knowledgeexchangecenter.citi.com Open in urlscan Pro
95.100.153.81 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://reply.transactionservices.citigroup.com/ctd/lu?RID=1-2AA1JWN&CON=&PRO=1-2A9TZHC&AID=&OID=1-2A8TXJU&CID=1-2A8TXI4&COID=1-2A8TXJT&T=https:...
Effective URL:
https://knowledgeexchangecenter.citi.com/net-uploads/charges/jan2022_charge_codes.html
Submission: On March 29 via api (March 29th 2022, 10:35:12 pm UTC) from SE — Scanned from DE

Summary HTTP 86 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 86 HTTP transactions. The main IP is 95.100.153.81, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is knowledgeexchangecenter.citi.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on February 24th 2022. Valid for: a year.

This is the only time knowledgeexchangecenter.citi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	192.193.56.103 192.193.56.103	3081 (CITI15) (CITI15)
7	95.100.153.81 95.100.153.81	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2620:1ec:a92:... 2620:1ec:a92::171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
60	2a02:26f0:fb:... 2a02:26f0:fb:5b3::1c24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.35.236.56 23.35.236.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.89.44.168 104.89.44.168	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:350... 2a02:26f0:3500:584::4b36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	96.16.146.233 96.16.146.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	20.189.173.11 20.189.173.11	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
86	9

1 192.193.56.103 (United States) 1 redirects

ASN3081 (CITI15, US)

reply.transactionservices.citigroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 95.100.153.81 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-153-81.deploy.static.akamaitechnologies.com

knowledgeexchangecenter.citi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2620:1ec:a92::171 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

view.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pnl1-excel.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
shared.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 2a02:26f0:fb:5b3::1c24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1h-excel-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-56.deploy.static.akamaitechnologies.com

fs.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.89.44.168 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-44-168.deploy.static.akamaitechnologies.com

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:584::4b36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c1-shared-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.146.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-146-233.deploy.static.akamaitechnologies.com

static2.sharepointonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.189.173.11 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	office.net c1h-excel-15.cdn.office.net — Cisco Umbrella Rank: 7794 c1-shared-15.cdn.office.net — Cisco Umbrella Rank: 16414	4 MB
12	live.com view.officeapps.live.com — Cisco Umbrella Rank: 58114 pnl1-excel.officeapps.live.com — Cisco Umbrella Rank: 402152 shared.officeapps.live.com — Cisco Umbrella Rank: 8819	76 KB
7	citi.com knowledgeexchangecenter.citi.com	231 KB
3	microsoft.com fs.microsoft.com — Cisco Umbrella Rank: 1237 browser.events.data.microsoft.com — Cisco Umbrella Rank: 859	1 MB
1	sharepointonline.com static2.sharepointonline.com — Cisco Umbrella Rank: 4302	36 KB
1	live.net js.live.net — Cisco Umbrella Rank: 23543	16 KB
1	citigroup.com 1 redirects reply.transactionservices.citigroup.com	332 B
86	7

	Domain	Requested by
60	c1h-excel-15.cdn.office.net	pnl1-excel.officeapps.live.com c1h-excel-15.cdn.office.net
10	pnl1-excel.officeapps.live.com	c1h-excel-15.cdn.office.net c1-shared-15.cdn.office.net
7	knowledgeexchangecenter.citi.com	knowledgeexchangecenter.citi.com
2	fs.microsoft.com	pnl1-excel.officeapps.live.com
1	browser.events.data.microsoft.com	c1h-excel-15.cdn.office.net
1	static2.sharepointonline.com
1	c1-shared-15.cdn.office.net	shared.officeapps.live.com
1	shared.officeapps.live.com	c1h-excel-15.cdn.office.net
1	js.live.net	c1h-excel-15.cdn.office.net
1	view.officeapps.live.com
1	reply.transactionservices.citigroup.com	1 redirects
86	11

This site contains links to these domains. Also see Links.

Domain
www.citigroup.com
www.citibank.com

Subject Issuer	Validity	Valid
knowledgeexchangecenter.citi.com DigiCert SHA2 Extended Validation Server CA	`2022-02-24` - `2023-03-23`	a year	crt.sh
officeapps.live.com DigiCert Cloud Services CA-1	`2021-04-30` - `2022-04-29`	a year	crt.sh
*.cdn.office.net Microsoft RSA TLS CA 01	`2022-01-05` - `2023-01-05`	a year	crt.sh
officecdn.microsoft.com Microsoft RSA TLS CA 01	`2021-05-14` - `2022-05-14`	a year	crt.sh
p.sfx.ms Microsoft RSA TLS CA 01	`2021-09-29` - `2022-09-29`	a year	crt.sh
*.sharepointonline.com Microsoft RSA TLS CA 01	`2021-07-08` - `2022-07-08`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 06	`2022-03-02` - `2023-02-25`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://knowledgeexchangecenter.citi.com/net-uploads/charges/jan2022_charge_codes.html
Frame ID: 493C2127183AC25C8FD92A61FF1A4027
Requests: 7 HTTP requests in this frame

Frame: https://view.officeapps.live.com/op/embed.aspx?src=https://knowledgeexchangecenter.citi.com/net-uploads/charges/Globally%20Standardized%20Charge%20Codes%20January%202022_v2.xlsx
Frame ID: 95F0BE2F2D2CC31B31318F1F974FEF31
Requests: 2 HTTP requests in this frame

Frame: https://pnl1-excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fknowledgeexchangecenter%252Eciti%252Ecom%253A443%252Fnet%252Duploads%252Fcharges%252FGlobally%252520Standardized%252520Charge%252520Codes%252520January%2525202022%255Fv2%252Exlsx&access_token_ttl=0&hid=a59d8ad2-533f-4516-a355-67305895db1c
Frame ID: BAE1D2567A55FE09512D14A8DA2159D1
Requests: 76 HTTP requests in this frame

Frame: https://shared.officeapps.live.com/clipboard/shared.aspx?CreatorOrigin=https%3A%2F%2Fpnl1-excel.officeapps.live.com&usid=729ebb39-3510-4720-ba59-84ed675cef2d&corrid=23cbce3c-5859-47c6-ae6d-10362986e4fa&NoAuth=true
Frame ID: B1FFB00DD90AEFEEC1456AC495E9171B
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Globally Standardized Charge Codes January 2022 – Citi Knowledge Exchange Center

Page URL History Show full URLs

https://reply.transactionservices.citigroup.com/ctd/lu?RID=1-2AA1JWN&CON=&PRO=1-2A9TZHC&AID=&OID=1-2A8TXJU&CID=1-2A8TXI4&COI... HTTP 302
https://knowledgeexchangecenter.citi.com/net-uploads/charges/jan2022_charge_codes.html Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Hammer.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

hammer(?:\.min)?\.js

Page Statistics

86
Requests

99 %
HTTPS

33 %
IPv6

7
Domains

11
Subdomains

9
IPs

2
Countries

5469 kB
Transfer

22906 kB
Size

7
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.citigroup.com/citi/index.htm
Title: citigroup.com

Search URL Search Domain Scan URL

URL: https://www.citigroup.com/citi/terms.html
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.citigroup.com/citi/privacy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.citibank.com/tts/sa/tts-privacy-statements/
Title: TTS EEA Privacy Statement

Search URL Search Domain Scan URL

URL: https://www.citibank.com/tts/about/disclosures/
Title: Regulatory Disclosures

Search URL Search Domain Scan URL

URL: https://www.citibank.com/tts/
Title: Treasury and Trade Solutions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://reply.transactionservices.citigroup.com/ctd/lu?RID=1-2AA1JWN&CON=&PRO=1-2A9TZHC&AID=&OID=1-2A8TXJU&CID=1-2A8TXI4&COID=1-2A8TXJT&T=https://knowledgeexchangecenter.citi.com/net-uploads/charges/jan2022_charge_codes.html&Z=32808f51a6dcf7e7de85d762c9b1ad&TN=knowledgeexchangecenter.citi.com/net-uploads/charges/jan2022_charge_codes.html&RT=Clicked+On+URL HTTP 302
https://knowledgeexchangecenter.citi.com/net-uploads/charges/jan2022_charge_codes.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

86 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request jan2022_charge_codes.html Show response
knowledgeexchangecenter.citi.com/net-uploads/charges/
Redirect Chain

https://reply.transactionservices.citigroup.com/ctd/lu?RID=1-2AA1JWN&CON=&PRO=1-2A9TZHC&AID=&OID=1-2A8TXJU&CID=1-2A8TXI4&COID=1-2A8TXJT&T=https://knowledgeexchangecenter.citi.com/net-uploads/charge...
https://knowledgeexchangecenter.citi.com/net-uploads/charges/jan2022_charge_codes.html

6 KB
2 KB

8832ms
8372ms

Document
text/html

95.100.153.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://knowledgeexchangecenter.citi.com/net-uploads/charges/jan2022_charge_codes.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.100.153.81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-81.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

573a520b8e533bd91b5a18917aec41525c0cdaec982d71ee5ca1d48915b732e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Content-Type: text/html
ETag: "d9c103349a798ffef63c11826b8dea28:1648155832.826081"
Last-Modified: Thu, 24 Mar 2022 21:03:52 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=3596
Date: Tue, 29 Mar 2022 22:35:06 GMT
Content-Length: 1770
Connection: keep-alive
Strict-Transport-Security: max-age=86400

Redirect headers

Date: Tue, 29 Mar 2022 22:34:57 GMT
Server: EMS
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Location: https://knowledgeexchangecenter.citi.com/net-uploads/charges/jan2022_charge_codes.html
Content-Length: 0
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Connection: close

GET
H/1.1 200
OK style.min.css
knowledgeexchangecenter.citi.com/net-uploads/charges/static_template_files/ 79 KB
11 KB 552ms
552ms Stylesheet
text/css 95.100.153.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://knowledgeexchangecenter.citi.com/net-uploads/charges/static_template_files/style.min.css

Requested by

Host: knowledgeexchangecenter.citi.com
URL: https://knowledgeexchangecenter.citi.com/net-uploads/charges/jan2022_charge_codes.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.100.153.81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-81.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://knowledgeexchangecenter.citi.com/net-uploads/charges/jan2022_charge_codes.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 22:35:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Feb 2022 17:09:33 GMT
Server: AkamaiNetStorage
ETag: "43c4bc05b5e3b0a6684a7c3a52e63590:1645636173.871237"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/css
Cache-Control: max-age=3600
Strict-Transport-Security: max-age=86400
Accept-Ranges: bytes
Content-Length: 10523

GET
H/1.1 200
OK main.7a486b414ede1cc2b65fa369e00c70d8.css
knowledgeexchangecenter.citi.com/net-uploads/charges/static_template_files/ 386 KB
61 KB 603ms
584ms Stylesheet
text/css 95.100.153.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://knowledgeexchangecenter.citi.com/net-uploads/charges/static_template_files/main.7a486b414ede1cc2b65fa369e00c70d8.css

Requested by

Host: knowledgeexchangecenter.citi.com
URL: https://knowledgeexchangecenter.citi.com/net-uploads/charges/jan2022_charge_codes.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.100.153.81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-81.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

f11943dd981144b3d60b72d1a4783ee53a79bec2bd97076c9219cd0d6b397e05

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://knowledgeexchangecenter.citi.com/net-uploads/charges/jan2022_charge_codes.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 22:35:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Feb 2022 17:09:34 GMT
Server: AkamaiNetStorage
ETag: "dc18e6bce69b4fd2f626b1b7a77d15cd:1645636174.406616"
Vary: Accept-Encoding
Connection: keep-alive, Transfer-Encoding
Content-Type: text/css
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=86400
Accept-Ranges: bytes

GET
H/1.1 200
OK unsemantic-grid-responsive-tablet.css
knowledgeexchangecenter.citi.com/net-uploads/charges/static_template_files/ 27 KB
4 KB 576ms
557ms Stylesheet
text/css 95.100.153.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://knowledgeexchangecenter.citi.com/net-uploads/charges/static_template_files/unsemantic-grid-responsive-tablet.css

Requested by

Host: knowledgeexchangecenter.citi.com
URL: https://knowledgeexchangecenter.citi.com/net-uploads/charges/jan2022_charge_codes.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.100.153.81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-81.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

565be41b015066abca0a932cfb8748da75952ace8741964a4db6250947db1d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://knowledgeexchangecenter.citi.com/net-uploads/charges/jan2022_charge_codes.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 22:35:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Feb 2022 17:09:33 GMT
Server: AkamaiNetStorage
ETag: "d5d4027caaf9753c96cee53a3225f10e:1645636173.821446"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/css
Cache-Control: max-age=3600
Strict-Transport-Security: max-age=86400
Accept-Ranges: bytes
Content-Length: 3282

GET
H/1.1 200
OK citi-logo.png
knowledgeexchangecenter.citi.com/net-uploads/charges/static_template_files/ 9 KB
9 KB 580ms
550ms Image
image/png 95.100.153.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://knowledgeexchangecenter.citi.com/net-uploads/charges/static_template_files/citi-logo.png

Requested by

Host: knowledgeexchangecenter.citi.com
URL: https://knowledgeexchangecenter.citi.com/net-uploads/charges/jan2022_charge_codes.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.100.153.81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-81.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

5bb28cd20854e0ba9d904ced365a862600b406705ea7624f4ed63fd1834c3971

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://knowledgeexchangecenter.citi.com/net-uploads/charges/jan2022_charge_codes.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 22:35:07 GMT
Last-Modified: Wed, 23 Feb 2022 17:09:33 GMT
Server: AkamaiNetStorage
ETag: "bf7d12f3eaf8fd136ba6540c121b440a:1645636173.832642"
Strict-Transport-Security: max-age=86400
Content-Type: image/png
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8913

