excel.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"381fce875179d71:0"
x-officecluster
PNL1
x-officeversion
16.0.14307.31875
x-officefe
AM4PEPF000068E4
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
2703
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_powerpointslice_control,afd_wacinfra4,afd_wacinfra5
last-modified
Thu, 15 Jul 2021 08:15:10 GMT
x-officefd
AM4PEPF000068C3
x-msedge-ref
Ref A: 6DA0D3168F9040C48DC21A673DF09411 Ref B: AMS04EDGE1522 Ref C: 2021-07-15T08:15:10Z
x-usersessionid
0f75c047-53b4-44f3-9aec-b3c2f24efcc4
date
Thu, 22 Jul 2021 10:31:04 GMT
content-type
text/css
access-control-allow-origin
*
x-correlationid
0f75c047-53b4-44f3-9aec-b3c2f24efcc4
accept-ranges
bytes
timing-allow-origin
*
excelframe.css
c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/Resources/1033/ Frame 8280
64 KB
11 KB
Stylesheet
General
Full URL
https://c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/Resources/1033/excelframe.css
Requested by
Host: euc-excel.officeapps.live.com
URL: https://euc-excel.officeapps.live.com/x/_layouts/xlform.aspx?ui=en%2DUS&rs=en%2DUS&WOPISrc=https%3A%2F%2Fgemsedu%2Dmy%2Esharepoint%2Ecom%2Fpersonal%2Fdana%5Fs1%5Fakn%5Fgemsedu%5Fcom%2F%5Fvti%5Fbin%2Fwopi%2Eashx%2Ffiles%2F1612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&wdEnableRoaming=1&mscc=0&wdODB=1&hid=19ffdd9f-30e2-c000-426a-ff3d2490df1d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e6badc2a49867d2223c9a45d6cbcdfd79f9d8f3b2e8520e517eea76a8b8c44aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://euc-excel.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"d312cd875179d71:0"
x-officecluster
PNL1
x-officeversion
16.0.14307.31875
x-officefe
AM4PEPF00006946
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
10153
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified
Thu, 15 Jul 2021 08:15:10 GMT
x-officefd
AM4PEPF000068A0
x-msedge-ref
Ref A: 28EE991318A64ABE910EFB1C029907BB Ref B: AMS04EDGE1112 Ref C: 2021-07-15T08:15:10Z
x-usersessionid
8dc95d26-c492-4d42-b94a-9223657c09bb
date
Thu, 22 Jul 2021 10:31:04 GMT
content-type
text/css
access-control-allow-origin
*
x-correlationid
8dc95d26-c492-4d42-b94a-9223657c09bb
accept-ranges
bytes
timing-allow-origin
*
EwaForm.png
c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/Resources/1033/ Frame 8280
3 KB
3 KB
Image
General
Full URL
https://c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/Resources/1033/EwaForm.png
Requested by
Host: euc-excel.officeapps.live.com
URL: https://euc-excel.officeapps.live.com/x/_layouts/xlform.aspx?ui=en%2DUS&rs=en%2DUS&WOPISrc=https%3A%2F%2Fgemsedu%2Dmy%2Esharepoint%2Ecom%2Fpersonal%2Fdana%5Fs1%5Fakn%5Fgemsedu%5Fcom%2F%5Fvti%5Fbin%2Fwopi%2Eashx%2Ffiles%2F1612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&wdEnableRoaming=1&mscc=0&wdODB=1&hid=19ffdd9f-30e2-c000-426a-ff3d2490df1d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
77fc2387bcbb51481e55222829aa9e69668c5f3bc1e1a85cc62b9096265146b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://euc-excel.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
W/"f4ee128a8f79d71:0"
x-officecluster
PNL1
x-officeversion
16.0.14307.31875
x-officefe
AM4PEPF00006946
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
2673
cache-control
public,max-age=31536000
x-msedge-features
