Submitted URL: http://etkinkimya.com/index%20/june/xcel.php
Effective URL: https://office.live.com/start/Excel.aspx
Submission: On October 25 via manual from US

Summary

This website contacted 8 IPs in 5 countries across 4 domains to perform 28 HTTP transactions. The main IP is 2603:1020:201::37, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is office.live.com.
TLS certificate: Issued by Microsoft IT SSL SHA2 on October 5th 2016. Valid for: 2 years.
This is the only time office.live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.85.204.180 42910 (EQUINIX-T...)
1 2 2603:1020:201... 8075 (MICROSOFT...)
12 2a02:26f0:122... 20940 (AKAMAI-ASN1)
1 2a02:26f0:122... 20940 (AKAMAI-ASN1)
5 40.113.17.180 8075 (MICROSOFT...)
5 23.8.13.56 20940 (AKAMAI-ASN1)
2 2606:2800:133... 15133 (EDGECAST)
1 2620:1ec:a92:... 8068 (MICROSOFT...)
28 8
Domain Requested by
13 s1-odc-15.cdn.office.net office.live.com
s1-odc-15.cdn.office.net
5 cdn.odc.officeapps.live.com odc.officeapps.live.com
5 odc.officeapps.live.com s1-odc-15.cdn.office.net
odc.officeapps.live.com
2 ajax.aspnetcdn.com odc.officeapps.live.com
2 office.live.com 1 redirects s1-odc-15.cdn.office.net
1 excel.officeapps.live.com s1-odc-15.cdn.office.net
1 etkinkimya.com 1 redirects
28 7

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
www.onenote.com
sway.com
web.skype.com
www.office.com
store.office.com
Subject Issuer Validity Valid
officeapps.live.com
Microsoft IT SSL SHA2
2016-10-05 -
2018-05-05
2 years crt.sh
*.cdn.office.net
Microsoft IT SSL SHA2
2016-04-05 -
2018-04-05
2 years crt.sh
odc.officeapps.live.com
Microsoft IT SSL SHA2
2016-11-09 -
2018-04-09
a year crt.sh
cdn.odc.officeapps.live.com
Microsoft IT SSL SHA2
2016-07-29 -
2018-04-29
2 years crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 5
2017-10-18 -
2019-10-18
2 years crt.sh

This page contains 3 frames:

Primary Page: https://office.live.com/start/Excel.aspx
Frame ID: 4089.1
Requests: 15 HTTP requests in this frame

Frame: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
Frame ID: 4089.2
Requests: 12 HTTP requests in this frame

Frame: https://excel.officeapps.live.com/x/StaticLoad.aspx?wx=x&wv=e&ui=en%2DUS&usescript=1
Frame ID: 4089.3
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://etkinkimya.com/index%20/june/xcel.php HTTP 302
    http://office.live.com/start/Excel.aspx HTTP 302
    https://office.live.com/start/Excel.aspx Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i

Page Statistics

28
Requests

96 %
HTTPS

63 %
IPv6

4
Domains

7
Subdomains

8
IPs

5
Countries

483 kB
Transfer

745 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://etkinkimya.com/index%20/june/xcel.php HTTP 302
    http://office.live.com/start/Excel.aspx HTTP 302
    https://office.live.com/start/Excel.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set Excel.aspx
office.live.com/start/
Redirect Chain
  • http://etkinkimya.com/index%20/june/xcel.php
  • http://office.live.com/start/Excel.aspx
  • https://office.live.com/start/Excel.aspx
16 KB
4 KB
Document
General
Full URL
https://office.live.com/start/Excel.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
2603:1020:201::37 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
5c2ab5d1355f4b8a356cf5489be23cf834420281f8532bece7a3a05706a0e0b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
office.live.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Cookie
DcLcid=ui=1033&data=1033; BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Connection
keep-alive
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
NL1
X-OfficeVersion
16.0.8719.1902
X-OfficeFE
cb21958521b0
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Vary
Accept-Encoding
Content-Length
3965
Server
Microsoft-IIS/8.5
X-CorrelationId
49b31d83-031b-4c18-a567-3177c4b0fdce
X-OFFICEFD
05d3c86664be
X-CCR
true
X-UserSessionId
49b31d83-031b-4c18-a567-3177c4b0fdce
Date
Wed, 25 Oct 2017 19:45:32 GMT
X-FRAME-OPTIONS
DENY
Content-Type
text/html; charset=utf-8
Cache-Control
private
Set-Cookie
s_id=49b31d83-031b-4c18-a567-3177c4b0fdce; expires=Wed, 25-Oct-2017 20:15:32 GMT; path=/; secure; HttpOnly DcLcid=ui=1033&data=1033; expires=Thu, 25-Jan-2018 19:45:32 GMT; path=/; secure; HttpOnly BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; path=/ AADNonce=997aaaa1-36a0-4ca0-b0a0-b441bef665a3.636445575320342423; domain=live.com; path=/; secure; HttpOnly