GET
H/1.1 200
OK interstate-light.woff
knowledgeexchangecenter.citi.com/wp-content/themes/citi-knowledge-center/assets/dist/assets/font/ 74 KB
74 KB 15ms
15ms Font
application/font-woff 95.100.153.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://knowledgeexchangecenter.citi.com/wp-content/themes/citi-knowledge-center/assets/dist/assets/font/interstate-light.woff

Requested by

Host: knowledgeexchangecenter.citi.com
URL: https://knowledgeexchangecenter.citi.com/net-uploads/charges/static_template_files/main.7a486b414ede1cc2b65fa369e00c70d8.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.100.153.81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-81.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://knowledgeexchangecenter.citi.com/net-uploads/charges/static_template_files/main.7a486b414ede1cc2b65fa369e00c70d8.css
Origin: https://knowledgeexchangecenter.citi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 22:35:07 GMT
Last-Modified: Mon, 07 Mar 2022 21:45:22 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "12712-5d9a7c809c87e"
Strict-Transport-Security: max-age=86400
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://knowledgeexchangecenter.citi.com
Cache-Control: max-age=124178
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 75538
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=EmulateIE11

GET
H/1.1 200
OK interstate-bold.woff
knowledgeexchangecenter.citi.com/wp-content/themes/citi-knowledge-center/assets/dist/assets/font/ 70 KB
71 KB 30ms
30ms Font
application/font-woff 95.100.153.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://knowledgeexchangecenter.citi.com/wp-content/themes/citi-knowledge-center/assets/dist/assets/font/interstate-bold.woff

Requested by

Host: knowledgeexchangecenter.citi.com
URL: https://knowledgeexchangecenter.citi.com/net-uploads/charges/static_template_files/main.7a486b414ede1cc2b65fa369e00c70d8.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.100.153.81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-81.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://knowledgeexchangecenter.citi.com/net-uploads/charges/static_template_files/main.7a486b414ede1cc2b65fa369e00c70d8.css
Origin: https://knowledgeexchangecenter.citi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 22:35:07 GMT
Last-Modified: Mon, 07 Mar 2022 21:45:22 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "118c2-5d9a7c809c87e"
Strict-Transport-Security: max-age=86400
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://knowledgeexchangecenter.citi.com
Cache-Control: max-age=575227
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 71874
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=EmulateIE11

GET
H2 200 embed.aspx Show response
view.officeapps.live.com/op/ Frame 95F0 4 KB
3 KB 176ms
31ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://view.officeapps.live.com/op/embed.aspx?src=https://knowledgeexchangecenter.citi.com/net-uploads/charges/Globally%20Standardized%20Charge%20Codes%20January%202022_v2.xlsx

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30613070b55878634fd37bf74f87d7f8b386f84dd691c0d3d172ef3bb9e676e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://knowledgeexchangecenter.citi.com/

Response headers

cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
x-correlationid: a59d8ad2-533f-4516-a355-67305895db1c
x-officefe: AM4PEPF00014055
x-officeversion: 16.0.15123.41020
x-officecluster: PNL1
x-content-type-options: nosniff
x-officefd: AM4PEPF000068A5
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-msedge-ref: Ref A: 31381B34B24A4188A2F57774CD2F6340 Ref B: AMS04EDGE2213 Ref C: 2022-03-29T22:35:07Z
date: Tue, 29 Mar 2022 22:35:06 GMT

GET
DATA 200
OK truncated
/ Frame 95F0 695 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 xlembed.aspx Show response
pnl1-excel.officeapps.live.com/x/_layouts/ Frame BAE1 415 KB
65 KB 127ms
85ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fknowledgeexchangecenter%252Eciti%252Ecom%253A443%252Fnet%252Duploads%252Fcharges%252FGlobally%252520Standardized%252520Charge%252520Codes%252520January%2525202022%255Fv2%252Exlsx&access_token_ttl=0&hid=a59d8ad2-533f-4516-a355-67305895db1c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3f9bf10fb926a2166ed5d56d2e5304084846f4e186cdaa290be0c2e7180d71a6

Security Headers

Name	Value
Content-Security-Policy	font-src data: c1-excel-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com sway.com .sway-cdn.com sway-cdn.com .sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-excel-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net .growth.office.net .rt.microsoft.com res-prod.cdn.office.net messaging.growth.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-excel-15.cdn.office.net c1-officeapps-15.cdn.office.net .skype.com .skypeassets.com .msocdn.com js.live.net sway.com .sway-cdn.com sway-cdn.com https:; media-src .skype.com .skypeassets.com https:; object-src 'self' https:; child-src blob: * ms-excel: https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /x/reportcsp.ashx
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://view.officeapps.live.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://view.officeapps.live.com/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: 729ebb39-3510-4720-ba59-84ed675cef2d
x-usersessionid: 729ebb39-3510-4720-ba59-84ed675cef2d
strict-transport-security: max-age=31536000
timing-allow-origin: *
origin-trial: Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ==
x-officefe: AM4PEPF000114B7
x-officeversion: 16.0.15127.35054
x-officecluster: PNL1
x-content-type-options: nosniff
document-policy: js-profiling
cross-origin-resource-policy: cross-origin
content-security-policy: font-src data: c1-excel-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com sway.com *.sway-cdn.com sway-cdn.com *.sharepointonline.com spoprod-a.akamaihd.net fs.microsoft.com https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' c1-excel-15.cdn.office.net uci.officeapps.live.com cdn.uci.edog.officeapps.live.com cdn.uci.officeapps.live.com uci.edog.cdn.office.net uci.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net appsforoffice.microsoft.com contentstorage.osi.office.net *.growth.office.net *.rt.microsoft.com res-prod.cdn.office.net messaging.growth.office.com content.lifecycle.office.net www.microsoft.com https:; style-src 'self' 'unsafe-inline' 'unsafe-eval' c1-excel-15.cdn.office.net c1-officeapps-15.cdn.office.net *.skype.com *.skypeassets.com *.msocdn.com js.live.net sway.com *.sway-cdn.com sway-cdn.com https:; media-src *.skype.com *.skypeassets.com https:; object-src 'self' https:; child-src blob: * ms-excel: https:; worker-src blob: https:; img-src * data: blob: https:; report-uri /x/reportcsp.ashx
reporting-endpoints: default=https://pnl1-excel.officeapps.live.com/x/_layouts/BrowserReportingHandler.ashx
x-officefd: AM4PEPF0000F385
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-msedge-ref: Ref A: CCC3AA48064B47C8B8E69A48CAC41973 Ref B: AMS04EDGE2213 Ref C: 2022-03-29T22:35:07Z
date: Tue, 29 Mar 2022 22:35:06 GMT

GET
H2 200 EwrDefault.css
c1h-excel-15.cdn.office.net/x/s/h9F69BA07636FF0E7__layouts/Resources/1031/ Frame BAE1 130 KB
20 KB 136ms
9ms Stylesheet
text/css 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h9F69BA07636FF0E7__layouts/Resources/1031/EwrDefault.css

Requested by

Host: pnl1-excel.officeapps.live.com
URL: https://pnl1-excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fknowledgeexchangecenter%252Eciti%252Ecom%253A443%252Fnet%252Duploads%252Fcharges%252FGlobally%252520Standardized%252520Charge%252520Codes%252520January%2525202022%255Fv2%252Exlsx&access_token_ttl=0&hid=a59d8ad2-533f-4516-a355-67305895db1c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9f69ba07636ff0e7163cd7fdb8461f66e97da9ad1574964bdb561de16a2cc106

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "aa811f6363ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00013CB0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 19545
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Tue, 22 Mar 2022 21:51:18 GMT
x-officefd: AM4PEPF0000601C
x-msedge-ref: Ref A: AB34C91B3F084731901D7F721677C208 Ref B: AM3EDGE0920 Ref C: 2022-03-28T00:58:54Z
x-usersessionid: a921f87a-2c9d-423c-b73b-93ae05e44eb2
date: Tue, 29 Mar 2022 22:35:07 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: a921f87a-2c9d-423c-b73b-93ae05e44eb2
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excelframe.css
c1h-excel-15.cdn.office.net/x/s/h9089DC0E3BA90C77__layouts/Resources/1031/ Frame BAE1 66 KB
11 KB 140ms
13ms Stylesheet
text/css 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h9089DC0E3BA90C77__layouts/Resources/1031/excelframe.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9089dc0e3ba90c7788eb46e1dccb635f171be505d82eb14d51c4f28e23c9cbeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "9e2eac2e2b39d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00006929
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 10241
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 16 Mar 2022 11:44:23 GMT
x-officefd: AM4PEPF0000689E
x-msedge-ref: Ref A: 0CEFCB473206490E9130B746FDD32F45 Ref B: AMS04EDGE1613 Ref C: 2022-03-22T12:36:19Z
x-usersessionid: fddd1f53-5de6-4136-9e75-ade408ea19bc
date: Tue, 29 Mar 2022 22:35:07 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: fddd1f53-5de6-4136-9e75-ade408ea19bc
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MicrosoftAjaxDS.js Show response
c1h-excel-15.cdn.office.net/x/s/hD8326BB4760631A8__layouts/App_Scripts/ Frame BAE1 106 KB
24 KB 142ms
16ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hD8326BB4760631A8__layouts/App_Scripts/MicrosoftAjaxDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d8326bb4760631a8487732482af651a31c4d630a4a86a5c34e1bb44cce542e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "5e1b46b7423ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00006926
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 23628
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Tue, 22 Mar 2022 23:15:27 GMT
x-officefd: AM4PEPF0000689D
x-msedge-ref: Ref A: FD1A0ECAE3DB40BBAE970021EE730FED Ref B: AM3EDGE0216 Ref C: 2022-03-24T05:14:52Z
x-usersessionid: cb4899af-1204-4a38-b783-9eb81ee36e14
date: Tue, 29 Mar 2022 22:35:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: cb4899af-1204-4a38-b783-9eb81ee36e14
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.js Show response
c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/ Frame BAE1 3 MB
712 KB 23ms
22ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

6f4795e494ce546c12961cfd050fba1754d41af687b1b3eda0ae5ddadbcd2496

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"48356498342d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF0000690D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 726624
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 28 Mar 2022 09:05:57 GMT
x-officefd: AM4PEPF000068B7
x-usersessionid: 95414590-2164-44b1-a09d-c9db07bab534
date: Tue, 29 Mar 2022 22:35:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 95414590-2164-44b1-a09d-c9db07bab534
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.Strings.Wac.js Show response
c1h-excel-15.cdn.office.net/x/s/h494E1B184287D0F4__layouts/App_Scripts/1031/ Frame BAE1 109 KB
37 KB 23ms
23ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h494E1B184287D0F4__layouts/App_Scripts/1031/Ewa.Strings.Wac.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

494e1b184287d0f40af04e187be00920cc4da794512eb3b5ad3ce9557331d990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"c02e8c589a41d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00006948
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 37255
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Sun, 27 Mar 2022 05:20:17 GMT
x-officefd: AM4PEPF000068A5
x-msedge-ref: Ref A: C73CC7DFE54C468F9B8B3DB5B7D7464C Ref B: AM3EDGE0120 Ref C: 2022-03-27T05:20:17Z
x-usersessionid: fedc63dc-46fa-4ff5-a830-04964531eeaa
date: Tue, 29 Mar 2022 22:35:07 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: fedc63dc-46fa-4ff5-a830-04964531eeaa
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gridRenderer.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h37538E7DE4196DFC__layouts/App_Scripts/ Frame BAE1 600 KB
117 KB 23ms
23ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h37538E7DE4196DFC__layouts/App_Scripts/gridRenderer.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