tasmigration015,typeheadertest,afd_waccluster,afd_wordcapacity,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified
Thu, 15 Jul 2021 15:39:03 GMT
x-officefd
AM4PEPF000068AA
x-msedge-ref
Ref A: 852E91A020CE4935A16042919A78563C Ref B: AMS04EDGE1222 Ref C: 2021-07-15T15:39:03Z
x-usersessionid
e515825b-9730-426c-9426-9745aee8e105
date
Thu, 22 Jul 2021 10:31:04 GMT
content-type
image/png
access-control-allow-origin
*
x-correlationid
e515825b-9730-426c-9426-9745aee8e105
accept-ranges
bytes
timing-allow-origin
*
MicrosoftAjax.js
c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/App_Scripts/ Frame 8280
106 KB
24 KB
Script
General
Full URL
https://c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/App_Scripts/MicrosoftAjax.js
Requested by
Host: euc-excel.officeapps.live.com
URL: https://euc-excel.officeapps.live.com/x/_layouts/xlform.aspx?ui=en%2DUS&rs=en%2DUS&WOPISrc=https%3A%2F%2Fgemsedu%2Dmy%2Esharepoint%2Ecom%2Fpersonal%2Fdana%5Fs1%5Fakn%5Fgemsedu%5Fcom%2F%5Fvti%5Fbin%2Fwopi%2Eashx%2Ffiles%2F1612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&wdEnableRoaming=1&mscc=0&wdODB=1&hid=19ffdd9f-30e2-c000-426a-ff3d2490df1d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4ddc354f0f9cefbe066f62418b719e96ab7a788249dbdfc3aa570755ab5c3171
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://euc-excel.officeapps.live.com
Referer
https://euc-excel.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
"a7cb5dc9878d71:0"
x-officecluster
SNL1
x-officeversion
16.0.14312.35904
x-officefe
AM4PEPF00006038
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
23714
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity,afd_excelslice,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
last-modified
Wed, 14 Jul 2021 10:07:26 GMT
x-officefd
AM4PEPF00006A3E
x-msedge-ref
Ref A: 3025414C84454E2D9E4EF1FEEE345F8D Ref B: AM3EDGE0616 Ref C: 2021-07-15T08:15:11Z
x-usersessionid
c16a5ae6-e6c9-4477-aaa9-5576c9d1cc51
date
Thu, 22 Jul 2021 10:31:04 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
c16a5ae6-e6c9-4477-aaa9-5576c9d1cc51
accept-ranges
bytes
timing-allow-origin
*
jquery-1.10.2.min.js
c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/App_Scripts/ Frame 8280
92 KB
30 KB
Script
General
Full URL
https://c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/App_Scripts/jquery-1.10.2.min.js
Requested by
Host: euc-excel.officeapps.live.com
URL: https://euc-excel.officeapps.live.com/x/_layouts/xlform.aspx?ui=en%2DUS&rs=en%2DUS&WOPISrc=https%3A%2F%2Fgemsedu%2Dmy%2Esharepoint%2Ecom%2Fpersonal%2Fdana%5Fs1%5Fakn%5Fgemsedu%5Fcom%2F%5Fvti%5Fbin%2Fwopi%2Eashx%2Ffiles%2F1612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&wdEnableRoaming=1&mscc=0&wdODB=1&hid=19ffdd9f-30e2-c000-426a-ff3d2490df1d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
52e63816d8b679f42d993be492bb99c713067c028df87032d8fd54b4dde74e3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://euc-excel.officeapps.live.com
Referer
https://euc-excel.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"9b2c5885179d71:0"
x-officecluster
PNL1
x-officeversion
16.0.14307.31875
x-officefe
AM4PEPF00006905
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
29841
cache-control
public,max-age=31536000
x-msedge-features
tasmigration015,typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
last-modified
Thu, 15 Jul 2021 08:15:11 GMT
x-officefd
AM4PEPF000068C3
x-msedge-ref