Redirect headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-OfficeCluster
NL1
X-OfficeVersion
16.0.8719.1902
X-OfficeFE
cbb3e4d44391
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Length
157
Server
Microsoft-IIS/8.5
X-CorrelationId
311b1c63-d16b-492a-9bfa-19a35dd8148f
X-OFFICEFD
ebb6bb8c6dea
X-CCR
true
X-UserSessionId
311b1c63-d16b-492a-9bfa-19a35dd8148f
Date
Wed, 25 Oct 2017 19:45:31 GMT
X-FRAME-OPTIONS
DENY
Content-Type
text/html; charset=utf-8
Location
https://office.live.com/start/Excel.aspx
Cache-Control
private
Set-Cookie
s_id=311b1c63-d16b-492a-9bfa-19a35dd8148f; expires=Wed, 25-Oct-2017 20:15:32 GMT; path=/; secure; HttpOnly DcLcid=ui=1033&data=1033; expires=Thu, 25-Jan-2018 19:45:32 GMT; path=/; HttpOnly BIGipCookie=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; path=/
landing.css
s1-odc-15.cdn.office.net/start/s/1687191902_resources/1033/
24 KB
5 KB
Stylesheet
General
Full URL
https://s1-odc-15.cdn.office.net/start/s/1687191902_resources/1033/landing.css
Requested by
Host: office.live.com
URL: https://office.live.com/start/Excel.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:122:38d::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
16e01663d61a1e80d11d143143d1456efc436b73bf5945f598c3cb3cbbfa02ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s1-odc-15.cdn.office.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://office.live.com/start/Excel.aspx
Connection
keep-alive
Cache-Control
no-cache
Referer
https://office.live.com/start/Excel.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"0ebc326f749d31:0"
X-OfficeCluster
NL1
X-OfficeVersion
16.0.8704.1726
X-OfficeFE
2f9a65f5092e
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
4827
Cache-Control
private
Last-Modified
Fri, 20 Oct 2017 22:59:58 GMT
X-OFFICEFD
e848275d9c5b
X-MSEdge-Ref
Ref A: C2F81699332A4EBDA02413EB94550316 Ref B: AMS04EDGE0919 Ref C: 2017-10-20T22:59:59Z
X-UserSessionId
4b561ee7-7801-4376-b7ac-f28755448dec
Date
Wed, 25 Oct 2017 19:45:32 GMT
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
X-CorrelationId
4b561ee7-7801-4376-b7ac-f28755448dec
Accept-Ranges
bytes
sharedheaderwithfonts.css
s1-odc-15.cdn.office.net/start/s/1687191902_resources/1033/
10 KB
3 KB
Stylesheet
General
Full URL
https://s1-odc-15.cdn.office.net/start/s/1687191902_resources/1033/sharedheaderwithfonts.css
Requested by
Host: office.live.com
URL: https://office.live.com/start/Excel.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:122:38d::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
3c931de8a934d1e492d0bd8a2554c4309302d6aa47b4398b31cd82dc849bdd39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s1-odc-15.cdn.office.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://office.live.com/start/Excel.aspx
Connection
keep-alive
Cache-Control
no-cache
Referer
https://office.live.com/start/Excel.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"80815c27f749d31:0"
X-OfficeCluster
NL1
X-OfficeVersion
16.0.8704.1726
X-OfficeFE
26d529b26414
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
2811
Cache-Control
private
Last-Modified
Fri, 20 Oct 2017 22:59:59 GMT
X-OFFICEFD
27ef2334c30b
X-MSEdge-Ref
Ref A: EC228138EA70417A9C2F6AB12C49B8A7 Ref B: AMSEDGE0214 Ref C: 2017-10-20T22:59:59Z
X-UserSessionId
575a4070-0372-4815-91bf-d239e4df057c
Date
Wed, 25 Oct 2017 19:45:32 GMT
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
X-CorrelationId
575a4070-0372-4815-91bf-d239e4df057c
Accept-Ranges
bytes
home.js
s1-odc-15.cdn.office.net/start/s/1687191902_App_Scripts/
17 KB
5 KB
Script
General
Full URL
https://s1-odc-15.cdn.office.net/start/s/1687191902_App_Scripts/home.js
Requested by
Host: office.live.com
URL: https://office.live.com/start/Excel.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:122:38d::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
8431870f0c2b40151a52f34e6185ff255be9fcb86fec97037925510d3997a966
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s1-odc-15.cdn.office.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
https://office.live.com/start/Excel.aspx
Connection
keep-alive
Cache-Control
no-cache
Referer
https://office.live.com/start/Excel.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"80815c27f749d31:0"
X-OfficeCluster
NL1
X-OfficeVersion
16.0.8704.1726
X-OfficeFE
8b407c8cbe74
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
4945
Cache-Control
private
Last-Modified
Fri, 20 Oct 2017 22:59:59 GMT
X-OFFICEFD
2c54152ae3fc
X-MSEdge-Ref
Ref A: 39F9BDA63D4C44FBABEF0FE2ADF2D1DD Ref B: AMS04EDGE0413 Ref C: 2017-10-20T22:59:59Z
X-UserSessionId
5121d03f-4d8a-4fa0-97ed-5ba41b0ba01b
Date
Wed, 25 Oct 2017 19:45:32 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
5121d03f-4d8a-4fa0-97ed-5ba41b0ba01b
Accept-Ranges
bytes
jquery.min.js
s1-odc-15.cdn.office.net/start/s/1687191902_App_Scripts/
91 KB
33 KB
Script
General
Full URL
https://s1-odc-15.cdn.office.net/start/s/1687191902_App_Scripts/jquery.min.js
Requested by
Host: office.live.com
URL: https://office.live.com/start/Excel.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:122:38d::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
19336dfd9869db89640e751b014395eb8f054febbe035b534ccd10e04e80ce45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s1-odc-15.cdn.office.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
https://office.live.com/start/Excel.aspx
Connection
keep-alive
Cache-Control
no-cache
Referer
https://office.live.com/start/Excel.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