37538e7de4196dfc7c6df57e80714a740beb5ea93de8e0b871ea0efdf8b86ae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"7679ed675c3fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF0000692D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 118429
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Thu, 24 Mar 2022 08:51:52 GMT
x-officefd: AM4PEPF000068A5
x-msedge-ref: Ref A: 801E77F6E0004B30A2C26D0C8F555B4E Ref B: AM3EDGE0214 Ref C: 2022-03-24T08:51:52Z
x-usersessionid: 4b6dd358-e979-418c-826f-787a0d3b7b2e
date: Tue, 29 Mar 2022 22:35:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 4b6dd358-e979-418c-826f-787a0d3b7b2e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 clientManifest.js Show response
c1h-excel-15.cdn.office.net/x/s/hFCE57A18EC005B47__layouts/Resources/de-DE/ Frame BAE1 114 KB
40 KB 152ms
26ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hFCE57A18EC005B47__layouts/Resources/de-DE/clientManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fce57a18ec005b472b60b83afe165d212ff4f6829c791fff41bca8e3cb3f27e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"6e1680ad9c42d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00013CB0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 40507
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 28 Mar 2022 12:09:30 GMT
x-officefd: AM4PEPF0001041A
x-msedge-ref: Ref A: 5D4EA60E69524AB6AF911290EE1F87DD Ref B: AM3EDGE0107 Ref C: 2022-03-28T12:09:30Z
x-usersessionid: 5a0afa2a-4a6a-421d-afdd-d2ddb059f784
date: Tue, 29 Mar 2022 22:35:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 5a0afa2a-4a6a-421d-afdd-d2ddb059f784
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 richTextEditor.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hB7677B8E831169B2__layouts/App_Scripts/ Frame BAE1 302 KB
60 KB 152ms
26ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hB7677B8E831169B2__layouts/App_Scripts/richTextEditor.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b7677b8e831169b2d9a73db05d5c48dfa04c3e378186b72de06afe930e22378d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"2c955465833fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF000114B2
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 60821
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Thu, 24 Mar 2022 13:30:58 GMT
x-officefd: AM4PEPF0000689F
x-msedge-ref: Ref A: 7CD32313F7EC4B0FA604B2065DADADBF Ref B: AM3EDGE0321 Ref C: 2022-03-24T13:30:57Z
x-usersessionid: e14f36ba-d7fd-45d5-8dff-cf762ca257f1
date: Tue, 29 Mar 2022 22:35:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: e14f36ba-d7fd-45d5-8dff-cf762ca257f1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.bootCommon.js Show response
c1h-excel-15.cdn.office.net/x/s/hBD9C0658800D6631__layouts/App_Scripts/ Frame BAE1 302 KB
72 KB 152ms
27ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hBD9C0658800D6631__layouts/App_Scripts/EwaDS.bootCommon.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bd9c0658800d6631ccffa561846c8b1bb154d078b9ea294e1863b2514fbab5d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"679b6598342d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00006902
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 72471
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 28 Mar 2022 09:05:57 GMT
x-officefd: AM4PEPF0000601B
x-msedge-ref: Ref A: FC4B4DC0E19748FA87DFCEE1A12DA332 Ref B: AMS04EDGE2306 Ref C: 2022-03-28T09:05:57Z
x-usersessionid: ab303402-afaf-4f4d-8acc-2545409cd03b
date: Tue, 29 Mar 2022 22:35:07 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: ab303402-afaf-4f4d-8acc-2545409cd03b
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame BAE1 376 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46689198526f176cb3bb2881be2e8f1273be7293fea0625f2c3bfa2058c9b422

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H/1.1 200
OK 44327025345
fs.microsoft.com/fs/4.7/rawguids/ Frame BAE1 1 MB
714 KB 136ms
19ms Font
application/octet-stream 23.35.236.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.microsoft.com/fs/4.7/rawguids/44327025345
Requested by: Host: pnl1-excel.officeapps.live.com
URL: https://pnl1-excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fknowledgeexchangecenter%252Eciti%252Ecom%253A443%252Fnet%252Duploads%252Fcharges%252FGlobally%252520Standardized%252520Charge%252520Codes%252520January%2525202022%255Fv2%252Exlsx&access_token_ttl=0&hid=a59d8ad2-533f-4516-a355-67305895db1c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-56.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1522f5c0f14d035c42540d84ad4d00d92b72240e91784c15c59e12921a1f0d79

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 22:35:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 May 2018 19:13:07 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "126af7eedbe3d31:0"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=162840
Transfer-Encoding: chunked
Content-Disposition: attachment; filename=44327025345
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
X-CID: 2

GET
BLOB 200
OK b2376f70-e2ab-4faa-bf43-f4dd2461b6d6
https://pnl1-excel.officeapps.live.com/ Frame BAE1 193 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pnl1-excel.officeapps.live.com/b2376f70-e2ab-4faa-bf43-f4dd2461b6d6
Requested by: Host: pnl1-excel.officeapps.live.com
URL: https://pnl1-excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fknowledgeexchangecenter%252Eciti%252Ecom%253A443%252Fnet%252Duploads%252Fcharges%252FGlobally%252520Standardized%252520Charge%252520Codes%252520January%2525202022%255Fv2%252Exlsx&access_token_ttl=0&hid=a59d8ad2-533f-4516-a355-67305895db1c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59907d235249104f28b2bb48afe9f2d040db51a4fec78b180f075f9d576930e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Length: 193
Content-Type: application/javascript

GET
H2 200 EwaDS.tmcore.js Show response
c1h-excel-15.cdn.office.net/x/s/hBE0B7A9D029C63B2__layouts/App_Scripts/ Frame BAE1 22 KB
7 KB 8ms
8ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hBE0B7A9D029C63B2__layouts/App_Scripts/EwaDS.tmcore.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

be0b7a9d029c63b2cd2e47feb3c3bc73b7d42a7d262a0dacec1140384040a6c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"e22b5bf9b42d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00006901
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 6816
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Mon, 28 Mar 2022 12:02:51 GMT
x-officefd: AM4PEPF000068BF
x-msedge-ref: Ref A: 5356DD90CD52449B98C0A9D81EC94011 Ref B: AMS04EDGE2209 Ref C: 2022-03-28T12:02:51Z
x-usersessionid: 677a3343-7649-42f9-97d5-dadf3915d133
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 677a3343-7649-42f9-97d5-dadf3915d133
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excelOnline.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hE4892BD2DC60CE9C__layouts/App_Scripts/ Frame BAE1 9 KB
3 KB 8ms
8ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hE4892BD2DC60CE9C__layouts/App_Scripts/excelOnline.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e4892bd2dc60ce9cddb25c4aa16fd83880c2a8e7f985653c30269d30cff567f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"a4792669833fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00013CAB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 2579
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Thu, 24 Mar 2022 13:31:04 GMT
x-officefd: AM4PEPF000068B7
x-usersessionid: 62375cca-bd8a-4bc6-9201-cd143dcdd1f5
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 62375cca-bd8a-4bc6-9201-cd143dcdd1f5
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 50941620409
fs.microsoft.com/fs/4.7/rawguids/ Frame BAE1 910 KB
496 KB 21ms
21ms Font
application/octet-stream 23.35.236.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.microsoft.com/fs/4.7/rawguids/50941620409
Requested by: Host: pnl1-excel.officeapps.live.com
URL: https://pnl1-excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fknowledgeexchangecenter%252Eciti%252Ecom%253A443%252Fnet%252Duploads%252Fcharges%252FGlobally%252520Standardized%252520Charge%252520Codes%252520January%2525202022%255Fv2%252Exlsx&access_token_ttl=0&hid=a59d8ad2-533f-4516-a355-67305895db1c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.236.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-56.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: eb0ab622969875cccbaa658809cc6df6bfd73846f9c6c5e80774936cbc52845c

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 22:35:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 May 2018 19:13:39 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "4433202dce3d31:0"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=226120
Transfer-Encoding: chunked
Content-Disposition: attachment; filename=50941620409
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
X-CID: 2

GET
H2 200 ewaembed.png
c1h-excel-15.cdn.office.net/x/s/hDEF6F7343B3FA794__layouts/Resources/ Frame BAE1 4 KB
4 KB 9ms
8ms Image
image/png 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hDEF6F7343B3FA794__layouts/Resources/ewaembed.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

def6f7343b3fa79427426a51dbf484dc713fb9cc6d2813316303c73f05f29b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pnl1-excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "28b2f0db2439d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00006911
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 3592
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 16 Mar 2022 10:59:07 GMT
x-officefd: AM4PEPF000068B2
x-msedge-ref: Ref A: 3E9D37ACA4C04E42B61E5E751D60D80B Ref B: AMS04EDGE1208 Ref C: 2022-03-17T08:31:59Z
x-usersessionid: a7667809-1fd4-4ca8-85fc-55076353253a
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: a7667809-1fd4-4ca8-85fc-55076353253a
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excelembed28.png
c1h-excel-15.cdn.office.net/x/s/h66C6B19E56A3A283__layouts/Resources/ Frame BAE1 458 B
1 KB 9ms
9ms Image
image/png 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h66C6B19E56A3A283__layouts/Resources/excelembed28.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

66c6b19e56a3a283448cfa65e8c47dbc8ac0a83050bb9029f82ed18c4409e1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pnl1-excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "58c433bc2f39d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00006941
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 458
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 16 Mar 2022 12:16:59 GMT
x-officefd: AM4PEPF000068A6
x-msedge-ref: Ref A: 1239F149A2394D839F5244826F9C13E8 Ref B: AM3EDGE1010 Ref C: 2022-03-19T06:40:37Z
x-usersessionid: 9b13ff54-9287-4295-bb96-f948816dd914
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 9b13ff54-9287-4295-bb96-f948816dd914
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 otelFull.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h01346477DF6BAB87__layouts/App_Scripts/ Frame BAE1 97 KB
29 KB 8ms
8ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h01346477DF6BAB87__layouts/App_Scripts/otelFull.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

01346477df6bab879760395263416b532a5fe56a6141a51122950f15310a2753

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "94538cdd2439d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00013CB3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 28971
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Wed, 16 Mar 2022 10:59:10 GMT
x-officefd: AM4PEPF000068C0
x-msedge-ref: Ref A: D8543869EFDA49B4A5987E653B71EFAF Ref B: AMS04EDGE2622 Ref C: 2022-03-22T21:08:15Z
x-usersessionid: a171a8eb-261c-4ee1-a165-f3fc6b81a8be
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: a171a8eb-261c-4ee1-a165-f3fc6b81a8be
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.tm.js Show response
c1h-excel-15.cdn.office.net/x/s/hE440B2A1E99BCED8__layouts/App_Scripts/ Frame BAE1 180 KB
43 KB 8ms
7ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hE440B2A1E99BCED8__layouts/App_Scripts/EwaDS.tm.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e440b2a1e99bced88df2b0d08d8b97afa2d02b63c8a1207bb51b59348656277e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"1f1ff3bf9b42d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00006938
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 43239
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 28 Mar 2022 12:02:51 GMT
x-officefd: AM4PEPF000068B6
x-msedge-ref: Ref A: 809777DD430F47B0A3737742B44D2F0E Ref B: AMS04EDGE2712 Ref C: 2022-03-28T12:02:51Z
x-usersessionid: 0c3250bc-e34a-4300-8e1b-3b426cde0de7
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 0c3250bc-e34a-4300-8e1b-3b426cde0de7
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.otherCommon.js Show response
c1h-excel-15.cdn.office.net/x/s/hB8CCF114F26D24F6__layouts/App_Scripts/ Frame BAE1 206 KB
51 KB 14ms
12ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hB8CCF114F26D24F6__layouts/App_Scripts/EwaDS.otherCommon.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b8ccf114f26d24f647ad1632545640b4f1132446ed3bce03d0deeecdd1e6afed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"35c9f7bf9b42d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF000068EE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 51864
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 28 Mar 2022 12:02:51 GMT
x-officefd: AM4PEPF000068AD
x-msedge-ref: Ref A: 99109A1C48EE4BBE9EF16223D2C37FC2 Ref B: AMS04EDGE2806 Ref C: 2022-03-28T12:02:51Z
x-usersessionid: 6fe8fcba-3aa0-4a82-97db-fb33f9a76252
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 6fe8fcba-3aa0-4a82-97db-fb33f9a76252
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.acc.js Show response
c1h-excel-15.cdn.office.net/x/s/hD6053E8E13C8893D__layouts/App_Scripts/ Frame BAE1 307 KB
71 KB 15ms
14ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hD6053E8E13C8893D__layouts/App_Scripts/EwaDS.acc.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d6053e8e13c8893d5854353fb20341015d1999e5b65c302a2989c56aa7d4b13f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"4023fabf9b42d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF0000694A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 71674
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 28 Mar 2022 12:02:51 GMT
x-officefd: AM4PEPF000068C0
x-msedge-ref: Ref A: 104017A10EC64DD3BBC9309B7C3208A4 Ref B: AMS04EDGE2709 Ref C: 2022-03-28T12:02:51Z
x-usersessionid: 76696067-c6d8-4ed3-b759-e0f74a3a069c
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 76696067-c6d8-4ed3-b759-e0f74a3a069c
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.ev.js Show response
c1h-excel-15.cdn.office.net/x/s/h7216E90BF11194CD__layouts/App_Scripts/ Frame BAE1 11 KB
5 KB 25ms
24ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h7216E90BF11194CD__layouts/App_Scripts/EwaDS.ev.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7216e90bf11194cd3f8f2e16fe710643a23dbde85afbd3ffb69c4758296f0dbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"378252d89b42d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF0000692F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 4268
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 28 Mar 2022 12:03:32 GMT
x-officefd: AM4PEPF0000601A
x-msedge-ref: Ref A: EBFBBDC4941346109310FE9CE5CFD171 Ref B: AMS04EDGE3321 Ref C: 2022-03-28T12:03:32Z
x-usersessionid: 96ba30a0-41b8-435e-93e8-c049963778a5
date: Tue, 29 Mar 2022 22:35:08 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 96ba30a0-41b8-435e-93e8-c049963778a5
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-excel.officeapps.live.com/x/ Frame BAE1 0
2 KB 67ms
66ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-excel.officeapps.live.com/x/RemoteUls.ashx?officeserverversion=16.0.15127.35054&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hD8326BB4760631A8__layouts/App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 1
X-UserSessionId: 729ebb39-3510-4720-ba59-84ed675cef2d
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15127.35054
X-Key: 4ZCwEYL/2Z8tmKmrcIGByvXbigQ34eCdm5cBz65cCyM=,637841901075384725
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Referer: https://pnl1-excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fknowledgeexchangecenter%252Eciti%252Ecom%253A443%252Fnet%252Duploads%252Fcharges%252FGlobally%252520Standardized%252520Charge%252520Codes%252520January%2525202022%255Fv2%252Exlsx&access_token_ttl=0&hid=a59d8ad2-533f-4516-a355-67305895db1c
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 0
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.15127.35054
x-officefe: AM4PEPF000114B7
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: F71D240875B6202928B309D1BE6703B7B617B26B
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-buls-suppressedtags: 378069,1671813,2209344,3290144,4298965,4298968,4298969,4751696,5306497,5904476,6375195,6572226,6948167,7463498,17085210,17085216,17162522,17358857,19743902,21627712,21631370,22401293,22410500,22598977,22680210,22680213,22680214,22836558,22946650,23909858,24401375,24462656,24515087,25514973,33592839,34388130,35682372,36472266,36546380,36546381,36546382,36569418,36708451,36773964,36791688,36811158,36811159,36963655,37288035,37876293,37876294,37889309,38293640,38535900,38543496,38580697,38637954,38922202,39076766,39076767,39105358,39613840,39966341,40437001,40935455,40957978,40957979,41003225,41207258,41502555,41711299,41952657,41964885,42272991,42496725,42513088,42815875,42857251,50406866,50431969,50619726,50622685,50622687,51451613,51504083,51667010,538543587,539874723,540378699,540378700,542700237,542994947,545783884,557077970,557389507,557670930,558735363,559423838,559424262,559486496,559760215,559760216,570507662,571549507,571786073,571786074,574468116,575157663,575157664,575157665,575157666,575157667,575157696,575157697,575157698,575157699,575157700,575157701,575157702,577295376,577626581,577831138,578164000,587862985,591684683,591729363,592259104,592556551,592843145,593780815,593838232,594134597,594392640,594392649,594392666,594396706,594830612,595137156,595714715,595895774,596115913,596444186,596464289,845836083,845836084,845836085,846166132,876178018,963472182,1630679666,1630679667,1633958006,1647605351,1664576567,1698260075,1718235956,1765045358,1802139698,1986689397,1986689633,1986689647,1986748791,1986748793,1986749030,1986749288,1986749546,2004443760,2004444278,2004448354
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: cb7e51fd-4657-46de-8411-770d29962c27
x-officefd: AM4PEPF0001041A
x-usersessionid: 729ebb39-3510-4720-ba59-84ed675cef2d
date: Tue, 29 Mar 2022 22:35:07 GMT
x-download-options: noopen
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-type: text/plain
access-control-allow-origin: https://pnl1-excel.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 45BF2F09D88A4A2A883A190590903C23 Ref B: AMS04EDGE2213 Ref C: 2022-03-29T22:35:08Z
timing-allow-origin: *