Ref A: 43AA7EFBB15D40F8B7105AE8DE046709 Ref B: AMS04EDGE1717 Ref C: 2021-07-15T08:15:11Z
x-usersessionid
396d1349-e73a-4c61-963b-d359066338e5
date
Thu, 22 Jul 2021 10:31:04 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
396d1349-e73a-4c61-963b-d359066338e5
accept-ranges
bytes
timing-allow-origin
*
AccessServerScriptsExternal.js
c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/App_Scripts/ Frame 8280
2 MB
243 KB
Script
General
Full URL
https://c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/App_Scripts/AccessServerScriptsExternal.js
Requested by
Host: euc-excel.officeapps.live.com
URL: https://euc-excel.officeapps.live.com/x/_layouts/xlform.aspx?ui=en%2DUS&rs=en%2DUS&WOPISrc=https%3A%2F%2Fgemsedu%2Dmy%2Esharepoint%2Ecom%2Fpersonal%2Fdana%5Fs1%5Fakn%5Fgemsedu%5Fcom%2F%5Fvti%5Fbin%2Fwopi%2Eashx%2Ffiles%2F1612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&wdEnableRoaming=1&mscc=0&wdODB=1&hid=19ffdd9f-30e2-c000-426a-ff3d2490df1d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3f614a4944f1cf78ff2295c20a114a2ffcf3eb8023a57001c15a010a15641c11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://euc-excel.officeapps.live.com
Referer
https://euc-excel.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"99159885179d71:0"
x-officecluster
PNL1
x-officeversion
16.0.14307.31875
x-officefe
AM4PEPF000086E1
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
247788
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_visioslice_control,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified
Thu, 15 Jul 2021 08:15:11 GMT
x-officefd
AM4PEPF000068AF
x-msedge-ref
Ref A: 5643720C596447B391C6012EAD4ED4FA Ref B: AM3EDGE0211 Ref C: 2021-07-15T08:15:11Z
x-usersessionid
f6a15c57-6b23-4a67-a895-7113542955d1
date
Thu, 22 Jul 2021 10:31:04 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
f6a15c57-6b23-4a67-a895-7113542955d1
accept-ranges
bytes
timing-allow-origin
*
AccsrvClientStrings.js
c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/App_Scripts/1033/ Frame 8280
65 KB
13 KB
Script
General
Full URL
https://c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/App_Scripts/1033/AccsrvClientStrings.js
Requested by
Host: euc-excel.officeapps.live.com
URL: https://euc-excel.officeapps.live.com/x/_layouts/xlform.aspx?ui=en%2DUS&rs=en%2DUS&WOPISrc=https%3A%2F%2Fgemsedu%2Dmy%2Esharepoint%2Ecom%2Fpersonal%2Fdana%5Fs1%5Fakn%5Fgemsedu%5Fcom%2F%5Fvti%5Fbin%2Fwopi%2Eashx%2Ffiles%2F1612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&wdEnableRoaming=1&mscc=0&wdODB=1&hid=19ffdd9f-30e2-c000-426a-ff3d2490df1d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
87878ad2267570e095b9e0eb362aede32bcebf24098ad7f325b1bbc629241915
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://euc-excel.officeapps.live.com
Referer
https://euc-excel.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"9c4f4885179d71:0"
x-officecluster
PNL1
x-officeversion
16.0.14307.31875
x-officefe
AM4PEPF000068FE
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-length
12632
cache-control
public,max-age=31536000
server
Microsoft-IIS/10.0
last-modified
Thu, 15 Jul 2021 08:15:11 GMT
x-officefd
AM4PEPF000068B8
x-usersessionid
2b0d2952-c962-4647-8c28-c3588cbadf20
date
Thu, 22 Jul 2021 10:31:04 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
2b0d2952-c962-4647-8c28-c3588cbadf20
accept-ranges
bytes
timing-allow-origin