"035849fb49d31:0"
X-OfficeCluster
NL1
X-CCR
true
X-OfficeVersion
16.0.8719.1902
X-OfficeFE
afcfdee3c9d9
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
34200
Cache-Control
private
Last-Modified
Fri, 20 Oct 2017 23:29:34 GMT
X-OFFICEFD
127686219eed
X-MSEdge-Ref
Ref A: 3E539AA20F6E4B7E979B390059D5186C Ref B: AMS04EDGE0617 Ref C: 2017-10-24T21:51:58Z
X-UserSessionId
b44c53f3-63c9-4680-a955-c86a9df38ef3
Date
Wed, 25 Oct 2017 19:45:32 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
b44c53f3-63c9-4680-a955-c86a9df38ef3
Accept-Ranges
bytes
commondiagnostics.js
s1-odc-15.cdn.office.net/start/s/1687191902_App_Scripts/
29 KB
9 KB
Script
General
Full URL
https://s1-odc-15.cdn.office.net/start/s/1687191902_App_Scripts/commondiagnostics.js
Requested by
Host: office.live.com
URL: https://office.live.com/start/Excel.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:122:38d::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
8dd8f8d2c8a871be3e321448b56c8c74b0acef729aeda7d7eda2fdd3b4ac13e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s1-odc-15.cdn.office.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
https://office.live.com/start/Excel.aspx
Connection
keep-alive
Cache-Control
no-cache
Referer
https://office.live.com/start/Excel.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"80815c27f749d31:0"
X-OfficeCluster
NL1
X-OfficeVersion
16.0.8704.1726
X-OfficeFE
b0d92bad417f
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
9074
Cache-Control
private
Last-Modified
Fri, 20 Oct 2017 22:59:59 GMT
X-OFFICEFD
e0217aff69ac
X-MSEdge-Ref
Ref A: CF51DFDFC11F42509F6C3E01435C8B29 Ref B: AMS04EDGE0608 Ref C: 2017-10-20T22:59:59Z
X-UserSessionId
52e812e7-05bf-4369-b94e-7647983ad488
Date
Wed, 25 Oct 2017 19:45:32 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
52e812e7-05bf-4369-b94e-7647983ad488
Accept-Ranges
bytes
clicklogging.js
s1-odc-15.cdn.office.net/start/s/1687191902_App_Scripts/
2 KB
740 B
Script
General
Full URL
https://s1-odc-15.cdn.office.net/start/s/1687191902_App_Scripts/clicklogging.js
Requested by
Host: office.live.com
URL: https://office.live.com/start/Excel.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:122:38d::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
ed6fd415cc6ee8375785ba73334cbc0f5e25e55e27c6e0adff02fd9a6bd0328c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s1-odc-15.cdn.office.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
https://office.live.com/start/Excel.aspx
Connection
keep-alive
Cache-Control
no-cache
Referer
https://office.live.com/start/Excel.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
ETag
W/"1c6b927f749d31:0"
X-OfficeCluster
NL1
X-OfficeVersion
16.0.8704.1726
X-OfficeFE
75e5ad681b5a
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
740
Cache-Control
private
Last-Modified
Fri, 20 Oct 2017 22:59:59 GMT
X-OFFICEFD
3e7a8d0d1b8a
X-MSEdge-Ref
Ref A: CC3FA08EF6BF4D2D92DEEA1084D996F6 Ref B: AMS04EDGE0813 Ref C: 2017-10-20T22:59:59Z
X-UserSessionId
e95451c3-a9ee-4ad2-97a1-d51d1df23c76
Date
Wed, 25 Oct 2017 19:45:32 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-CorrelationId
e95451c3-a9ee-4ad2-97a1-d51d1df23c76
Accept-Ranges
bytes
CancelGlyph.16x16x32.png
s1-odc-15.cdn.office.net/start/s/1687191902_resources/1033/
304 B
304 B
Image
General
Full URL
https://s1-odc-15.cdn.office.net/start/s/1687191902_resources/1033/CancelGlyph.16x16x32.png
Requested by
Host: office.live.com
URL: https://office.live.com/start/Excel.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:122:38d::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
bb20a8a39f0035d73590f61565c4b373cb60085037186c2c8bc0e6e730dcff88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s1-odc-15.cdn.office.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://office.live.com/start/Excel.aspx
Connection
keep-alive
Cache-Control
no-cache
Referer
https://office.live.com/start/Excel.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
ETag
W/"93545361f749d31:0"
X-OFFICEFD
80c350b7252e
X-CCR
true
X-OfficeVersion
16.0.8704.1726
X-OfficeFE
8b407c8cbe74
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
304
Cache-Control
private
Last-Modified
Fri, 20 Oct 2017 23:01:36 GMT
X-OfficeCluster
NL1
X-MSEdge-Ref
Ref A: 132A7750E16D480BB722D41F6FA96B75 Ref B: AMS04EDGE0413 Ref C: 2017-10-20T23:01:36Z
X-UserSessionId
6fea4c42-ad4d-4b94-b008-1cd2604a104b
Date
Wed, 25 Oct 2017 19:45:32 GMT
Content-Type
image/png
Access-Control-Allow-Origin
*
X-CorrelationId
6fea4c42-ad4d-4b94-b008-1cd2604a104b
Accept-Ranges
bytes
App_Switcher_Waffle.50x50x32.png
s1-odc-15.cdn.office.net/start/s/1687191902_resources/1033/
203 B
203 B
Image
General
Full URL
https://s1-odc-15.cdn.office.net/start/s/1687191902_resources/1033/App_Switcher_Waffle.50x50x32.png?b=16087191902
Requested by
Host: office.live.com
URL: https://office.live.com/start/Excel.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:122:38d::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
67edce575ea04a1c6fedcf7054811b736a5ba3f0cfb9eb8140a6b5f422b53b03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s1-odc-15.cdn.office.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://office.live.com/start/Excel.aspx
Connection
keep-alive
Cache-Control
no-cache
Referer
https://office.live.com/start/Excel.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
ETag
W/"489c9227f749d31:0"
X-OFFICEFD
943f35494427
X-MSEdge-Ref
Ref A: 9C21D85313754BB68834A082CCFEF8BF Ref B: AMS04EDGE0919 Ref C: 2017-10-20T22:59:59Z
X-OfficeVersion