GET
H2 200 EwaDS.CommonIntl.js Show response
c1h-excel-15.cdn.office.net/x/s/h40A6CF021A1D9ADF__layouts/App_Scripts/1031/ Frame BAE1 144 KB
31 KB 23ms
23ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h40A6CF021A1D9ADF__layouts/App_Scripts/1031/EwaDS.CommonIntl.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b6a2dad9ce99d887707f27c547081c333b8f7cf7060be8fbd022432e24190c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "b8f3daec2a39d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00006932
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 30883
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 16 Mar 2022 11:42:33 GMT
x-officefd: AM4PEPF000068AF
x-msedge-ref: Ref A: 44C1E548AC9449398DB65B6ED48F4768 Ref B: AM3EDGE0319 Ref C: 2022-03-22T21:37:38Z
x-usersessionid: 9e6badb1-1663-4caa-92cf-335e732a4656
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 9e6badb1-1663-4caa-92cf-335e732a4656
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.calc.js Show response
c1h-excel-15.cdn.office.net/x/s/h62A2B682ABD217AC__layouts/App_Scripts/ Frame BAE1 100 KB
31 KB 26ms
25ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h62A2B682ABD217AC__layouts/App_Scripts/EwaDS.calc.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

62a2b682abd217aca12fd40fd601121ee6ce5b129cd33bbe45e4b099f50a464b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"81756cd89b42d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00006928
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 31257
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_powerpointslice,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 28 Mar 2022 12:03:32 GMT
x-officefd: AM4PEPF000068AD
x-msedge-ref: Ref A: B2415316705042BE80A6F303E85FE9EA Ref B: AMS04EDGE3510 Ref C: 2022-03-28T12:03:32Z
x-usersessionid: d5b4dd1f-d2e7-4b17-ba66-bae4a838857d
date: Tue, 29 Mar 2022 22:35:08 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: d5b4dd1f-d2e7-4b17-ba66-bae4a838857d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.pi.js Show response
c1h-excel-15.cdn.office.net/x/s/hD1EE859B3174E2DC__layouts/App_Scripts/ Frame BAE1 288 KB
67 KB 27ms
27ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hD1EE859B3174E2DC__layouts/App_Scripts/EwaDS.pi.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d1ee859b3174e2dc684e37aeddd2e853deaebfa5960d6f8063d5150930c1ed05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"4a85a4c89b42d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF000068DE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 67420
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 28 Mar 2022 12:03:06 GMT
x-officefd: AM4PEPF000068AD
x-msedge-ref: Ref A: F2A0FA7B98354EE196C62DC3EE6985A3 Ref B: AM3EDGE0310 Ref C: 2022-03-28T12:03:06Z
x-usersessionid: b3d17f56-d27d-4829-a560-8121178305e4
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b3d17f56-d27d-4829-a560-8121178305e4
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.le.js Show response
c1h-excel-15.cdn.office.net/x/s/h1B899309EF2ABD41__layouts/App_Scripts/ Frame BAE1 91 KB
22 KB 28ms
28ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h1B899309EF2ABD41__layouts/App_Scripts/EwaDS.le.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1b899309ef2abd419046a36e64d16330bb20219b15310f32c16385901677a941

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"3b75adc89b42d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00013CB3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 22096
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 28 Mar 2022 12:03:06 GMT
x-officefd: AM4PEPF0000689F
x-msedge-ref: Ref A: 4CC0A7E0D323462CB9675D2339592CDB Ref B: AM3EDGE0918 Ref C: 2022-03-28T12:03:06Z
x-usersessionid: 037a9f05-f093-43f4-9892-715544ef062b
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 037a9f05-f093-43f4-9892-715544ef062b
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.oauth.js Show response
c1h-excel-15.cdn.office.net/x/s/h690CB3A759F38390__layouts/App_Scripts/ Frame BAE1 33 KB
9 KB 28ms
28ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h690CB3A759F38390__layouts/App_Scripts/EwaDS.oauth.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

690cb3a759f38390a8c051cd9fd5456c7b0f00bf7867c50e644b42dae08f5c69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"b81ab3c89b42d81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15122.37951
x-officefe: DB5PEPF0000831F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 8528
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 28 Mar 2022 12:03:06 GMT
x-officefd: DB5PEPF00006495
x-usersessionid: 5cd55461-5fde-43d7-a08a-83c050fe338d
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 5cd55461-5fde-43d7-a08a-83c050fe338d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.zoom.js Show response
c1h-excel-15.cdn.office.net/x/s/h2675391EB0E92525__layouts/App_Scripts/ Frame BAE1 23 KB
6 KB 28ms
28ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h2675391EB0E92525__layouts/App_Scripts/EwaDS.zoom.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

2675391eb0e9252504bdca10c5329d5a5ef6b0a6ace1d6c3b698d5f49830fb7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"23a3b1c89b42d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF000068EC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 5884
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 28 Mar 2022 12:03:06 GMT
x-officefd: AM4PEPF000068AE
x-usersessionid: dfa46b7f-32b8-4f03-a787-2048f155b365
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: dfa46b7f-32b8-4f03-a787-2048f155b365
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.cuixas.js Show response
c1h-excel-15.cdn.office.net/x/s/hA0E223DD25FD339F__layouts/App_Scripts/ Frame BAE1 637 KB
126 KB 29ms
28ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hA0E223DD25FD339F__layouts/App_Scripts/EwaDS.cuixas.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

a0e223dd25fd339f531265ca34d220a35695698ad6da6dbb1f7549d77fadae45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"b838abd9b42d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00006948
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 128122
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 28 Mar 2022 12:02:47 GMT
x-officefd: AM4PEPF000068BF
x-usersessionid: c3928be5-6dff-4372-8627-480a84389ee3
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: c3928be5-6dff-4372-8627-480a84389ee3
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.kpae.js Show response
c1h-excel-15.cdn.office.net/x/s/h71DB271D6F1B7C6C__layouts/App_Scripts/ Frame BAE1 585 KB
133 KB 30ms
30ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h71DB271D6F1B7C6C__layouts/App_Scripts/EwaDS.kpae.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

71db271d6f1b7c6ce680bc9f82305af2620f0d36a410a229810e8cd958dda084

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"ac60b7c29b42d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF0000692E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 135067
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Mon, 28 Mar 2022 12:02:56 GMT
x-officefd: AM4PEPF000068A5
x-msedge-ref: Ref A: 9306B91233AC4D3D9DCD8BB538FF8B88 Ref B: AMS04EDGE2205 Ref C: 2022-03-28T12:02:56Z
x-usersessionid: 3dda1b1a-5c3e-4077-8501-198e05179347
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 3dda1b1a-5c3e-4077-8501-198e05179347
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 BeaconHandler.ashx
pnl1-excel.officeapps.live.com/x/_layouts/ Frame BAE1 542 B
916 B 28ms
28ms Ping
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-excel.officeapps.live.com/x/_layouts/BeaconHandler.ashx?WacUserType=WOPI&usid=729ebb39-3510-4720-ba59-84ed675cef2d&NoAuth=1&waccluster=PNL1&WebMethod=Xlplt

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5b40665a9c6eda7ee5b01320fae0bc3bda499e8df67c518193f944683dc70c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fknowledgeexchangecenter%252Eciti%252Ecom%253A443%252Fnet%252Duploads%252Fcharges%252FGlobally%252520Standardized%252520Charge%252520Codes%252520January%2525202022%255Fv2%252Exlsx&access_token_ttl=0&hid=a59d8ad2-533f-4516-a355-67305895db1c
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officefd: AM4PEPF0000601A
x-officeversion: 16.0.15127.35054
x-officefe: AM4PEPF000114B7
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 421
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 5754cb99-0476-40f4-ab72-0595e94f0604
x-officecluster: PNL1
x-usersessionid: 729ebb39-3510-4720-ba59-84ed675cef2d
date: Tue, 29 Mar 2022 22:35:07 GMT
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://pnl1-excel.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 359D67FB30DE4C3384DC283446C8632C Ref B: AMS04EDGE2213 Ref C: 2022-03-29T22:35:08Z
timing-allow-origin: *

GET
H2 200 excelOnlineCalc.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h7C6D649B4BD3600F__layouts/App_Scripts/ Frame BAE1 1 MB
249 KB 16ms
15ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h7C6D649B4BD3600F__layouts/App_Scripts/excelOnlineCalc.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

7c6d649b4bd3600f63159379d689bf8262032e452c538141524759b927351099

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"8a64386d833fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15122.37951
x-officefe: DB5PEPF00008316
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 254209
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Thu, 24 Mar 2022 13:31:11 GMT
x-officefd: DB5PEPF000082D4
x-usersessionid: f0b19304-8bd0-478f-b1e8-6a200b2da7e3
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: f0b19304-8bd0-478f-b1e8-6a200b2da7e3
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excel-app-intl.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hD7B7C5D0F8128DD0__layouts/App_Scripts/1031/ Frame BAE1 446 KB
71 KB 10ms
10ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hD7B7C5D0F8128DD0__layouts/App_Scripts/1031/excel-app-intl.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d7b7c5d0f8128dd080f11be477fd85bee501703d5d7509a59af134bf9b6734bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"2a98f9e833fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00013CB9
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 72053
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 24 Mar 2022 13:32:34 GMT
x-officefd: AM4PEPF000068AD
x-msedge-ref: Ref A: 8E5209CE5CCB4985B5A605C800A5B26B Ref B: AM3EDGE0521 Ref C: 2022-03-24T13:32:34Z
x-usersessionid: f371a365-2f76-4921-aca0-2009bc14b962
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: f371a365-2f76-4921-aca0-2009bc14b962
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.kmhv.js Show response
c1h-excel-15.cdn.office.net/x/s/h56589BDC512896AF__layouts/App_Scripts/ Frame BAE1 486 KB
157 KB 11ms
11ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h56589BDC512896AF__layouts/App_Scripts/EwaDS.kmhv.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

56589bdc512896af904d9189a3e0d877babba9ebbaa1089ce60455f3c7b39bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"c5b666d99b42d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00013CBC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 159753
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 28 Mar 2022 12:03:34 GMT
x-officefd: AM4PEPF0000601B
x-msedge-ref: Ref A: DE99C8929D8B4ABDA2F7DD66ED59F730 Ref B: AMS04EDGE3509 Ref C: 2022-03-28T12:03:34Z
x-usersessionid: d856a4a8-c096-4a8d-8b79-7109e0864e6d
date: Tue, 29 Mar 2022 22:35:08 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: d856a4a8-c096-4a8d-8b79-7109e0864e6d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.agave.js Show response
c1h-excel-15.cdn.office.net/x/s/hC3A85ED0DEBDF4F7__layouts/App_Scripts/ Frame BAE1 593 KB
120 KB 22ms
22ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hC3A85ED0DEBDF4F7__layouts/App_Scripts/EwaDS.agave.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c3a85ed0debdf4f7f89f5db9793b5a5bde11a015e1cd8f3b39b5bab0a5c91a7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"2437e6f99b42d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00013CB3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 122363
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
x-akamai-origin-object-size: 122363
last-modified: Mon, 28 Mar 2022 12:04:28 GMT
x-officefd: AM4PEPF000068AF
x-msedge-ref: Ref A: 514A18C203F24BEF958226D3DE38C225 Ref B: AM3EDGE0919 Ref C: 2022-03-28T12:04:28Z
x-usersessionid: 29a15038-180a-4ed0-beb9-e130f4061ccf
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 29a15038-180a-4ed0-beb9-e130f4061ccf
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.commonui.js Show response
c1h-excel-15.cdn.office.net/x/s/h426BCA6A87CB10D0__layouts/App_Scripts/ Frame BAE1 486 B
993 B 25ms
25ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h426BCA6A87CB10D0__layouts/App_Scripts/EwaDS.commonui.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

