www.virtualflashbank.com.br Open in urlscan Pro
142.250.178.19 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.virtualflashbank.com.br/
Submission: On September 15 via automatic, source certstream-suspicious (September 15th 2021, 12:54:48 pm UTC) — Scanned from DE

Summary HTTP 101 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 11 domains to perform 101 HTTP transactions. The main IP is 142.250.178.19, located in United States and belongs to GOOGLE, US. The main domain is www.virtualflashbank.com.br.
TLS certificate: Issued by GTS CA 1D4 on July 20th 2021. Valid for: 3 months.

This is the only time www.virtualflashbank.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	142.250.178.19 142.250.178.19	15169 (GOOGLE) (GOOGLE)
3	172.217.16.234 172.217.16.234	15169 (GOOGLE) (GOOGLE)
12	172.217.169.3 172.217.169.3	15169 (GOOGLE) (GOOGLE)
7	142.250.200.46 142.250.200.46	15169 (GOOGLE) (GOOGLE)
1	142.250.180.8 142.250.180.8	15169 (GOOGLE) (GOOGLE)
18	172.217.16.225 172.217.16.225	15169 (GOOGLE) (GOOGLE)
1	216.58.213.14 216.58.213.14	15169 (GOOGLE) (GOOGLE)
1	13.107.42.13 13.107.42.13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	184.25.50.67 184.25.50.67	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	13.107.6.171 13.107.6.171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
25	184.30.20.217 184.30.20.217	16625 (AKAMAI-AS) (AKAMAI-AS)
2	184.30.20.56 184.30.20.56	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.109.88.44 52.109.88.44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
101	14

3 142.250.178.19 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f19.1e100.net

www.virtualflashbank.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.234 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s28-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.169.3 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s26-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.200.46 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s30-in-f14.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.180.8 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s32-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.217.16.225 (United States)

ASN15169 (GOOGLE, US)
PTR: mad08s04-in-f1.1e100.net

lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.213.14 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s25-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 184.25.50.67 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-25-50-67.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.107.6.171 (Redmond, United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

excel.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 184.30.20.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-217.deploy.static.akamaitechnologies.com

c1h-excel-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.20.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-56.deploy.static.akamaitechnologies.com

fs.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.109.88.44 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mrodevicemgr.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	office.net c1h-excel-15.cdn.office.net	1 MB
18	googleusercontent.com lh4.googleusercontent.com lh5.googleusercontent.com lh3.googleusercontent.com lh6.googleusercontent.com	3 MB
12	gstatic.com www.gstatic.com fonts.gstatic.com	726 KB
9	live.com onedrive.live.com Failed excel.officeapps.live.com mrodevicemgr.officeapps.live.com	179 KB
7	akamaihd.net spoprod-a.akamaihd.net	300 KB
7	google.com apis.google.com	152 KB
3	googleapis.com fonts.googleapis.com	4 KB
3	virtualflashbank.com.br www.virtualflashbank.com.br	17 KB
2	microsoft.com fs.microsoft.com	1 MB
1	google-analytics.com www.google-analytics.com	368 B
1	googletagmanager.com www.googletagmanager.com	51 KB
101	11

	Domain	Requested by
25	c1h-excel-15.cdn.office.net	excel.officeapps.live.com c1h-excel-15.cdn.office.net
7	spoprod-a.akamaihd.net	onedrive.live.com
7	apis.google.com	www.virtualflashbank.com.br apis.google.com www.gstatic.com
7	www.gstatic.com	www.virtualflashbank.com.br www.gstatic.com
6	excel.officeapps.live.com	c1h-excel-15.cdn.office.net excel.officeapps.live.com
6	lh3.googleusercontent.com	www.virtualflashbank.com.br
5	fonts.gstatic.com	fonts.googleapis.com
5	lh5.googleusercontent.com	www.virtualflashbank.com.br
4	lh4.googleusercontent.com	www.virtualflashbank.com.br
3	lh6.googleusercontent.com	www.virtualflashbank.com.br
3	fonts.googleapis.com	www.virtualflashbank.com.br
3	www.virtualflashbank.com.br	www.gstatic.com
2	mrodevicemgr.officeapps.live.com	c1h-excel-15.cdn.office.net
2	fs.microsoft.com	excel.officeapps.live.com
1	onedrive.live.com	www.gstatic.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.virtualflashbank.com.br
101	17

This site contains links to these domains. Also see Links.