*
Form.js
c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/App_Scripts/ Frame 8280
1 MB
173 KB
Script
General
Full URL
https://c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/App_Scripts/Form.js
Requested by
Host: euc-excel.officeapps.live.com
URL: https://euc-excel.officeapps.live.com/x/_layouts/xlform.aspx?ui=en%2DUS&rs=en%2DUS&WOPISrc=https%3A%2F%2Fgemsedu%2Dmy%2Esharepoint%2Ecom%2Fpersonal%2Fdana%5Fs1%5Fakn%5Fgemsedu%5Fcom%2F%5Fvti%5Fbin%2Fwopi%2Eashx%2Ffiles%2F1612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&wdEnableRoaming=1&mscc=0&wdODB=1&hid=19ffdd9f-30e2-c000-426a-ff3d2490df1d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c5fe592d7753873d5276a8e80d6d7cfcc6d0f500eb012d781668d59c11f28f00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://euc-excel.officeapps.live.com
Referer
https://euc-excel.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"e2db14885179d71:0"
x-officecluster
PNL1
x-officeversion
16.0.14307.31875
x-officefe
AM4PEPF0000690A
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
176282
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Thu, 15 Jul 2021 08:15:11 GMT
x-officefd
AM4PEPF000068C3
x-msedge-ref
Ref A: 725F6FB935964362971C8277918D715A Ref B: AM3EDGE0221 Ref C: 2021-07-15T08:15:11Z
x-usersessionid
9dee924b-3b89-49b4-8589-dabb2acfa01e
date
Thu, 22 Jul 2021 10:31:04 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
9dee924b-3b89-49b4-8589-dabb2acfa01e
accept-ranges
bytes
timing-allow-origin
*
Form.Strings.Wac.js
c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/App_Scripts/1033/ Frame 8280
2 KB
1 KB
Script
General
Full URL
https://c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/App_Scripts/1033/Form.Strings.Wac.js
Requested by
Host: euc-excel.officeapps.live.com
URL: https://euc-excel.officeapps.live.com/x/_layouts/xlform.aspx?ui=en%2DUS&rs=en%2DUS&WOPISrc=https%3A%2F%2Fgemsedu%2Dmy%2Esharepoint%2Ecom%2Fpersonal%2Fdana%5Fs1%5Fakn%5Fgemsedu%5Fcom%2F%5Fvti%5Fbin%2Fwopi%2Eashx%2Ffiles%2F1612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&wdEnableRoaming=1&mscc=0&wdODB=1&hid=19ffdd9f-30e2-c000-426a-ff3d2490df1d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f6464dc710ebb3531e5ee760dbafe662b66e184af7c8bcdb4832c03a3469b9a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://euc-excel.officeapps.live.com
Referer
https://euc-excel.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"f21b15885179d71:0"
x-officecluster
PNL1
x-officeversion
16.0.14307.31875
x-officefe
AM4PEPF00008EBD
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-length
661
cache-control
public,max-age=31536000
server
Microsoft-IIS/10.0
last-modified
Thu, 15 Jul 2021 08:15:11 GMT
x-officefd
AM4PEPF0000689D
x-usersessionid
932b157f-8b3d-4987-93e4-4173b6c847f5
date
Thu, 22 Jul 2021 10:31:04 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
932b157f-8b3d-4987-93e4-4173b6c847f5
accept-ranges
bytes
timing-allow-origin
*
CommonIntl.js
c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/App_Scripts/1033/ Frame 8280
102 KB
23 KB
Script
General
Full URL
https://c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/App_Scripts/1033/CommonIntl.js
Requested by
Host: euc-excel.officeapps.live.com