426bca6a87cb10d036c97277c23d093384a518ccf24fa394874ae5858b138fca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"237f76b833fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF000114B7
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 273
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
x-akamai-origin-object-size: 273
last-modified: Thu, 24 Mar 2022 13:31:09 GMT
x-officefd: AM4PEPF000068C0
x-msedge-ref: Ref A: 7D740CF34CA34084BBF18A6DA99184B0 Ref B: AM3EDGE1007 Ref C: 2022-03-24T13:31:09Z
x-usersessionid: 872a8a88-9af9-437e-badc-50c86c1c91db
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 872a8a88-9af9-437e-badc-50c86c1c91db
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 copyPasteInfra.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hFD87E1AB9A098C20__layouts/App_Scripts/ Frame BAE1 124 KB
24 KB 17ms
17ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hFD87E1AB9A098C20__layouts/App_Scripts/copyPasteInfra.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fd87e1ab9a098c20ccbfe295d6540b50acf4b03093411f86c25c91cbf1b30269

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"19c2ff6b833fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF000114B2
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 23393
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-akamai-origin-object-size: 23393
last-modified: Thu, 24 Mar 2022 13:31:09 GMT
x-officefd: AM4PEPF000068AD
x-msedge-ref: Ref A: 90FB8534E7314D46A93D8217F891BAEC Ref B: AM3EDGE0817 Ref C: 2022-03-24T13:31:09Z
x-usersessionid: f5e0a204-1996-4d75-9685-b46b7d821a1d
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: f5e0a204-1996-4d75-9685-b46b7d821a1d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 clipboardPlatform.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h667573D826503728__layouts/App_Scripts/ Frame BAE1 172 KB
32 KB 18ms
18ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h667573D826503728__layouts/App_Scripts/clipboardPlatform.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

667573d826503728ad2032d72d77ac53f30980c1b45eaf6d471f5f74cb404a5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"16752e6c833fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF000068F0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 32034
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Thu, 24 Mar 2022 13:31:09 GMT
x-officefd: AM4PEPF0001041C
x-msedge-ref: Ref A: 98185FFDEB76499CAA58A7C7B2410484 Ref B: AMS04EDGE2621 Ref C: 2022-03-24T13:31:09Z
x-usersessionid: 2817f518-5000-432e-985b-5a237cd1d6f9
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 2817f518-5000-432e-985b-5a237cd1d6f9
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.tp.js Show response
c1h-excel-15.cdn.office.net/x/s/h3F0F44BE588DA32F__layouts/App_Scripts/ Frame BAE1 65 KB
15 KB 25ms
25ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h3F0F44BE588DA32F__layouts/App_Scripts/EwaDS.tp.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3f0f44be588da32fac9700ab88809efe6a823419dcd07651d46763444fd7927d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"cb196ac89b42d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF000114B6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 15070
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 28 Mar 2022 12:03:05 GMT
x-officefd: AM4PEPF0000689E
x-msedge-ref: Ref A: F6F5ACCE27654CE5B2318977BED20464 Ref B: AMS04EDGE3217 Ref C: 2022-03-28T12:03:05Z
x-usersessionid: a14a5ae7-2cbe-408f-b9bf-85e7a6498832
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: a14a5ae7-2cbe-408f-b9bf-85e7a6498832
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.tlv.js Show response
c1h-excel-15.cdn.office.net/x/s/hDE22A718193AFD79__layouts/App_Scripts/ Frame BAE1 338 KB
66 KB 15ms
15ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hDE22A718193AFD79__layouts/App_Scripts/EwaDS.tlv.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

de22a718193afd79f32dc74b5d65bbe699ae997b9298a6b6c47989b49cb364f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"6b52efc89b42d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00006918
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 66582
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 28 Mar 2022 12:03:06 GMT
x-officefd: AM4PEPF000068A6
x-msedge-ref: Ref A: 1273D874042C4B79918A774F693DD311 Ref B: AM3EDGE0618 Ref C: 2022-03-28T12:03:06Z
x-usersessionid: e0b59b37-7902-4d6d-9108-0798ca8976aa
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: e0b59b37-7902-4d6d-9108-0798ca8976aa
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-excel.officeapps.live.com/x/ Frame BAE1 0
210 B 42ms
42ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-excel.officeapps.live.com/x/RemoteUls.ashx?officeserverversion=16.0.15127.35054&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hD8326BB4760631A8__layouts/App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 1
X-UserSessionId: 729ebb39-3510-4720-ba59-84ed675cef2d
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15127.35054
X-Key: 4ZCwEYL/2Z8tmKmrcIGByvXbigQ34eCdm5cBz65cCyM=,637841901075384725
X-bULS-SuppressionETag: F71D240875B6202928B309D1BE6703B7B617B26B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Referer: https://pnl1-excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fknowledgeexchangecenter%252Eciti%252Ecom%253A443%252Fnet%252Duploads%252Fcharges%252FGlobally%252520Standardized%252520Charge%252520Codes%252520January%2525202022%255Fv2%252Exlsx&access_token_ttl=0&hid=a59d8ad2-533f-4516-a355-67305895db1c
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 0
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.15127.35054
x-officefe: AM4PEPF000114B7
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: F71D240875B6202928B309D1BE6703B7B617B26B
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 662d7bf9-2cd7-47c6-be54-f2904945b20b
x-officefd: AM4PEPF000068B8
x-usersessionid: 729ebb39-3510-4720-ba59-84ed675cef2d
date: Tue, 29 Mar 2022 22:35:07 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-excel.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 7B622FA125BC46D1A300458D2441FA88 Ref B: AMS04EDGE2213 Ref C: 2022-03-29T22:35:08Z
timing-allow-origin: *

GET
H2 200 hammer.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h883922A710E857E9__layouts/App_Scripts/ Frame BAE1 24 KB
6 KB 9ms
9ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h883922A710E857E9__layouts/App_Scripts/hammer.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

883922a710e857e94b35fd6748792782280a859e154e4db2e4c0b4876dfa61ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "1c4fb551e39d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF000068FB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 5366
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_powerpointslice_control,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 16 Mar 2022 10:12:26 GMT
x-officefd: AM4PEPF000068B7
x-msedge-ref: Ref A: 6EB5759B8BDA48ED9EAAAECBDEE3424F Ref B: AMS04EDGE2814 Ref C: 2022-03-17T13:31:10Z
x-usersessionid: 826e6f74-1900-47e9-87f6-a5254cf1a256
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 826e6f74-1900-47e9-87f6-a5254cf1a256
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 common.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hE57F3C5C863FD2C0__layouts/App_Scripts/ Frame BAE1 2 MB
332 KB 14ms
13ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hE57F3C5C863FD2C0__layouts/App_Scripts/common.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e57f3c5c863fd2c0e73459ad4aa2176a5f6ffb910be2752bc2c734d87016a9b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"867c9966833fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15122.37951
x-officefe: DB5PEPF0000830A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 338535
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Thu, 24 Mar 2022 13:31:00 GMT
x-officefd: DB5PEPF000082B8
x-usersessionid: a2d68eb7-3299-4f2f-bf85-9f9a5f33eb4e
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: a2d68eb7-3299-4f2f-bf85-9f9a5f33eb4e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 common50.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hDB562F4413BBF782__layouts/App_Scripts/ Frame BAE1 1 MB
228 KB 30ms
29ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hDB562F4413BBF782__layouts/App_Scripts/common50.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

db562f4413bbf78204fa35365321c03d9ce969b395dc1472981d0723fb6344d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"7ca68f69833fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00006946
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 232327
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 24 Mar 2022 13:31:05 GMT
x-officefd: AM4PEPF0000601B
x-msedge-ref: Ref A: 178BEBFE1C8E489792B6637C936D780A Ref B: AM3EDGE0308 Ref C: 2022-03-24T13:31:05Z
x-usersessionid: 6604eda6-56ea-46b3-aaa1-2e39ffbd6907
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 6604eda6-56ea-46b3-aaa1-2e39ffbd6907
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 runtime.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h9ED430239083767D__layouts/App_Scripts/ Frame BAE1 30 KB
9 KB 36ms
36ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h9ED430239083767D__layouts/App_Scripts/runtime.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

9ed430239083767d16222c4b27d32027601f1cf9f7b73eaf33e6f8c110f77aa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"344e5066833fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00006917
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 8192
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Thu, 24 Mar 2022 13:30:59 GMT
x-officefd: AM4PEPF0000689E
x-usersessionid: 06bda50b-5d12-40d6-94e2-2f97914c4078
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 06bda50b-5d12-40d6-94e2-2f97914c4078
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 interactivity.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h917A78F3526E25EA__layouts/App_Scripts/ Frame BAE1 36 KB
8 KB 43ms
43ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h917A78F3526E25EA__layouts/App_Scripts/interactivity.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

917a78f3526e25ea4ef42fa738171bce7b23ac2800f268bbe58efb71fbb96716

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"1fb98f6a833fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00013CAD
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 7319
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Thu, 24 Mar 2022 13:31:06 GMT
x-officefd: AM4PEPF0000689E
x-usersessionid: 096a031b-5c11-4dca-afc2-94d213e682d3
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 096a031b-5c11-4dca-afc2-94d213e682d3
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 officeonlinecpuprofiling.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hC6A5A24A84053920__layouts/App_Scripts/ Frame BAE1 206 KB
27 KB 44ms
44ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hC6A5A24A84053920__layouts/App_Scripts/officeonlinecpuprofiling.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c6a5a24a84053920739287943102f9c36c83d2752a1b9ab865f45fb51939cdc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"6149fc9233dd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15113.37951
x-officefe: DB5PEPF0000C9FA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 27156
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 21 Mar 2022 13:01:31 GMT
x-officefd: DB5PEPF000082E4
x-usersessionid: 0b1bf4ef-20ab-454d-93fc-07b82c7ec1aa
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 0b1bf4ef-20ab-454d-93fc-07b82c7ec1aa
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaDS.kffa.js Show response
c1h-excel-15.cdn.office.net/x/s/h44BA97A5B99C8B07__layouts/App_Scripts/ Frame BAE1 607 KB
126 KB 52ms
52ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h44BA97A5B99C8B07__layouts/App_Scripts/EwaDS.kffa.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

44ba97a5b99c8b077850716bc4bcd079c864efd9942a722cf1580120941d32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"ae50fec29b42d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00013CAF
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 127776
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 28 Mar 2022 12:02:56 GMT
x-officefd: AM4PEPF000068B7
x-msedge-ref: Ref A: D948683288D9437392BBB68D1C23F1DD Ref B: AM3EDGE0807 Ref C: 2022-03-28T12:02:56Z
x-usersessionid: e33f848c-d348-43f2-ba10-7cfbab7ab23f
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: e33f848c-d348-43f2-ba10-7cfbab7ab23f
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appChrome.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h287419D6F39333AE__layouts/App_Scripts/ Frame BAE1 152 KB
34 KB 14ms
14ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h287419D6F39333AE__layouts/App_Scripts/appChrome.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

287419d6f39333ae03836b9826f34a640b8d337cff7023648dd684d49c328788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"dbc45266833fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF000068F0
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 34126
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 24 Mar 2022 13:30:59 GMT
x-officefd: AM4PEPF0000601C
x-msedge-ref: Ref A: 870308DB8149474499638D3E7D35D987 Ref B: AMS04EDGE3419 Ref C: 2022-03-24T13:30:59Z
x-usersessionid: c4704017-4bed-4045-959d-a6f437080edd
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: c4704017-4bed-4045-959d-a6f437080edd
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 osfruntime_xlo.js Show response
c1h-excel-15.cdn.office.net/x/s/h041781CE8C0B99D6__layouts/App_Scripts/ Frame BAE1 615 KB
104 KB 8ms
8ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h041781CE8C0B99D6__layouts/App_Scripts/osfruntime_xlo.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

041781ce8c0b99d64132ad8a1c81ecc95fe4be596a41550d4a42775b70c62d8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "41cac8d92439d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00013CB4
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 105857
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 16 Mar 2022 10:59:04 GMT
x-officefd: AM4PEPF0000689F
x-msedge-ref: Ref A: 5E732D39F9A64BF3BCC120A2A77C2660 Ref B: AMS04EDGE3321 Ref C: 2022-03-22T21:02:38Z
x-usersessionid: db3559ba-44a6-4294-a198-6e8096aab48e
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: db3559ba-44a6-4294-a198-6e8096aab48e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 OfficeExtension.WacRuntime.js Show response
c1h-excel-15.cdn.office.net/x/s/h43C5939CB732D8AA__layouts/App_Scripts/ Frame BAE1 172 KB
24 KB 16ms
16ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h43C5939CB732D8AA__layouts/App_Scripts/OfficeExtension.WacRuntime.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