Domain
www.google.com
docs.google.com

Subject Issuer	Validity	Valid
www.virtualflashbank.com.br GTS CA 1D4	`2021-07-20` - `2021-10-19`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
onedrive.com Microsoft RSA TLS CA 01	`2021-08-13` - `2022-08-13`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
officeapps.live.com DigiCert Cloud Services CA-1	`2021-04-30` - `2022-04-29`	a year	crt.sh
*.cdn.office.net Microsoft RSA TLS CA 02	`2021-01-26` - `2022-01-26`	a year	crt.sh
officecdn.microsoft.com Microsoft RSA TLS CA 01	`2021-05-14` - `2022-05-14`	a year	crt.sh
mrodevicemgr.officeapps.live.com Microsoft RSA TLS CA 02	`2020-10-02` - `2021-10-02`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.virtualflashbank.com.br/
Frame ID: E986168A58573467C40CA3990100A209
Requests: 39 HTTP requests in this frame

Frame: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__&r=2114067
Frame ID: BCB79FFFF29D951524D5E861B3BCF8FB
Requests: 6 HTTP requests in this frame

Frame: https://onedrive.live.com/embed?cid=EB18BC484CC1B53C&resid=EB18BC484CC1B53C%21133&authkey=ALYv7sEPA2M5DYQ&em=2
Frame ID: F23A1C655F995DCD9A8FAB69B2D13478
Requests: 1 HTTP requests in this frame

Frame: https://onedrive.live.com/embed?cid=EB18BC484CC1B53C&resid=EB18BC484CC1B53C%21133&authkey=ALYv7sEPA2M5DYQ&em=2
Frame ID: BEFF0423FD60DC11F56E75BBD4C0F0DA
Requests: 8 HTTP requests in this frame

Frame: https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=uOih/Exul0eVy0u3CqlTjQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEB18BC484CC1B53C%21133&sc=host%3D%26qt%3DFolders%26pt%3Dem
Frame ID: 08CCBA5C5D2CF6D6FAE0BE41948F7B7B
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Virtual Flashbank

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

101
Requests

87 %
HTTPS

0 %
IPv6

11
Domains

17
Subdomains

14
IPs

3
Countries

7519 kB
Transfer

17126 kB
Size

7
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/url?q=https%3A%2F%2Fweb.whatsapp.com%2Fsend%3Fphone%3D%2B13104277669&sa=D&sntz=1&usg=AFQjCNG5Gua2uk5lFDoBWrv9TwZ-u6wIog
Title: Envie sua mensagem para nosso WhatsApp

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Fsites.google.com%2Fview%2Fvirtualflashbank-corporativo%2Fp%25C3%25A1gina-inicial%3Fauthuser%3D0&sa=D&sntz=1&usg=AFQjCNGZ__3itazK6Jit1P5gtfjjCCmSdg

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Fstartupbase.com.br%2Fc%2Fstartup%2Fvirtual-flashbank%3Futm_source%3Dwebsite%26utm_medium%3Dshortlink%26utm_campaign%3Dstartup&sa=D&sntz=1&usg=AFQjCNFPAfX0unBAktPyj3Offl2m4mvOLQ

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fvirtual-flashbank%2F&sa=D&sntz=1&usg=AFQjCNF6ZgSJvBO6kxg85dl_s2JE9AB6Fw

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Ftwitter.com%2FVFlashbank&sa=D&sntz=1&usg=AFQjCNFkhhzaXnDxNFiSQNMtSnJMOmq4Qg