URL: https://euc-excel.officeapps.live.com/x/_layouts/xlform.aspx?ui=en%2DUS&rs=en%2DUS&WOPISrc=https%3A%2F%2Fgemsedu%2Dmy%2Esharepoint%2Ecom%2Fpersonal%2Fdana%5Fs1%5Fakn%5Fgemsedu%5Fcom%2F%5Fvti%5Fbin%2Fwopi%2Eashx%2Ffiles%2F1612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&wdEnableRoaming=1&mscc=0&wdODB=1&hid=19ffdd9f-30e2-c000-426a-ff3d2490df1d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9ae83c273adc5ef588c5b095f8832427224617ffecd5e3ad98a6cf9e95af8695
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://euc-excel.officeapps.live.com
Referer
https://euc-excel.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
W/"e88f13885179d71:0"
x-officecluster
PNL1
x-officeversion
16.0.14307.31875
x-officefe
AM4PEPF0000691B
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
content-length
23266
cache-control
public,max-age=31536000
server
Microsoft-IIS/10.0
last-modified
Thu, 15 Jul 2021 08:15:11 GMT
x-officefd
AM4PEPF000068A2
x-usersessionid
6c684212-079b-48cd-adf8-30e171c6f18d
date
Thu, 22 Jul 2021 10:31:04 GMT
content-type
application/javascript
access-control-allow-origin
*
x-correlationid
6c684212-079b-48cd-adf8-30e171c6f18d
accept-ranges
bytes
timing-allow-origin
*
calibri.woff
c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/Resources/1033/ Frame 8280
180 KB
181 KB
Font
General
Full URL
https://c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/Resources/1033/calibri.woff
Requested by
Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/Resources/1033/excelframe.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
502f8224244f3502f5b6d707efd7430f7d7a5a859c32711c5b04df55f51665ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://euc-excel.officeapps.live.com
Referer
https://c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/Resources/1033/excelframe.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
W/"c1c6358a8f79d71:0"
x-officecluster
PNL1
x-officeversion
16.0.14307.31875
x-officefe
AM4PEPF000068DD
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
184156
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified
Thu, 15 Jul 2021 15:39:03 GMT
x-officefd
AM4PEPF000068BB
x-msedge-ref
Ref A: DCABF7052F3B49F59F8A11A67C73E98B Ref B: AMS04EDGE1516 Ref C: 2021-07-15T15:39:03Z
x-usersessionid
3e8ae354-cd6f-4da5-9873-8c3cc3599cbc
date
Thu, 22 Jul 2021 10:31:04 GMT
content-type
font/x-woff
access-control-allow-origin
*
x-correlationid
3e8ae354-cd6f-4da5-9873-8c3cc3599cbc
accept-ranges
bytes
timing-allow-origin
*
accsvc.png
c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/Resources/ Frame 8280
11 KB
11 KB
Image
General
Full URL
https://c1h-excel-15.cdn.office.net/x/s/161431235904__layouts/Resources/accsvc.png
Requested by
Host: gemsedu-my.sharepoint.com
URL: https://gemsedu-my.sharepoint.com/:x:/r/personal/dana_s1_akn_gemsedu_com/_layouts/15/WopiFrame.aspx?guestaccesstoken=oAezxK5MMx2mRtnaNEfZwHsjNV1cc%2bJndGEeElX9C6A%3d&docid=1_11612bd4d7523417abf87a4f0f0b06e59&wdFormId=%7BFDEC8D88%2D4126%2D4EA2%2D8BF1%2DB2BCC84C03F3%7D&action=formsubmit
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b79301dd3b154b4e5e5381fc462c54a216469ca2fc5ccd819fd11271c2899397
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://euc-excel.officeapps.live.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
etag
W/"6fe7c5c7579d71:0"
x-officecluster
PNL1
x-officeversion
16.0.14307.31875
x-officefe
AM4PEPF000068CC
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy
cross-origin
x-msedge-flight