16.0.8704.1726
X-OfficeFE
586279dc2247
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
203
Cache-Control
private
Last-Modified
Fri, 20 Oct 2017 22:59:59 GMT
X-OfficeCluster
NL1
X-UserSessionId
f4a4d27b-0aea-4624-841c-d33af0800e08
Date
Wed, 25 Oct 2017 19:45:32 GMT
Content-Type
image/png
Access-Control-Allow-Origin
*
X-CorrelationId
f4a4d27b-0aea-4624-841c-d33af0800e08
Accept-Ranges
bytes
wapsw.png
s1-odc-15.cdn.office.net/start/s/1687191902_resources/1033/
10 KB
10 KB
Image
General
Full URL
https://s1-odc-15.cdn.office.net/start/s/1687191902_resources/1033/wapsw.png?b=16087191902
Requested by
Host: office.live.com
URL: https://office.live.com/start/Excel.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:122:38d::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
96ca722b29f6a5723564ad8b5330547b44c649e1bc487ded9b0de2061f5dd643
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s1-odc-15.cdn.office.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://office.live.com/start/Excel.aspx
Connection
keep-alive
Cache-Control
no-cache
Referer
https://office.live.com/start/Excel.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
ETag
W/"a29ab127f749d31:0"
X-OFFICEFD
a209892d4b85
X-MSEdge-Ref
Ref A: 0ECEF01808D9450FA852E31362B7DBA0 Ref B: AMSEDGE0214 Ref C: 2017-10-20T22:59:59Z
X-OfficeVersion
16.0.8704.1726
X-OfficeFE
586279dc2247
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
10479
Cache-Control
private
Last-Modified
Fri, 20 Oct 2017 22:59:59 GMT
X-OfficeCluster
NL1
X-UserSessionId
236733de-8a96-4691-8b1e-ce9a46b6558c
Date
Wed, 25 Oct 2017 19:45:32 GMT
Content-Type
image/png
Access-Control-Allow-Origin
*
X-CorrelationId
236733de-8a96-4691-8b1e-ce9a46b6558c
Accept-Ranges
bytes
Globe_Light.20x20x32.png
s1-odc-15.cdn.office.net/start/s/1687191902_resources/1033/
504 B
504 B
Image
General
Full URL
https://s1-odc-15.cdn.office.net/start/s/1687191902_resources/1033/Globe_Light.20x20x32.png?b=16087191902
Requested by
Host: office.live.com
URL: https://office.live.com/start/Excel.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:122:38d::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
89ffdcc7c149b81a4aa03769e1c69b47ac2a9c005dcb7fb00d9ae7560e9e3e4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s1-odc-15.cdn.office.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://office.live.com/start/Excel.aspx
Connection
keep-alive
Cache-Control
no-cache
Referer
https://office.live.com/start/Excel.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
ETag
W/"c8e77e27f749d31:0"
X-OFFICEFD
2c54152ae3fc
X-MSEdge-Ref
Ref A: BB7C486AF0AD4498B2BAB629AD2C1290 Ref B: AMSEDGE0417 Ref C: 2017-10-20T22:59:59Z
X-OfficeVersion
16.0.8704.1726
X-OfficeFE
afcfdee3c9d9
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
504
Cache-Control
private
Last-Modified
Fri, 20 Oct 2017 22:59:59 GMT
X-OfficeCluster
NL1
X-UserSessionId
48382c49-063d-4548-a8ef-e8fa5914c7b0
Date
Wed, 25 Oct 2017 19:45:32 GMT
Content-Type
image/png
Access-Control-Allow-Origin
*
X-CorrelationId
48382c49-063d-4548-a8ef-e8fa5914c7b0
Accept-Ranges
bytes
bgapp_excel_gridtile.png
s1-odc-15.cdn.office.net/start/s/1687191902_resources/1033/
186 B
186 B
Image
General
Full URL
https://s1-odc-15.cdn.office.net/start/s/1687191902_resources/1033/bgapp_excel_gridtile.png
Requested by
Host: s1-odc-15.cdn.office.net
URL: https://s1-odc-15.cdn.office.net/start/s/1687191902_App_Scripts/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:122:38d::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
9cf31adc8b96d5258263d94d820ea52a3a4569a83915f44463f941bd07797bb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s1-odc-15.cdn.office.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://s1-odc-15.cdn.office.net/start/s/1687191902_resources/1033/landing.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://s1-odc-15.cdn.office.net/start/s/1687191902_resources/1033/landing.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
ETag
W/"3aa4de57f749d31:0"
X-OFFICEFD
127686219eed
X-CCR
true
X-OfficeVersion
16.0.8704.1726
X-OfficeFE
3fdb1e0b0105
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
186
Cache-Control
private
Last-Modified
Fri, 20 Oct 2017 23:01:20 GMT
X-OfficeCluster
NL1
X-MSEdge-Ref
Ref A: 9551DCC0029D46C2B9198ABEEB63D87A Ref B: AMS04EDGE0816 Ref C: 2017-10-20T23:01:20Z
X-UserSessionId
75020d8a-8435-4f22-8389-cc9f2bb6964f
Date
Wed, 25 Oct 2017 19:45:32 GMT
Content-Type
image/png
Access-Control-Allow-Origin
*
X-CorrelationId
75020d8a-8435-4f22-8389-cc9f2bb6964f
Accept-Ranges
bytes
segoeuil.woff
s1-odc-15.cdn.office.net/start/s/1687191902_resources/1033/
22 KB
22 KB
Font
General
Full URL
https://s1-odc-15.cdn.office.net/start/s/1687191902_resources/1033/segoeuil.woff
Requested by
Host: s1-odc-15.cdn.office.net
URL: https://s1-odc-15.cdn.office.net/start/s/1687191902_App_Scripts/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:122:38f::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
207ba9800c3ee8ec17db342827b4e78ada94c9101a0e4f39ecde92450f06c5ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Pragma
no-cache
Origin
https://office.live.com
Accept-Encoding
gzip, deflate
Host
s1-odc-15.cdn.office.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
https://s1-odc-15.cdn.office.net/start/s/1687191902_resources/1033/sharedheaderwithfonts.css
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Referer
https://s1-odc-15.cdn.office.net/start/s/1687191902_resources/1033/sharedheaderwithfonts.css
Origin
https://office.live.com