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Fwww.facebook.com%2Fvirtualflashbank%2F&sa=D&sntz=1&usg=AFQjCNEaxuxOIloVl-zTEwBxfsvBblXYzg

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Fweb.whatsapp.com%2Fsend%3Fphone%3D%2B3104277669&sa=D&sntz=1&usg=AFQjCNHINC6YT8TcFxLMVn7tXaaWFJ1_fw

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Fwww.instagram.com%2Fvirtual_flashbank%2F&sa=D&sntz=1&usg=AFQjCNGHtDvMJOpd6UBbOlZHmTz7y1LhDA

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Ft.me%2Fvirtualflashcoin&sa=D&sntz=1&usg=AFQjCNGu3GlxQ6MPqrp0R0bKJLDn9XMsSA

Search URL Search Domain Scan URL

URL: https://docs.google.com/forms/d/1vztWL7rxAXfrqL82XJZcJpSokXYYpamxqtc6bse72Q8/edit
Title: Relatar Erro

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

101 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.virtualflashbank.com.br/ 99 KB
17 KB 1037ms
406ms Document
text/html 142.250.178.19
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.virtualflashbank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.19 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f19.1e100.net

Software

ESF /

Resource Hash

31b61fee8898b93e50594aa0dcf38983737c9c0eaaee235abac7598bf100a1c0

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-QLW6920J5PWm33OMckss5g' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.virtualflashbank.com.br
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 15 Sep 2021 12:54:42 GMT
content-security-policy: base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-QLW6920J5PWm33OMckss5g' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
referrer-policy: strict-origin-when-cross-origin
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
content-encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 78ms
28ms Stylesheet
text/css 172.217.16.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair%20Display%3A400%2C700%2C900%7COpen%20Sans%3A400%2C400italic%2C600%2C600italic%2C700%2C700italic&display=swap

Requested by

Host: www.virtualflashbank.com.br
URL: https://www.virtualflashbank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s28-in-f10.1e100.net

Software

ESF /

Resource Hash

40067c299d098645b0b5b87fb545ec1bbc30743b5913fa0bf94f4f7efb9a6b26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 12:29:39 GMT
server: ESF
date: Wed, 15 Sep 2021 12:54:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Sep 2021 12:54:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 79ms
29ms Stylesheet
text/css 172.217.16.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Requested by

Host: www.virtualflashbank.com.br
URL: https://www.virtualflashbank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s28-in-f10.1e100.net

Software

ESF /

Resource Hash

a5f9f4ed754689a52bc6862006b524ef8b3f4b12a1c96c663abed1c6a7c8706f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 11:09:43 GMT
server: ESF
date: Wed, 15 Sep 2021 12:54:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Sep 2021 12:54:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 78ms
28ms Stylesheet
text/css 172.217.16.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair%20Display%3Ai%2Cbi%2C700%2C400%7COpen%20Sans%3Ai%2Cbi%2C700%2C400&display=swap

Requested by

Host: www.virtualflashbank.com.br
URL: https://www.virtualflashbank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s28-in-f10.1e100.net

Software

ESF /

Resource Hash

0f6d85287c1652ddfc7d69651f6d686f39267189f2780f09cec5591294678496

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 12:54:42 GMT
server: ESF
date: Wed, 15 Sep 2021 12:54:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Sep 2021 12:54:42 GMT

GET
H2 200 rs=AGEqA5klqTmgcJNBdFBSM6AWCJWO2-MfYQ
www.gstatic.com/_/atari/_/ss/k=atari.vw.0NS-eSEBOAI.L.W.O/d=1/ 541 KB
83 KB 71ms
21ms Stylesheet
text/css 172.217.169.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/ss/k=atari.vw.0NS-eSEBOAI.L.W.O/d=1/rs=AGEqA5klqTmgcJNBdFBSM6AWCJWO2-MfYQ