43c5939cb732d8aa2d20fce97f359f46b7c3b937e60ed576b752ae0a2e73314f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "9731458c3039d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF0000693E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 23871
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 16 Mar 2022 12:22:48 GMT
x-officefd: AM4PEPF0000689D
x-msedge-ref: Ref A: 92EE0D08B2934BC5896778DF53F54A90 Ref B: AM3EDGE1015 Ref C: 2022-03-19T23:17:26Z
x-usersessionid: 149a1801-af74-4f5e-85e6-4210399fef02
date: Tue, 29 Mar 2022 22:35:08 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 149a1801-af74-4f5e-85e6-4210399fef02
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwrNov.css
c1h-excel-15.cdn.office.net/x/s/h70AA628053200235__layouts/Resources/1031/ Frame BAE1 11 KB
3 KB 8ms
8ms Stylesheet
text/css 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h70AA628053200235__layouts/Resources/1031/EwrNov.css

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

70aa6280532002357186121cdac4f4ee50ae993a50ad785c98015377b1635474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pnl1-excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "e893e9541e39d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF000068FB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2164
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Wed, 16 Mar 2022 10:12:24 GMT
x-officefd: AM4PEPF000068A5
x-msedge-ref: Ref A: BF1998F4B8F84158B5D1F8B3DEEC0ED0 Ref B: AMS04EDGE1312 Ref C: 2022-03-18T12:51:24Z
x-usersessionid: 9275dfd8-f84a-4c0d-af15-be88808cfec9
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: 9275dfd8-f84a-4c0d-af15-be88808cfec9
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaNov.png
c1h-excel-15.cdn.office.net/x/s/hF987E2D9828EAD77__layouts/Resources/ Frame BAE1 10 KB
11 KB 10ms
9ms Image
image/png 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hF987E2D9828EAD77__layouts/Resources/EwaNov.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f987e2d9828ead776cb236e3efa082920c6605fd4bc3676bc93447ef677657c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pnl1-excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "ebb2fc683c3ed81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00006919
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 10090
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-akamai-origin-object-size: 10090
last-modified: Tue, 22 Mar 2022 22:30:18 GMT
x-officefd: AM4PEPF0001041B
x-msedge-ref: Ref A: F8785A9DF05E44729C08DAC6EBEFB4EE Ref B: AM3EDGE1013 Ref C: 2022-03-25T02:39:13Z
x-usersessionid: 080ae306-8564-43d6-9b09-9c320bd62fae
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 080ae306-8564-43d6-9b09-9c320bd62fae
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame BAE1 42 KB
16 KB 205ms
9ms Script
application/javascript 104.89.44.168
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 104.89.44.168 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-44-168.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 22:35:09 GMT
X-MSNServer: RD0003FF24040F
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=81073, public
X-ODWebServer: westeurope1-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

GET
H2 200 EwaCommon.png
c1h-excel-15.cdn.office.net/x/s/h2F95CDDC41D79343__layouts/Resources/1031/ Frame BAE1 19 KB
20 KB 11ms
10ms Image
image/png 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h2F95CDDC41D79343__layouts/Resources/1031/EwaCommon.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2f95cddc41d79343acd4194569538eb07ae5bdd1ec90469253f41ee5db530b67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pnl1-excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "937834b52f39d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00013CBA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 19229
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Wed, 16 Mar 2022 12:16:47 GMT
x-officefd: AM4PEPF0000601C
x-msedge-ref: Ref A: 7078B17DCB8542E685EBE5AADAE4E143 Ref B: AMS04EDGE2011 Ref C: 2022-03-22T21:53:47Z
x-usersessionid: c2f1e925-5d99-4ce5-bca7-0ea5ec338c12
date: Tue, 29 Mar 2022 22:35:08 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: c2f1e925-5d99-4ce5-bca7-0ea5ec338c12
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteTelemetry.ashx Show response
pnl1-excel.officeapps.live.com/x/_layouts/ Frame BAE1 0
224 B 31ms
31ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-excel.officeapps.live.com/x/_layouts/RemoteTelemetry.ashx

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fknowledgeexchangecenter%252Eciti%252Ecom%253A443%252Fnet%252Duploads%252Fcharges%252FGlobally%252520Standardized%252520Charge%252520Codes%252520January%2525202022%255Fv2%252Exlsx&access_token_ttl=0&hid=a59d8ad2-533f-4516-a355-67305895db1c
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF0000601A
x-officeversion: 16.0.15127.35054
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: ef2cbbb0-9e42-4fb3-974a-1891f9ee0686
x-officecluster: PNL1
x-usersessionid: ef2cbbb0-9e42-4fb3-974a-1891f9ee0686
date: Tue, 29 Mar 2022 22:35:08 GMT
x-download-options: noopen
access-control-allow-origin: https://pnl1-excel.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: FB7E64A2E20B414EA32D0D6C50E8FFFD Ref B: AMS04EDGE2213 Ref C: 2022-03-29T22:35:08Z
timing-allow-origin: *
x-officefe: AM4PEPF000114B7

GET
H2 200 shared.aspx Show response
shared.officeapps.live.com/clipboard/ Frame B1FF 2 KB
2 KB 76ms
28ms Document
text/html 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://shared.officeapps.live.com/clipboard/shared.aspx?CreatorOrigin=https%3A%2F%2Fpnl1-excel.officeapps.live.com&usid=729ebb39-3510-4720-ba59-84ed675cef2d&corrid=23cbce3c-5859-47c6-ae6d-10362986e4fa&NoAuth=true

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h667573D826503728__layouts/App_Scripts/clipboardPlatform.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6388ca321dff4422c6fe67e62be0147e0a8a6f0db0ac2d029bfdf6e6a2e111a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://pnl1-excel.officeapps.live.com/

Response headers

cache-control: private
content-length: 1110
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-correlationid: 23cbce3c-5859-47c6-ae6d-10362986e4fa
x-usersessionid: 729ebb39-3510-4720-ba59-84ed675cef2d
strict-transport-security: max-age=31536000
timing-allow-origin: *
origin-trial: Av/V1OIQEg1NnsGePStscuk3wq4vcXOXMgC9FgVS6qT/EXVQYN3Od6vRI1SBm0VaYGTtWDP/tGvfx2YqK9SDWlYAAABteyJvcmlnaW4iOiJodHRwczovL29mZmljZWFwcHMubGl2ZS5jb206NDQzIiwiaXNTdWJkb21haW4iOnRydWUsImZlYXR1cmUiOiJIYXB0aWNzRGV2aWNlIiwiZXhwaXJ5IjoxNjcyNTMxMTk5fQ==
x-officefe: AM4PEPF00006929
x-officeversion: 16.0.15127.35054
x-officecluster: PNL1
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-site
x-officefd: AM4PEPF000068B7
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-msedge-ref: Ref A: 8970545D36F044F98D9A857F2DF09BEC Ref B: AMS04EDGE2213 Ref C: 2022-03-29T22:35:09Z
date: Tue, 29 Mar 2022 22:35:08 GMT

GET
H2 200 excel-uiSlice20-sprite.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hE19411ADF787905E__layouts/App_Scripts/1031/ Frame BAE1 458 KB
54 KB 9ms
8ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hE19411ADF787905E__layouts/App_Scripts/1031/excel-uiSlice20-sprite.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e19411adf787905ee501436ea2170fe4b57e1467173679fa7098bf45bb389a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"ccdb1cdd243dd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15113.37951
x-officefe: DB5PEPF00008319
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 54710
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 21 Mar 2022 13:09:14 GMT
x-officefd: DB5PEPF000082B8
x-usersessionid: f55a95ec-afa6-4e18-b288-5d59d2354a81
date: Tue, 29 Mar 2022 22:35:09 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: f55a95ec-afa6-4e18-b288-5d59d2354a81
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appChromeLazy.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hACD703167E20E871__layouts/App_Scripts/ Frame BAE1 415 KB
95 KB 21ms
20ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hACD703167E20E871__layouts/App_Scripts/appChromeLazy.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h9ED430239083767D__layouts/App_Scripts/runtime.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

acd703167e20e87104aed1684591ee576e9a757227bf56314c604c402f2a1879

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"d22bd69833fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF000068EC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 96781
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 24 Mar 2022 13:31:05 GMT
x-officefd: AM4PEPF000068A6
x-msedge-ref: Ref A: B27413F942E145A3965C385F602A37A4 Ref B: AMS04EDGE3105 Ref C: 2022-03-24T13:31:05Z
x-usersessionid: d1be79aa-3d67-472e-b744-90e83bcaff28
date: Tue, 29 Mar 2022 22:35:09 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: d1be79aa-3d67-472e-b744-90e83bcaff28
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excel-app-intl-lazy-exp.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hD913100E577674E0__layouts/App_Scripts/1031/ Frame BAE1 470 KB
61 KB 8ms
8ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hD913100E577674E0__layouts/App_Scripts/1031/excel-app-intl-lazy-exp.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d913100e577674e0f4bb919b11f5bdeca704edd6f21cbd8ef7e7c068b2a97735

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "c5beec7a243dd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF00013CB9
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 61708
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 21 Mar 2022 13:06:29 GMT
x-officefd: AM4PEPF0001041C
x-msedge-ref: Ref A: 8255BD31EFDB4078B91E046A73F98E60 Ref B: AM3EDGE0214 Ref C: 2022-03-21T13:09:10Z
x-usersessionid: 849b6ec5-a8c0-4abb-a9df-380968222d1b
date: Tue, 29 Mar 2022 22:35:09 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 849b6ec5-a8c0-4abb-a9df-380968222d1b
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 dialogControls.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h6952ECC738A348D6__layouts/App_Scripts/ Frame BAE1 6 KB
2 KB 10ms
9ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h6952ECC738A348D6__layouts/App_Scripts/dialogControls.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6952ecc738a348d6e660eb8e1e630768f7bae02b3f2c67fba59a198011279fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"c1bc96b833fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF000114B3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1223
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 24 Mar 2022 13:31:07 GMT
x-officefd: AM4PEPF0000689D
x-msedge-ref: Ref A: 91373AE461F2493D9190474462CE7BF7 Ref B: AMS04EDGE2721 Ref C: 2022-03-24T13:31:07Z
x-usersessionid: 9c310c17-8c8c-4e6a-9c5c-f42093b4fd68
date: Tue, 29 Mar 2022 22:35:09 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 9c310c17-8c8c-4e6a-9c5c-f42093b4fd68
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK sharedclipboard.min.js Show response
c1-shared-15.cdn.office.net/clipboard/s/161512735054_App_Scripts/ Frame B1FF 81 KB
18 KB 126ms
15ms Script
application/javascript 2a02:26f0:3500:584::4b36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-shared-15.cdn.office.net/clipboard/s/161512735054_App_Scripts/sharedclipboard.min.js

Requested by

Host: shared.officeapps.live.com
URL: https://shared.officeapps.live.com/clipboard/shared.aspx?CreatorOrigin=https%3A%2F%2Fpnl1-excel.officeapps.live.com&usid=729ebb39-3510-4720-ba59-84ed675cef2d&corrid=23cbce3c-5859-47c6-ae6d-10362986e4fa&NoAuth=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:584::4b36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e0fe1935583f3697e4ca291aabf888752f256b13628df4e15e9b1aaf037575bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shared.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: W/"62a22f59b42d81:0"
X-OfficeCluster: PIE1
X-OfficeVersion: 16.0.15122.37951
X-OfficeFE: DB5PEPF0000830E
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
Content-Length: 17404
Cache-Control: public,max-age=31536000
X-MSEdge-Features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
Last-Modified: Mon, 28 Mar 2022 12:04:20 GMT
X-OFFICEFD: DB5PEPF000082D5
X-MSEdge-Ref: Ref A: DD575F4D088440FB8396049CF326F743 Ref B: AM3EDGE0714 Ref C: 2022-03-28T12:04:20Z
X-UserSessionId: 10b537ea-d8f9-4329-a04e-db981c297805
Date: Tue, 29 Mar 2022 22:35:09 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 10b537ea-d8f9-4329-a04e-db981c297805
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 osfruntime_strings.js Show response
c1h-excel-15.cdn.office.net/x/s/161512735054__layouts/App_Scripts/1031/ Frame BAE1 11 KB
3 KB 9ms
9ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161512735054__layouts/App_Scripts/1031/osfruntime_strings.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h041781CE8C0B99D6__layouts/App_Scripts/osfruntime_xlo.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

178b20b043c8806bb272e5e43d08be8efd01efc3f4a75d9acb2a005b89569274

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"f3b237af9c42d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF0000693D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2792
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 28 Mar 2022 12:09:32 GMT
x-officefd: AM4PEPF000068C1
x-msedge-ref: Ref A: C9330A15ECC9409BAA3CBB80B19086F7 Ref B: AM3EDGE0413 Ref C: 2022-03-28T12:09:32Z
x-usersessionid: 08bdbd03-07ea-486b-bcbd-8a71e5d3a45a
date: Tue, 29 Mar 2022 22:35:09 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 08bdbd03-07ea-486b-bcbd-8a71e5d3a45a
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
pnl1-excel.officeapps.live.com/x/ Frame BAE1 0
500 B 52ms
51ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-excel.officeapps.live.com/x/RemoteUls.ashx?officeserverversion=16.0.15127.35054&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hD8326BB4760631A8__layouts/App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 1
X-UserSessionId: 729ebb39-3510-4720-ba59-84ed675cef2d
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15127.35054
X-Key: 4ZCwEYL/2Z8tmKmrcIGByvXbigQ34eCdm5cBz65cCyM=,637841901075384725
X-bULS-SuppressionETag: F71D240875B6202928B309D1BE6703B7B617B26B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Referer: https://pnl1-excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fknowledgeexchangecenter%252Eciti%252Ecom%253A443%252Fnet%252Duploads%252Fcharges%252FGlobally%252520Standardized%252520Charge%252520Codes%252520January%2525202022%255Fv2%252Exlsx&access_token_ttl=0&hid=a59d8ad2-533f-4516-a355-67305895db1c
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 0
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.15127.35054
x-officefe: AM4PEPF000114B7
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: F71D240875B6202928B309D1BE6703B7B617B26B
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
x-correlationid: f691b51c-b100-497f-bb75-2192cb089f5b
x-officefd: AM4PEPF000068AE
x-usersessionid: 729ebb39-3510-4720-ba59-84ed675cef2d
date: Tue, 29 Mar 2022 22:35:08 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-excel.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 107AC8D1D4FF45EEB471EC04C7F3B338 Ref B: AMS04EDGE2213 Ref C: 2022-03-29T22:35:09Z
timing-allow-origin: *