Response headers

Strict-Transport-Security
max-age=31536000
ETag
W/"8fe1d28f749d31:0"
X-OFFICEFD
a209892d4b85
X-MSEdge-Ref
Ref A: B730F5CEB3784DBD8643990234C3F268 Ref B: AMSEDGE0214 Ref C: 2017-10-20T22:59:59Z
X-OfficeVersion
16.0.8704.1726
X-OfficeFE
e1d8c9f784ac
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
22204
Cache-Control
private
Last-Modified
Fri, 20 Oct 2017 23:00:00 GMT
X-OfficeCluster
NL1
X-UserSessionId
f196c1c9-7c14-4555-8721-06f3f00cb31d
Date
Wed, 25 Oct 2017 19:45:32 GMT
Content-Type
font/x-woff
Access-Control-Allow-Origin
*
X-CorrelationId
f196c1c9-7c14-4555-8721-06f3f00cb31d
Accept-Ranges
bytes
progress.gif
s1-odc-15.cdn.office.net/start/s/1687191902_resources/1033/
695 B
695 B
Image
General
Full URL
https://s1-odc-15.cdn.office.net/start/s/1687191902_resources/1033/progress.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:122:38d::1aff , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
s1-odc-15.cdn.office.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://s1-odc-15.cdn.office.net/start/s/1687191902_resources/1033/sharedheaderwithfonts.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://s1-odc-15.cdn.office.net/start/s/1687191902_resources/1033/sharedheaderwithfonts.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
ETag
W/"8fb6d427f749d31:0"
X-OFFICEFD
406257a39a0f
X-MSEdge-Ref
Ref A: C30767BA21C84C8189F6F9C143105E6C Ref B: AMSEDGE0417 Ref C: 2017-10-20T22:59:59Z
X-OfficeVersion
16.0.8704.1726
X-OfficeFE
020abf7bd11f
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
695
Cache-Control
private
Last-Modified
Fri, 20 Oct 2017 22:59:59 GMT
X-OfficeCluster
NL1
X-UserSessionId
b3009e1b-4f4d-41f7-b180-f021d9ddb648
Date
Wed, 25 Oct 2017 19:45:32 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-CorrelationId
b3009e1b-4f4d-41f7-b180-f021d9ddb648
Accept-Ranges
bytes
hrd
odc.officeapps.live.com/odc/v2.0/ Frame 4089
8 KB
8 KB
Document
General
Full URL
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
Requested by
Host: s1-odc-15.cdn.office.net
URL: https://s1-odc-15.cdn.office.net/start/s/1687191902_App_Scripts/home.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.113.17.180 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0919fe0e5ea59e3d528fd8c4633d19522525a9f04c8922b8d37d4bb5d1ffbac1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
odc.officeapps.live.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://office.live.com/start/Excel.aspx
Cookie
AADNonce=997aaaa1-36a0-4ca0-b0a0-b441bef665a3.636445575320342423
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
https://office.live.com/start/Excel.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Wed, 25 Oct 2017 19:45:33 GMT
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-odc.officeapps.live.com
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-OfficeFE
OdcFrontEnd_IN_8
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Length
8466
X-UA-Compatible
IE=11
X-AspNetMvc-Version
5.2
X-CorrelationId
c3e11df1-755b-4001-8871-a72ec60a2db6
Server
Microsoft-IIS/8.5
X-UserSessionId
c3e11df1-755b-4001-8871-a72ec60a2db6
Content-Type
text/html; charset=utf-8
Cache-Control
private, max-age=2678400
X-OfficeVersion
16.0.8722.6602
hrd.css
odc.officeapps.live.com/odc/stat/ Frame 4089
20 KB
5 KB
Stylesheet
General
Full URL
https://odc.officeapps.live.com/odc/stat/hrd.css?b=8722.6602
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.113.17.180 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
708d633fb71ec4cba0ba576b519ae6804c6d2534f90717d0be1fb33d66b0f2fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
odc.officeapps.live.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
Cookie
AADNonce=997aaaa1-36a0-4ca0-b0a0-b441bef665a3.636445575320342423
Connection
keep-alive
Cache-Control
no-cache
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Wed, 25 Oct 2017 19:45:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-odc.officeapps.live.com
X-Powered-By
ASP.NET
X-OfficeFE
OdcFrontEnd_IN_8
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Length
4764
Cache-Control
private, max-age=2678400
Last-Modified
Mon, 23 Oct 2017 04:38:14 GMT
Server
Microsoft-IIS/8.5
X-UserSessionId
6b042893-e911-4cd0-8f9f-764107bbb388
ETag
"03ff3bcb84bd31:0"
Vary
Accept-Encoding
Content-Type
text/css
X-CorrelationId
6b042893-e911-4cd0-8f9f-764107bbb388
Accept-Ranges
bytes
X-OfficeVersion
16.0.8722.6602
microsoft_logo.svg
cdn.odc.officeapps.live.com/odc/stat/images/hrd/ Frame 4089
4 KB
4 KB
Image
General
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/images/hrd/microsoft_logo.svg?b=8722.6602
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.8.13.56 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-8-13-56.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cdn.odc.officeapps.live.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
Cookie
AADNonce=997aaaa1-36a0-4ca0-b0a0-b441bef665a3.636445575320342423
Connection
keep-alive
Cache-Control
no-cache
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Wed, 25 Oct 2017 19:45:32 GMT
X-Content-Type-Options
nosniff
X-OfficeCluster
weu-odc.officeapps.live.com
X-Powered-By
ASP.NET
X-OfficeFE
OdcFrontEnd_IN_154
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
3651
Cache-Control
private, max-age=2512042
Last-Modified
Wed, 18 Oct 2017 01:37:08 GMT
Server
Microsoft-IIS/8.5
X-UserSessionId
1e7676a6-7762-4e98-a42d-a79ce14282d8
ETag
"07a3e9cb147d31:0"
Content-Type
image/svg+xml
X-CorrelationId
1e7676a6-7762-4e98-a42d-a79ce14282d8
Accept-Ranges
bytes
X-OfficeVersion
16.0.8717.6601
picker-account-aad.svg
cdn.odc.officeapps.live.com/odc/stat/images/hrd/ Frame 4089
756 B
756 B
Image
General
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/images/hrd/picker-account-aad.svg?b=8722.6602
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.8.13.56 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-8-13-56.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cdn.odc.officeapps.live.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