2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length
10874
cache-control
public,max-age=31536000
x-msedge-features
typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified
Thu, 15 Jul 2021 12:31:39 GMT
x-officefd
AM4PEPF000068A5
x-msedge-ref
Ref A: 3B0FC8145D7841B78ED4D3A82BBA3AF9 Ref B: AMS04EDGE1110 Ref C: 2021-07-15T12:31:39Z
x-usersessionid
e1ba8038-6ef5-4c4f-bd51-59add37ed540
date
Thu, 22 Jul 2021 10:31:04 GMT
content-type
image/png
access-control-allow-origin
*
x-correlationid
e1ba8038-6ef5-4c4f-bd51-59add37ed540
accept-ranges
bytes
timing-allow-origin
*

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
.euc-excel.officeapps.live.com/ Name: GEU9-Excel-ARRAffinity
Value: 60e4c79c76702f9b4a8467757c56f80d10f0559e1438d8b8c96950241cd33442
euc-excel.officeapps.live.com/ Name: DcLcid
Value: ui=1033&data=1033

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com *.powerapps.com *.yammer.com *.officeapps.live.com *.office.com *.stream.azure-test.net *.microsoftstream.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
c1h-excel-15.cdn.office.net
euc-excel.officeapps.live.com
gemsedu-my.sharepoint.com
statica.akamai.odsp.cdn.office.net
13.107.138.9
13.107.6.171
2a02:26f0:6c00:2a3::1c24
2a02:26f0:6c00::210:ba09
67.199.248.11
07b4288c318eb6671b3f960da2a78ed6d54672081e2274b15ada52361f3ecf28
09461d2ae938dd8efc62e8543f3fd65379460e01e615c19b6178a1ad7a0ff46a
0ca6d19ce790c96de0e3db4b4098c6b04fff9625643f1163090b19dc2d188c13
1324c5317d5917a5f18b6da980b1f4f6b624c8e2d67ed611fb17178c427191b7
2e263437f86fd1f0c17b58aa3badd8b3dac839b7852576e6d08d2893c2292e32
333938effaf5df928d87d07597d9abdf80b69c09a60e23a1241e6beb3faa1b4a
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3c090e03779df65a1a655567667346ac6475fed39b0673f80ba416c39937a8db
3f614a4944f1cf78ff2295c20a114a2ffcf3eb8023a57001c15a010a15641c11
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
41dec0f91f824fa2b3ad2cb794344086e545e0da384e3dd5b898cf8fa0e8d915
44811803e9582cf86ff89eadef49b5ab6944bc7875c180ea1c038d700f643f86
4ddc354f0f9cefbe066f62418b719e96ab7a788249dbdfc3aa570755ab5c3171
502f8224244f3502f5b6d707efd7430f7d7a5a859c32711c5b04df55f51665ed
52e63816d8b679f42d993be492bb99c713067c028df87032d8fd54b4dde74e3f
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
67ba7573b1873bb2e9c98929d7a1deaf4939930e861e024a5fb4eda098292b1c
7238ac97fd86b6268c59fdb98759d28c7849487ad1bd69c810686b40cae99bc4
77fc2387bcbb51481e55222829aa9e69668c5f3bc1e1a85cc62b9096265146b2
82fc1914631487db7a59c2d11e87f0d44ecaa7ec7b604722c86ec6ee88666795
8738756cf1f86bb9524d1f67adfa02d9aab26d917802f4ca58be0404a922fe0d
87878ad2267570e095b9e0eb362aede32bcebf24098ad7f325b1bbc629241915
9ae83c273adc5ef588c5b095f8832427224617ffecd5e3ad98a6cf9e95af8695
9ca162ccf1873d0e2456c9663c7b6a58eec1efad62582668be08e24090784df9
a9c951c9579fa97b728f0afb62e39b6f33eaedadf2301570ac5cd90cc8f67791
ac55c42494f1d4c25aae2ae3308b02b0e903db7fc9ad2b2b3800842ed263dfec
b1ed6c9bfafca04189598b99bb121f1a2a240a617641c85088a5371e1745d8c0
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b79301dd3b154b4e5e5381fc462c54a216469ca2fc5ccd819fd11271c2899397
c5fe592d7753873d5276a8e80d6d7cfcc6d0f500eb012d781668d59c11f28f00
e6badc2a49867d2223c9a45d6cbcdfd79f9d8f3b2e8520e517eea76a8b8c44aa
e96aeb8c605e69d61bfaf5f5803d7151388dcdc16e18059f38338e908e2f7a43
f6464dc710ebb3531e5ee760dbafe662b66e184af7c8bcdb4832c03a3469b9a6