Requested by

Host: www.virtualflashbank.com.br
URL: https://www.virtualflashbank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.169.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s26-in-f3.1e100.net

Software

sffe /

Resource Hash

234af629e87d3c97a29b183b0df4b4ddc07b1042bb1f9c58f6beaf11a841ce4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:26:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1693
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84414
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 12:39:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Thu, 15 Sep 2022 12:26:29 GMT

GET
H2 200 client.js Show response
apis.google.com/js/ 12 KB
6 KB 98ms
49ms Script
application/javascript 142.250.200.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js?onload=gapiLoaded

Requested by

Host: www.virtualflashbank.com.br
URL: https://www.virtualflashbank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.200.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f14.1e100.net

Software

ESF /

Resource Hash

a5068f26e4af20a65d9bd96e6176f31bf694c6548f39d11c01b698f4f9c43629

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RGTAsGpnr5cFs2jhB3t1kQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "45bd0320917d523c0a478d2210fea582"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-RGTAsGpnr5cFs2jhB3t1kQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Wed, 15 Sep 2021 12:54:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 129 KB
51 KB 96ms
47ms Script
application/javascript 142.250.180.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LP7V47TY5L

Requested by

Host: www.virtualflashbank.com.br
URL: https://www.virtualflashbank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s32-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0e69178cd36b09c72863a8ac7960f78fbba75476e7941e1b363497c83c612c56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:54:42 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51704
x-xss-protection: 0
expires: Wed, 15 Sep 2021 12:54:42 GMT

GET
H2 200 VVTM0Wqq32LoPH3Rl3kEbVkTzkTpbTN_RrmQHHYjRa5siSi0rgkbTWlcZimb_z2J9YiZjxInSZ2mt6b3etHjQLs=w16383
lh4.googleusercontent.com/ 224 KB
224 KB 559ms
506ms Image
image/png 172.217.16.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/VVTM0Wqq32LoPH3Rl3kEbVkTzkTpbTN_RrmQHHYjRa5siSi0rgkbTWlcZimb_z2J9YiZjxInSZ2mt6b3etHjQLs=w16383

Requested by

Host: www.virtualflashbank.com.br
URL: https://www.virtualflashbank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad08s04-in-f1.1e100.net

Software

fife /

Resource Hash

d62f80ea1bb9475072fd29f1bba38fdfd3e3e546a9e7ce3dc930ce1beea22ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:54:43 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="virtual Flashbank.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229501
x-xss-protection: 0
expires: Thu, 16 Sep 2021 12:54:43 GMT

GET
H2 200 j3EWGfOq3XUbE2vPO1yCx8kC1lrYgvtOt2ZHVx4NTutD9soNFz-5MeDrx7jeXhUM5c9vdLhcbLTgkzIUjDhMT2ZDETHxcKyxuzI7frkXVtyhgaB8FEmbklAJ4I7xwFRziA=w1280
lh5.googleusercontent.com/ 65 KB
65 KB 471ms
417ms Image
image/jpeg 172.217.16.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/j3EWGfOq3XUbE2vPO1yCx8kC1lrYgvtOt2ZHVx4NTutD9soNFz-5MeDrx7jeXhUM5c9vdLhcbLTgkzIUjDhMT2ZDETHxcKyxuzI7frkXVtyhgaB8FEmbklAJ4I7xwFRziA=w1280

Requested by

Host: www.virtualflashbank.com.br
URL: https://www.virtualflashbank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad08s04-in-f1.1e100.net

Software

fife /

Resource Hash

7898c431b5cc74232cbc8fdd3da2f19e55351b62f46cf41c442e817c2a6562fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:54:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WhatsApp Image 2020-08-31 at 21.18.04.jpeg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66185
x-xss-protection: 0
expires: Thu, 16 Sep 2021 12:54:42 GMT