Cookie
AADNonce=997aaaa1-36a0-4ca0-b0a0-b441bef665a3.636445575320342423
Connection
keep-alive
Cache-Control
no-cache
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Wed, 25 Oct 2017 19:45:32 GMT
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-odc.officeapps.live.com
X-Powered-By
ASP.NET
X-OfficeFE
OdcFrontEnd_IN_19
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
756
Cache-Control
private, max-age=2512166
Last-Modified
Wed, 18 Oct 2017 01:37:08 GMT
Server
Microsoft-IIS/8.5
X-UserSessionId
1739794a-0832-4906-b55d-860b313dd690
ETag
"07a3e9cb147d31:0"
Content-Type
image/svg+xml
X-CorrelationId
1739794a-0832-4906-b55d-860b313dd690
Accept-Ranges
bytes
X-OfficeVersion
16.0.8717.6601
picker-account-msa.svg
cdn.odc.officeapps.live.com/odc/stat/images/hrd/ Frame 4089
379 B
379 B
Image
General
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/images/hrd/picker-account-msa.svg?b=8722.6602
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.8.13.56 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-8-13-56.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cdn.odc.officeapps.live.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
Cookie
AADNonce=997aaaa1-36a0-4ca0-b0a0-b441bef665a3.636445575320342423
Connection
keep-alive
Cache-Control
no-cache
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Wed, 25 Oct 2017 19:45:32 GMT
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-odc.officeapps.live.com
X-Powered-By
ASP.NET
X-OfficeFE
OdcFrontEnd_IN_33
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
379
Cache-Control
private, max-age=2512153
Last-Modified
Wed, 18 Oct 2017 01:37:06 GMT
Server
Microsoft-IIS/8.5
X-UserSessionId
eb0b1266-24e7-416f-aeef-b4af6cf7f8f2
ETag
"04dd9bb147d31:0"
Content-Type
image/svg+xml
X-CorrelationId
eb0b1266-24e7-416f-aeef-b4af6cf7f8f2
Accept-Ranges
bytes
X-OfficeVersion
16.0.8717.6601
jquery-1.12.4.min.js
ajax.aspnetcdn.com/ajax/jQuery/ Frame 4089
95 KB
42 KB
Script
General
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.12.4.min.js
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frb/675D) /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/ajax/jQuery/jquery-1.12.4.min.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ajax.aspnetcdn.com
referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
:scheme
https
:method
GET
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date
Wed, 25 Oct 2017 19:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
status
200
content-length
43298
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:10:52 GMT
server
ECAcc (frb/675D)
etag
"851dbc6cc33d21:0"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
knockout-3.4.2.js
ajax.aspnetcdn.com/ajax/knockout/ Frame 4089
59 KB
22 KB
Script
General
Full URL
https://ajax.aspnetcdn.com/ajax/knockout/knockout-3.4.2.js
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frb/67B1) /
Resource Hash
a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/ajax/knockout/knockout-3.4.2.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ajax.aspnetcdn.com
referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
:scheme
https
:method
GET
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date
Wed, 25 Oct 2017 19:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
status
200
content-length
22384
x-xss-protection
1; mode=block
last-modified
Tue, 14 Mar 2017 17:04:32 GMT
server
ECAcc (frb/67B1)
etag
"09099ce59cd21:0"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
CommonDiagnostics.js
cdn.odc.officeapps.live.com/odc/stat/ Frame 4089
29 KB
9 KB
Script
General
Full URL
https://cdn.odc.officeapps.live.com/odc/stat/CommonDiagnostics.js?b=8722.6602
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.8.13.56 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-8-13-56.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2f78ee7317dc4d8897932b5a6e90e13d3c5eb740ccb64b50bfcc18793025d6a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cdn.odc.officeapps.live.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
Cookie
AADNonce=997aaaa1-36a0-4ca0-b0a0-b441bef665a3.636445575320342423
Connection
keep-alive
Cache-Control
no-cache
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Wed, 25 Oct 2017 19:45:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
weu-odc.officeapps.live.com
X-Powered-By
ASP.NET
X-OfficeFE
OdcFrontEnd_IN_89
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection
keep-alive
Content-Length
9197
Cache-Control
private, max-age=2512092
Last-Modified
Wed, 18 Oct 2017 01:37:04 GMT
Server
Microsoft-IIS/8.5
X-UserSessionId
0845672c-ae07-44ed-8837-43a1593e919d
ETag
"020dc99b147d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
X-CorrelationId
0845672c-ae07-44ed-8837-43a1593e919d
Accept-Ranges
bytes
X-OfficeVersion
16.0.8717.6601
jsonstrings
cdn.odc.officeapps.live.com/odc/ Frame 4089
3 KB
3 KB
Script
General
Full URL
https://cdn.odc.officeapps.live.com/odc/jsonstrings?g=EmailHrdv2&mkt=1033&hm=0&b=8722.6602
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.8.13.56 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-8-13-56.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
cb43fc099671b41cf384aec670fd5490fc571cf5a6b425fc0c38f5cac65ed9ff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
cdn.odc.officeapps.live.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
Cookie
AADNonce=997aaaa1-36a0-4ca0-b0a0-b441bef665a3.636445575320342423
Connection
keep-alive
Cache-Control
no-cache
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Wed, 25 Oct 2017 19:45:32 GMT
X-Content-Type-Options
nosniff
X-CorrelationId
6473cef5-a7cc-4734-b224-3b44175aea4b
X-OfficeCluster
weu-odc.officeapps.live.com
X-UserSessionId
6473cef5-a7cc-4734-b224-3b44175aea4b
X-Powered-By
ASP.NET
X-OfficeFE
OdcFrontEnd_IN_108