GET
H2 200 moeerrorux.css
c1h-excel-15.cdn.office.net/x/s/161512735054__layouts/Resources/1031/ Frame BAE1 10 KB
2 KB 8ms
7ms Stylesheet
text/css 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161512735054__layouts/Resources/1031/moeerrorux.css

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h041781CE8C0B99D6__layouts/App_Scripts/osfruntime_xlo.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

47d6dbdb766bd7ea675f68a5ce5a22654554001efc7007a0b8c484069d9e2638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pnl1-excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "ac2dfd5a9c42d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00006918
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 1482
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-akamai-origin-object-size: 1482
last-modified: Mon, 28 Mar 2022 12:07:11 GMT
x-officefd: AM4PEPF000068AE
x-msedge-ref: Ref A: A6FCC0B3FC094F4692A0CCF83ACCFF4E Ref B: AMS04EDGE3307 Ref C: 2022-03-28T12:09:33Z
x-usersessionid: b7769e9f-af74-4be6-b286-59881a38039a
date: Tue, 29 Mar 2022 22:35:09 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: b7769e9f-af74-4be6-b286-59881a38039a
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 progress.gif
c1h-excel-15.cdn.office.net/x/s/161512735054__layouts/Resources/1031/ Frame BAE1 644 B
1 KB 9ms
8ms Image
image/gif 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161512735054__layouts/Resources/1031/progress.gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

79b48a07e8b202282bd8ec6ab7aac909eaa359da349fe822fac69e1f6e2991ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pnl1-excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"7bca2855a742d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF000114B4
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 644
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Mon, 28 Mar 2022 13:25:46 GMT
x-officefd: AM4PEPF0000601A
x-msedge-ref: Ref A: C5F5C6CC8EAC48B4A5D0F73388532E36 Ref B: AMS04EDGE3220 Ref C: 2022-03-28T13:25:46Z
x-usersessionid: afc24578-2d97-4a08-ab42-31f2a10ab637
date: Tue, 29 Mar 2022 22:35:09 GMT
content-type: image/gif
access-control-allow-origin: *
x-correlationid: afc24578-2d97-4a08-ab42-31f2a10ab637
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 moe_status_icons.png
c1h-excel-15.cdn.office.net/x/s/161512735054__layouts/Resources/1031/ Frame BAE1 6 KB
6 KB 10ms
9ms Image
image/png 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161512735054__layouts/Resources/1031/moe_status_icons.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

77dd1463fe34be51528c6535c5aaf5590ee90bbd3b76ae8e362657c45e9f90fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pnl1-excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"66a967af9c42d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF00006900
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 6140
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Mon, 28 Mar 2022 12:09:33 GMT
x-officefd: AM4PEPF0000689F
x-usersessionid: ce7b03f7-7f15-4303-aec8-1aee00a893dd
date: Tue, 29 Mar 2022 22:35:09 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: ce7b03f7-7f15-4303-aec8-1aee00a893dd
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 agavedefaulticon96x96.png
c1h-excel-15.cdn.office.net/x/s/161512735054__layouts/Resources/1031/ Frame BAE1 1 KB
2 KB 12ms
11ms Image
image/png 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161512735054__layouts/Resources/1031/agavedefaulticon96x96.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7b389747818635bca6fe76f5e3226eda36af53d8f27526796bc975ebd440a395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pnl1-excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: W/"4a67c7829d42d81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF000068F8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 1115
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 28 Mar 2022 12:15:27 GMT
x-officefd: AM4PEPF000068C1
x-msedge-ref: Ref A: B9A1F5DFC73C48B688CDFBE9334F0A69 Ref B: AM3EDGE0721 Ref C: 2022-03-28T12:15:27Z
x-usersessionid: dc619c15-3174-4976-851e-6a6a0a0c815e
date: Tue, 29 Mar 2022 22:35:09 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: dc619c15-3174-4976-851e-6a6a0a0c815e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excel-uiSlice20-sprite-exp.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hA02FE65ADAA8B43D__layouts/App_Scripts/1031/ Frame BAE1 1 MB
125 KB 8ms
8ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hA02FE65ADAA8B43D__layouts/App_Scripts/1031/excel-uiSlice20-sprite-exp.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a02fe65adaa8b43ddba0c73f307e47f0eae25f656a4c6bfde17e8ee4620469a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"16e730dc243dd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15113.37951
x-officefe: AM4PEPF0000690A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 126867
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 21 Mar 2022 13:09:12 GMT
x-officefd: AM4PEPF000068C0
x-msedge-ref: Ref A: 9F1F8E2CB8534293A596C779DDB85CF6 Ref B: AM3EDGE0615 Ref C: 2022-03-21T13:09:12Z
x-usersessionid: 841d99ef-cc19-4ccd-bd1c-43dd4e5152f2
date: Tue, 29 Mar 2022 22:35:09 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 841d99ef-cc19-4ccd-bd1c-43dd4e5152f2
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 uiSlice20.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h4CF8218F108919A7__layouts/App_Scripts/ Frame BAE1 731 KB
131 KB 11ms
10ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h4CF8218F108919A7__layouts/App_Scripts/uiSlice20.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h9ED430239083767D__layouts/App_Scripts/runtime.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4cf8218f108919a77c88fd391bf81038f0f638fc8f5c71d74d5ba3731b43b222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"f553e96a833fd81:0"
x-officecluster: PNL1
x-officeversion: 16.0.15122.37951
x-officefe: AM4PEPF000068FD
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 132954
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Thu, 24 Mar 2022 13:31:07 GMT
x-officefd: AM4PEPF0000601A
x-msedge-ref: Ref A: 971618FAD23D4A48848EAF1894FD251A Ref B: AM3EDGE0521 Ref C: 2022-03-24T13:31:07Z
x-usersessionid: d537b5b4-b0e1-4c0e-a9d1-db43a44dae67
date: Tue, 29 Mar 2022 22:35:09 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: d537b5b4-b0e1-4c0e-a9d1-db43a44dae67
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 GetHasUntrustedImageUrls Show response
pnl1-excel.officeapps.live.com/x/_vti_bin/EwaInternalWebService.json/ Frame BAE1 1 KB
1 KB 37ms
35ms XHR
application/json 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-excel.officeapps.live.com/x/_vti_bin/EwaInternalWebService.json/GetHasUntrustedImageUrls?context=%7B%22WorkbookMetadataParameter%22%3A%7B%22WorkbookMetadataState%22%3A%7B%22MetadataVersion%22%3A0%2C%22ServerEventVersion%22%3A0%7D%7D%2C%22ClientRequestId%22%3A%2229cf1d3d-302f-457c-ac88-3856f16d335a%22%2C%22MakeInstantaneousChange%22%3Afalse%2C%22SessionId%22%3A%2215.AM4PEPF000114B71.A96.1.V25.16391Hxmg9zy2Eys9OedArrIb14.5.de-DE5.de-DE39.knowledgeexchangecenter.citi.com-Public1.S1.N16.16.0.15127.3505414.5.de-DE5.de-DE1.V1.N0.1.S%22%2C%22TransientEditSessionToken%22%3Anull%2C%22PermissionFlags%22%3A98235%2C%22Configurations%22%3A1639168%2C%22CompleteResponseTimeout%22%3A0%2C%22IsWindowHidden%22%3Afalse%2C%22CollaborationParameter%22%3A%7B%22CollaborationState%22%3A%7B%22CollabStateId%22%3A0%2C%22UserListVersion%22%3A0%7D%7D%2C%22ViewModeStateId%22%3A0%2C%22MachineCluster%22%3A%22PNL1%22%2C%22AjaxOptions%22%3A0%2C%22ReturnSheetProcessedData%22%3Afalse%7D&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hD8326BB4760631A8__layouts/App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

65416ac06b1ffbe41da7acb1d18ebc46fc173154dcd6360fe9d76e9a47e26cfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacNoAuth: 1
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15127.35054
X-Key: 4ZCwEYL/2Z8tmKmrcIGByvXbigQ34eCdm5cBz65cCyM=,637841901075384725
X-Requested-With: XMLHttpRequest
X-xhr: 1
X-XL-SessionId: 15.AM4PEPF000114B71.A96.1.V25.16391Hxmg9zy2Eys9OedArrIb14.5.de-DE5.de-DE39.knowledgeexchangecenter.citi.com-Public1.S1.N16.16.0.15127.3505414.5.de-DE5.de-DE1.V1.N0.1.S
haep: 1
X-AccessToken: 1
X-UserSessionId: 729ebb39-3510-4720-ba59-84ed675cef2d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: application/json; charset=utf-8
X-CorrelationId: ec9fd741-6586-4b7a-9958-c4eab8950f97
Referer: https://pnl1-excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fknowledgeexchangecenter%252Eciti%252Ecom%253A443%252Fnet%252Duploads%252Fcharges%252FGlobally%252520Standardized%252520Charge%252520Codes%252520January%2525202022%255Fv2%252Exlsx&access_token_ttl=0&hid=a59d8ad2-533f-4516-a355-67305895db1c
X-UserType: WOPI
X-AccessTokenTtl: 0
X-WacCluster: PNL1

Response headers

xlsecsid: AM4PEPF000114B7
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.15127.35054
x-officefe: AM4PEPF000114B7
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
xlswfecid: ec9fd741-6586-4b7a-9958-c4eab8950f97
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 914
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: ec9fd741-6586-4b7a-9958-c4eab8950f97
x-officefd: AM4PEPF000068A6
x-usersessionid: 729ebb39-3510-4720-ba59-84ed675cef2d
date: Tue, 29 Mar 2022 22:35:08 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
xlsecscid: ec9fd741-6586-4b7a-9958-c4eab8950f97
x-msedge-ref: Ref A: ACD64572396C453EAFF50ECBDEF6A21E Ref B: AMS04EDGE2213 Ref C: 2022-03-29T22:35:09Z
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx
pnl1-excel.officeapps.live.com/x/ Frame B1FF 0
0 28ms
28ms Ping
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pnl1-excel.officeapps.live.com/x/RemoteUls.ashx?usid=729ebb39-3510-4720-ba59-84ed675cef2d
Requested by: Host: c1-shared-15.cdn.office.net
URL: https://c1-shared-15.cdn.office.net/clipboard/s/161512735054_App_Scripts/sharedclipboard.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shared.officeapps.live.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 uiFabricLazy.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h0A7B50CADA46A22C__layouts/App_Scripts/ Frame BAE1 2 KB
1 KB 9ms
9ms Script
application/javascript 2a02:26f0:fb:5b3::1c24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h0A7B50CADA46A22C__layouts/App_Scripts/uiFabricLazy.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h9ED430239083767D__layouts/App_Scripts/runtime.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:5b3::1c24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

0a7b50cada46a22c85f15abdb4b0375a9b42b5a88a80d9c01797e2d171691297

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"8ae9a6d833fd81:0"
x-officecluster: PIE1
x-officeversion: 16.0.15122.37951
x-officefe: DB5PEPF000082F9
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
content-length: 797
cache-control: public,max-age=31536000
server: Microsoft-IIS/10.0
last-modified: Thu, 24 Mar 2022 13:31:11 GMT
x-officefd: DB5PEPF000082D4
x-usersessionid: 6c9fc681-5d3b-476f-9b6a-4905d7a246d1
date: Tue, 29 Mar 2022 22:35:09 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 6c9fc681-5d3b-476f-9b6a-4905d7a246d1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame BAE1 35 KB
36 KB 86ms
13ms Font
application/font-woff2 96.16.146.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.146.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-146-233.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Origin: https://pnl1-excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 29 Mar 2022 22:35:09 GMT
last-modified: Thu, 02 Nov 2017 17:22:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: hl8dtlRfyUovRETdYOe7xg==
etag: 0x8D522163B704E10
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: 6314dbd6-e01e-0044-7879-430c12000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31287398
x-ms-version: 2009-09-19
content-length: 36344

POST
H2 200 RemoteTelemetry.ashx Show response
pnl1-excel.officeapps.live.com/x/_layouts/ Frame BAE1 0
344 B 30ms
29ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-excel.officeapps.live.com/x/_layouts/RemoteTelemetry.ashx

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h6F4795E494CE546C__layouts/App_Scripts/EwaDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pnl1-excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fknowledgeexchangecenter%252Eciti%252Ecom%253A443%252Fnet%252Duploads%252Fcharges%252FGlobally%252520Standardized%252520Charge%252520Codes%252520January%2525202022%255Fv2%252Exlsx&access_token_ttl=0&hid=a59d8ad2-533f-4516-a355-67305895db1c
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF000068B6
x-officeversion: 16.0.15127.35054
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
x-correlationid: 07b37f2a-1519-4210-ad91-cebaf6d807cd
x-officecluster: PNL1
x-usersessionid: 07b37f2a-1519-4210-ad91-cebaf6d807cd
date: Tue, 29 Mar 2022 22:35:08 GMT
x-download-options: noopen
access-control-allow-origin: https://pnl1-excel.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 3C8D09FB9C984636A9AC1ECCC441E81C Ref B: AMS04EDGE2213 Ref C: 2022-03-29T22:35:09Z
timing-allow-origin: *
x-officefe: AM4PEPF000114B7