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Server
Microsoft-IIS/8.5
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
2674
X-OfficeVersion
16.0.8722.6602
hrd.min.js
odc.officeapps.live.com/odc/stat/ Frame 4089
12 KB
4 KB
Script
General
Full URL
https://odc.officeapps.live.com/odc/stat/hrd.min.js?b=8722.6602
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.113.17.180 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
13fd97f17984ca4a776fa8ddee60af43bdfa436f8640dd93f458e53712fe5a79
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
odc.officeapps.live.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
Cookie
AADNonce=997aaaa1-36a0-4ca0-b0a0-b441bef665a3.636445575320342423
Connection
keep-alive
Cache-Control
no-cache
Referer
https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Wed, 25 Oct 2017 19:45:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-odc.officeapps.live.com
X-Powered-By
ASP.NET
X-OfficeFE
OdcFrontEnd_IN_8
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Length
3984
Cache-Control
private, max-age=2678400
Last-Modified
Mon, 23 Oct 2017 04:38:16 GMT
Server
Microsoft-IIS/8.5
X-UserSessionId
ac81e34a-fbfa-4f51-8428-fbc4bdc65e18
ETag
"06c24beb84bd31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
X-CorrelationId
ac81e34a-fbfa-4f51-8428-fbc4bdc65e18
Accept-Ranges
bytes
X-OfficeVersion
16.0.8722.6602
background-small.jpg
odc.officeapps.live.com/odc/stat/images/hrd/ Frame 4089
1 KB
1 KB
Image
General
Full URL
https://odc.officeapps.live.com/odc/stat/images/hrd/background-small.jpg
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.113.17.180 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c13db279143e1845ee4aaee5afedc5bd75e9f7d50024b63883b45332c4960b3b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
odc.officeapps.live.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://odc.officeapps.live.com/odc/stat/hrd.css?b=8722.6602
Cookie
AADNonce=997aaaa1-36a0-4ca0-b0a0-b441bef665a3.636445575320342423
Connection
keep-alive
Cache-Control
no-cache
Referer
https://odc.officeapps.live.com/odc/stat/hrd.css?b=8722.6602
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Wed, 25 Oct 2017 19:45:33 GMT
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-odc.officeapps.live.com
X-Powered-By
ASP.NET
X-OfficeFE
OdcFrontEnd_IN_8
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Length
1029
Cache-Control
private, max-age=2678400
Last-Modified
Mon, 23 Oct 2017 04:38:14 GMT
Server
Microsoft-IIS/8.5
X-UserSessionId
b05aaf13-2d26-4273-a8ea-159e0501c2f3
ETag
"03ff3bcb84bd31:0"
Content-Type
image/jpeg
X-CorrelationId
b05aaf13-2d26-4273-a8ea-159e0501c2f3
Accept-Ranges
bytes
X-OfficeVersion
16.0.8722.6602
background.jpg
odc.officeapps.live.com/odc/stat/images/hrd/ Frame 4089
291 KB
291 KB
Image
General
Full URL
https://odc.officeapps.live.com/odc/stat/images/hrd/background.jpg
Requested by
Host: odc.officeapps.live.com
URL: https://odc.officeapps.live.com/odc/v2.0/hrd?lcid=1033&syslcid=1033&uilcid=1033&app=1&a=1&p=11&hm=0&ver=16&fpEnabled=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
40.113.17.180 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
62faab60433070e2ea52c235f0f18db228759f2a08bb6f9e5711630df8321214
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
odc.officeapps.live.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://odc.officeapps.live.com/odc/stat/hrd.css?b=8722.6602
Cookie
AADNonce=997aaaa1-36a0-4ca0-b0a0-b441bef665a3.636445575320342423
Connection
keep-alive
Cache-Control
no-cache
Referer
https://odc.officeapps.live.com/odc/stat/hrd.css?b=8722.6602
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Wed, 25 Oct 2017 19:45:33 GMT
X-Content-Type-Options
nosniff
X-OfficeCluster
neu-odc.officeapps.live.com
X-Powered-By
ASP.NET
X-OfficeFE
OdcFrontEnd_IN_8
P3P
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Content-Length
298105
Cache-Control
private, max-age=2678400
Last-Modified
Mon, 23 Oct 2017 04:38:14 GMT
Server
Microsoft-IIS/8.5
X-UserSessionId
20f1324f-9a8b-4b58-882f-5533f91e4efa
ETag
"03ff3bcb84bd31:0"
Content-Type
image/jpeg
X-CorrelationId
20f1324f-9a8b-4b58-882f-5533f91e4efa
Accept-Ranges
bytes
X-OfficeVersion
16.0.8722.6602
StaticLoad.aspx
excel.officeapps.live.com/x/ Frame 4089
474 B
360 B
Document
General
Full URL
https://excel.officeapps.live.com/x/StaticLoad.aspx?wx=x&wv=e&ui=en%2DUS&usescript=1
Requested by
Host: s1-odc-15.cdn.office.net
URL: https://s1-odc-15.cdn.office.net/start/s/1687191902_App_Scripts/home.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
332765ebb0f77d2900b2472b01d40cca6eaee9e27d09079f81f561be4bdb95f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:path
/x/StaticLoad.aspx?wx=x&wv=e&ui=en%2DUS&usescript=1
pragma
no-cache
cookie
AADNonce=997aaaa1-36a0-4ca0-b0a0-b441bef665a3.636445575320342423
accept-encoding
gzip, deflate
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
cache-control
no-cache
:authority
excel.officeapps.live.com
referer
https://office.live.com/start/Excel.aspx
:scheme
https
:method
GET
Upgrade-Insecure-Requests
1
Referer
https://office.live.com/start/Excel.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-officecluster
NL1
x-officeversion
16.0.8722.5052
x-officefe
e1d72e3b91a9
p3p
CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
status
200
content-length
342
x-correlationid
adf6c367-60d8-48f3-b05f-d2abeb39168e
x-officefd
09d8f2d95fac
x-ccr
true
x-usersessionid
adf6c367-60d8-48f3-b05f-d2abeb39168e
date
Wed, 25 Oct 2017 19:45:33 GMT
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
private
set-cookie
DcLcid=ui=1033&data=1033; expires=Thu, 25-Jan-2018 19:45:34 GMT; path=/; secure; HttpOnly
x-msedge-ref
Ref A: E8178790ED94490AA8DAC740AF5F3741 Ref B: AMSEDGE0221 Ref C: 2017-10-25T19:45:33Z
timing-allow-origin
*
RemoteUls.ashx
office.live.com/start/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
office.live.com
URL
https://office.live.com/start/RemoteUls.ashx

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
office.live.com/ Name: BIGipCookie
Value: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
office.live.com/ Name: DcLcid
Value: ui=1033&data=1033
.live.com/ Name: AADNonce
Value: 997aaaa1-36a0-4ca0-b0a0-b441bef665a3.636445575320342423
office.live.com/ Name: s_id
Value: 49b31d83-031b-4c18-a567-3177c4b0fdce

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
cdn.odc.officeapps.live.com
etkinkimya.com
excel.officeapps.live.com
odc.officeapps.live.com
office.live.com
s1-odc-15.cdn.office.net
office.live.com
185.85.204.180
23.8.13.56
2603:1020:201::37
2606:2800:133:206e:1315:22a5:2006:24fd
2620:1ec:a92::171
2a02:26f0:122:38d::1aff
2a02:26f0:122:38f::1aff
40.113.17.180
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0919fe0e5ea59e3d528fd8c4633d19522525a9f04c8922b8d37d4bb5d1ffbac1
13fd97f17984ca4a776fa8ddee60af43bdfa436f8640dd93f458e53712fe5a79
16e01663d61a1e80d11d143143d1456efc436b73bf5945f598c3cb3cbbfa02ae
19336dfd9869db89640e751b014395eb8f054febbe035b534ccd10e04e80ce45
207ba9800c3ee8ec17db342827b4e78ada94c9101a0e4f39ecde92450f06c5ac
2f78ee7317dc4d8897932b5a6e90e13d3c5eb740ccb64b50bfcc18793025d6a9
332765ebb0f77d2900b2472b01d40cca6eaee9e27d09079f81f561be4bdb95f2
34d8da073f47030ee94b99d84fbe68e3345bd8aaa37ea909ff2da00238447486
3c931de8a934d1e492d0bd8a2554c4309302d6aa47b4398b31cd82dc849bdd39
5c2ab5d1355f4b8a356cf5489be23cf834420281f8532bece7a3a05706a0e0b1
5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69
62faab60433070e2ea52c235f0f18db228759f2a08bb6f9e5711630df8321214
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67edce575ea04a1c6fedcf7054811b736a5ba3f0cfb9eb8140a6b5f422b53b03
708d633fb71ec4cba0ba576b519ae6804c6d2534f90717d0be1fb33d66b0f2fb
8431870f0c2b40151a52f34e6185ff255be9fcb86fec97037925510d3997a966
89ffdcc7c149b81a4aa03769e1c69b47ac2a9c005dcb7fb00d9ae7560e9e3e4a
8dd8f8d2c8a871be3e321448b56c8c74b0acef729aeda7d7eda2fdd3b4ac13e5
96ca722b29f6a5723564ad8b5330547b44c649e1bc487ded9b0de2061f5dd643
9cf31adc8b96d5258263d94d820ea52a3a4569a83915f44463f941bd07797bb0
a305fbb2ba223bf3b56bb8776b85f6f40d60dd082a74dbe28d143b5794c7e393
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
bb20a8a39f0035d73590f61565c4b373cb60085037186c2c8bc0e6e730dcff88
c13db279143e1845ee4aaee5afedc5bd75e9f7d50024b63883b45332c4960b3b
cb43fc099671b41cf384aec670fd5490fc571cf5a6b425fc0c38f5cac65ed9ff
ed6fd415cc6ee8375785ba73334cbc0f5e25e55e27c6e0adff02fd9a6bd0328c