POST
H2 200 RemoteUls.ashx Show response
pnl1-excel.officeapps.live.com/x/ Frame BAE1 0
693 B 278ms
278ms XHR
text/plain 2620:1ec:a92::171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://pnl1-excel.officeapps.live.com/x/RemoteUls.ashx?officeserverversion=16.0.15127.35054&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hD8326BB4760631A8__layouts/App_Scripts/MicrosoftAjaxDS.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:a92::171 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 1
X-UserSessionId: 729ebb39-3510-4720-ba59-84ed675cef2d
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.15127.35054
X-Key: 4ZCwEYL/2Z8tmKmrcIGByvXbigQ34eCdm5cBz65cCyM=,637841901075384725
X-bULS-SuppressionETag: F71D240875B6202928B309D1BE6703B7B617B26B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Referer: https://pnl1-excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de%2DDE&rs=de%2DDE&WOPISrc=http%3A%2F%2Fpnl1%2Dview%2Dwopi%2Ewopi%2Eonline%2Eoffice%2Enet%3A808%2Foh%2Fwopi%2Ffiles%2F%40%2FwFileId%3FwFileId%3Dhttps%253A%252F%252Fknowledgeexchangecenter%252Eciti%252Ecom%253A443%252Fnet%252Duploads%252Fcharges%252FGlobally%252520Standardized%252520Charge%252520Codes%252520January%2525202022%255Fv2%252Exlsx&access_token_ttl=0&hid=a59d8ad2-533f-4516-a355-67305895db1c
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 0
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.15127.35054
x-officefe: AM4PEPF000114B7
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: F71D240875B6202928B309D1BE6703B7B617B26B
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid: fa72e128-375f-45e0-b386-ef770d21d5eb
x-officefd: AM4PEPF000068AE
x-usersessionid: 729ebb39-3510-4720-ba59-84ed675cef2d
date: Tue, 29 Mar 2022 22:35:09 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://pnl1-excel.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 20A74AD7E0334D92A665A85C29FDB82A Ref B: AMS04EDGE2213 Ref C: 2022-03-29T22:35:10Z
timing-allow-origin: *

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ Frame BAE1 24 B
431 B 706ms
164ms XHR
application/json 20.189.173.11
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,fad3bd1d8e4b4c06894bd7bac80e4f02-67df67b4-f1fd-4ecd-9d55-4d41540b1757-7724&upload-time=1648593310504&time-delta-to-apply-millis=use-collector-delta&w=2
Requested by: Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h01346477DF6BAB87__layouts/App_Scripts/otelFull.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.189.173.11 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d

Request headers

Referer: https://pnl1-excel.officeapps.live.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 29 Mar 2022 22:35:10 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 614
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://pnl1-excel.officeapps.live.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pnl1-excel.officeapps.live.com/x/_layouts	1970-01-20 10:42:09	Name: PageLoadSkeletonState Value: %7B%22IsEnabled%22%3Atrue%2C%22Options%22%3A1088%7D
.officeapps.live.com/x	1970-01-20 10:42:09	Name: timeZoneId Value: Etc%2FUnknown
.view.officeapps.live.com/	1969-12-31 23:59:59	Name: PNL1-ARRAffinity Value: 67903889c381d6376bc5dee98708ad23cd17a9408034c86f529545c5c8200fe6
pnl1-excel.officeapps.live.com/	1970-01-20 04:09:02	Name: DcLcid Value: ui=1031&data=1031
.pnl1-excel.officeapps.live.com/	1969-12-31 23:59:59	Name: PNL1-Excel-ARRAffinity Value: 2f11cdd6977be32459dbfca421e75f21dcd3e39b7cb74a7ebb94bcacfc501fd0
shared.officeapps.live.com/	1970-01-20 04:09:02	Name: DcLcid Value: ui=1031&data=1031
.shared.officeapps.live.com/	1969-12-31 23:59:59	Name: PNL1-ARRAffinity Value: 4c4947ceae03290cd154638b66f2cd0cb2e1354e97bef7f507234957d684d47b

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=86400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
c1-shared-15.cdn.office.net
c1h-excel-15.cdn.office.net
fs.microsoft.com
js.live.net
knowledgeexchangecenter.citi.com
pnl1-excel.officeapps.live.com
reply.transactionservices.citigroup.com
shared.officeapps.live.com
static2.sharepointonline.com
view.officeapps.live.com
104.89.44.168
192.193.56.103
20.189.173.11
23.35.236.56
2620:1ec:a92::171
2a02:26f0:3500:584::4b36
2a02:26f0:fb:5b3::1c24
95.100.153.81
96.16.146.233
01346477df6bab879760395263416b532a5fe56a6141a51122950f15310a2753
041781ce8c0b99d64132ad8a1c81ecc95fe4be596a41550d4a42775b70c62d8b
0a7b50cada46a22c85f15abdb4b0375a9b42b5a88a80d9c01797e2d171691297
1522f5c0f14d035c42540d84ad4d00d92b72240e91784c15c59e12921a1f0d79
178b20b043c8806bb272e5e43d08be8efd01efc3f4a75d9acb2a005b89569274
1b899309ef2abd419046a36e64d16330bb20219b15310f32c16385901677a941
2675391eb0e9252504bdca10c5329d5a5ef6b0a6ace1d6c3b698d5f49830fb7b
287419d6f39333ae03836b9826f34a640b8d337cff7023648dd684d49c328788
2f95cddc41d79343acd4194569538eb07ae5bdd1ec90469253f41ee5db530b67
30613070b55878634fd37bf74f87d7f8b386f84dd691c0d3d172ef3bb9e676e3
37538e7de4196dfc7c6df57e80714a740beb5ea93de8e0b871ea0efdf8b86ae5
3f0f44be588da32fac9700ab88809efe6a823419dcd07651d46763444fd7927d
3f9bf10fb926a2166ed5d56d2e5304084846f4e186cdaa290be0c2e7180d71a6
426bca6a87cb10d036c97277c23d093384a518ccf24fa394874ae5858b138fca
43c5939cb732d8aa2d20fce97f359f46b7c3b937e60ed576b752ae0a2e73314f
44ba97a5b99c8b077850716bc4bcd079c864efd9942a722cf1580120941d32bc
46689198526f176cb3bb2881be2e8f1273be7293fea0625f2c3bfa2058c9b422
47d6dbdb766bd7ea675f68a5ce5a22654554001efc7007a0b8c484069d9e2638
494e1b184287d0f40af04e187be00920cc4da794512eb3b5ad3ce9557331d990
4cf8218f108919a77c88fd391bf81038f0f638fc8f5c71d74d5ba3731b43b222
51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d
56589bdc512896af904d9189a3e0d877babba9ebbaa1089ce60455f3c7b39bfd
565be41b015066abca0a932cfb8748da75952ace8741964a4db6250947db1d95
573a520b8e533bd91b5a18917aec41525c0cdaec982d71ee5ca1d48915b732e6
59907d235249104f28b2bb48afe9f2d040db51a4fec78b180f075f9d576930e1
5b40665a9c6eda7ee5b01320fae0bc3bda499e8df67c518193f944683dc70c79
5bb28cd20854e0ba9d904ced365a862600b406705ea7624f4ed63fd1834c3971
62a2b682abd217aca12fd40fd601121ee6ce5b129cd33bbe45e4b099f50a464b
6388ca321dff4422c6fe67e62be0147e0a8a6f0db0ac2d029bfdf6e6a2e111a9
65416ac06b1ffbe41da7acb1d18ebc46fc173154dcd6360fe9d76e9a47e26cfe
667573d826503728ad2032d72d77ac53f30980c1b45eaf6d471f5f74cb404a5d
66c6b19e56a3a283448cfa65e8c47dbc8ac0a83050bb9029f82ed18c4409e1b2
690cb3a759f38390a8c051cd9fd5456c7b0f00bf7867c50e644b42dae08f5c69
6952ecc738a348d6e660eb8e1e630768f7bae02b3f2c67fba59a198011279fc4
6f4795e494ce546c12961cfd050fba1754d41af687b1b3eda0ae5ddadbcd2496
70aa6280532002357186121cdac4f4ee50ae993a50ad785c98015377b1635474
71db271d6f1b7c6ce680bc9f82305af2620f0d36a410a229810e8cd958dda084
7216e90bf11194cd3f8f2e16fe710643a23dbde85afbd3ffb69c4758296f0dbd
77dd1463fe34be51528c6535c5aaf5590ee90bbd3b76ae8e362657c45e9f90fd
79b48a07e8b202282bd8ec6ab7aac909eaa359da349fe822fac69e1f6e2991ec
7b389747818635bca6fe76f5e3226eda36af53d8f27526796bc975ebd440a395
7c6d649b4bd3600f63159379d689bf8262032e452c538141524759b927351099
883922a710e857e94b35fd6748792782280a859e154e4db2e4c0b4876dfa61ae
9089dc0e3ba90c7788eb46e1dccb635f171be505d82eb14d51c4f28e23c9cbeb
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
917a78f3526e25ea4ef42fa738171bce7b23ac2800f268bbe58efb71fbb96716
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
9ed430239083767d16222c4b27d32027601f1cf9f7b73eaf33e6f8c110f77aa6
9f69ba07636ff0e7163cd7fdb8461f66e97da9ad1574964bdb561de16a2cc106
a02fe65adaa8b43ddba0c73f307e47f0eae25f656a4c6bfde17e8ee4620469a0
a0e223dd25fd339f531265ca34d220a35695698ad6da6dbb1f7549d77fadae45
a3596c17dad9a003d0bfbe0b7ba6765f51391b5c3943660316f01c8e77b323db
acd703167e20e87104aed1684591ee576e9a757227bf56314c604c402f2a1879
b6a2dad9ce99d887707f27c547081c333b8f7cf7060be8fbd022432e24190c13
b7677b8e831169b2d9a73db05d5c48dfa04c3e378186b72de06afe930e22378d
b8ccf114f26d24f647ad1632545640b4f1132446ed3bce03d0deeecdd1e6afed
bd9c0658800d6631ccffa561846c8b1bb154d078b9ea294e1863b2514fbab5d9
be0b7a9d029c63b2cd2e47feb3c3bc73b7d42a7d262a0dacec1140384040a6c4
c3a85ed0debdf4f7f89f5db9793b5a5bde11a015e1cd8f3b39b5bab0a5c91a7a
c6a5a24a84053920739287943102f9c36c83d2752a1b9ab865f45fb51939cdc9
d1ee859b3174e2dc684e37aeddd2e853deaebfa5960d6f8063d5150930c1ed05
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d6053e8e13c8893d5854353fb20341015d1999e5b65c302a2989c56aa7d4b13f
d7b7c5d0f8128dd080f11be477fd85bee501703d5d7509a59af134bf9b6734bc
d8326bb4760631a8487732482af651a31c4d630a4a86a5c34e1bb44cce542e02
d913100e577674e0f4bb919b11f5bdeca704edd6f21cbd8ef7e7c068b2a97735
db562f4413bbf78204fa35365321c03d9ce969b395dc1472981d0723fb6344d3
de22a718193afd79f32dc74b5d65bbe699ae997b9298a6b6c47989b49cb364f5
def6f7343b3fa79427426a51dbf484dc713fb9cc6d2813316303c73f05f29b3a
e0fe1935583f3697e4ca291aabf888752f256b13628df4e15e9b1aaf037575bd
e19411adf787905ee501436ea2170fe4b57e1467173679fa7098bf45bb389a2b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e440b2a1e99bced88df2b0d08d8b97afa2d02b63c8a1207bb51b59348656277e
e4892bd2dc60ce9cddb25c4aa16fd83880c2a8e7f985653c30269d30cff567f0
e57f3c5c863fd2c0e73459ad4aa2176a5f6ffb910be2752bc2c734d87016a9b8
e9e9a67395a0d83b584208a19b95af203df8e8e6c6952fe76c690d60ea9381c7
eb0ab622969875cccbaa658809cc6df6bfd73846f9c6c5e80774936cbc52845c
f11943dd981144b3d60b72d1a4783ee53a79bec2bd97076c9219cd0d6b397e05
f327a0ba3e41b1e8154e1c18fc114baff0bd057151e3afe7fa6f33cc0cb18296
f987e2d9828ead776cb236e3efa082920c6605fd4bc3676bc93447ef677657c2
fce57a18ec005b472b60b83afe165d212ff4f6829c791fff41bca8e3cb3f27e3
fd87e1ab9a098c20ccbfe295d6540b50acf4b03093411f86c25c91cbf1b30269

knowledgeexchangecenter.citi.com Open in urlscan Pro 95.100.153.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

86 Requests

99 %HTTPS

33 %IPv6

7 Domains

11 Subdomains

9 IPs

2 Countries

5469 kBTransfer

22906 kBSize

7 Cookies

6 Outgoing links

Page URL History

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

knowledgeexchangecenter.citi.com Open in urlscan Pro
95.100.153.81 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

99 %
HTTPS

33 %
IPv6

7
Domains

11
Subdomains

9
IPs

2
Countries

5469 kB
Transfer

22906 kB
Size

7
Cookies

86 HTTP transactions
2 data transactions