GET
H2 200 dy_r_l6btl9Yuq8DoLUUYSm3iKKhpGYDvWxRtakd7IPA5U_D6kAcuVkkjptIqfMTPdUlxP7Li05dC5x-hLmz64fw8Bey6jT5AsSsx2zA6YD9M94lIIM3QdYFPpzuFOle-Q=w1280
lh3.googleusercontent.com/ 1 MB
1 MB 917ms
864ms Image
image/png 172.217.16.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/dy_r_l6btl9Yuq8DoLUUYSm3iKKhpGYDvWxRtakd7IPA5U_D6kAcuVkkjptIqfMTPdUlxP7Li05dC5x-hLmz64fw8Bey6jT5AsSsx2zA6YD9M94lIIM3QdYFPpzuFOle-Q=w1280

Requested by

Host: www.virtualflashbank.com.br
URL: https://www.virtualflashbank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad08s04-in-f1.1e100.net

Software

fife /

Resource Hash

5f30fea937e5012438336934792ca1a91a984993e529d469d1e54a5a3cf81f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:54:43 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="o caminho certo para seguir.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1150562
x-xss-protection: 0
expires: Thu, 16 Sep 2021 12:54:43 GMT

GET
H2 200 z3JSPW0I4xx9Fzc3DtiVy01tsImxccJ4Y24S1JX9GGbXyALqAYqDNl1lv86oYyBdsh67W_vDQup5ktEVdXGNAuph0wn-_Qh9GfX9mqcqP9BSYYgqm-K6JlkdtP0MmFMfIw=w1280
lh5.googleusercontent.com/ 145 KB
145 KB 438ms
385ms Image
image/jpeg 172.217.16.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/z3JSPW0I4xx9Fzc3DtiVy01tsImxccJ4Y24S1JX9GGbXyALqAYqDNl1lv86oYyBdsh67W_vDQup5ktEVdXGNAuph0wn-_Qh9GfX9mqcqP9BSYYgqm-K6JlkdtP0MmFMfIw=w1280

Requested by

Host: www.virtualflashbank.com.br
URL: https://www.virtualflashbank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad08s04-in-f1.1e100.net

Software

fife /

Resource Hash

d1ee61247c62cee2c0adebe155c862507672e11dcc970385bf744aecfa0ee6d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:54:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WhatsApp Image 2020-08-31 at 23.03.37.jpeg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148112
x-xss-protection: 0
expires: Thu, 16 Sep 2021 12:54:42 GMT

GET
H2 200 Z2jQZwIxGZenJgmaRL7vMRGZxNr0PvjAyBunJf0QcqXmvHXi6sYylj_q_GPclAuz0cAwwGeQ2Ma_w4new7lPDKCjqTs4oFVEJCuvFo-6flwv7pboz5gHp7LVxF7eX7tqSw=w1280
lh3.googleusercontent.com/ 307 KB
308 KB 559ms
506ms Image
image/png 172.217.16.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Z2jQZwIxGZenJgmaRL7vMRGZxNr0PvjAyBunJf0QcqXmvHXi6sYylj_q_GPclAuz0cAwwGeQ2Ma_w4new7lPDKCjqTs4oFVEJCuvFo-6flwv7pboz5gHp7LVxF7eX7tqSw=w1280

Requested by

Host: www.virtualflashbank.com.br
URL: https://www.virtualflashbank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad08s04-in-f1.1e100.net

Software

fife /

Resource Hash

0ae1cdc4532897095c44378e141df37ad1152638dc81711c61d7a45485ae956e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:54:43 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LgVfb com aurea e brilho.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314829
x-xss-protection: 0
expires: Thu, 16 Sep 2021 12:54:42 GMT

GET
H2 200 rox-XkHxtsZwl3DQrI_YS-OHDqkHyKE7hQt99Bh5yraeofvraHkV8McC5HgKxw1mDdkTYviuuuxQ8iNWhcWQVVTbSIFWcisIUagok7TStPID-x5U4OWMYdMogzP_6IjIIg=w1280
lh3.googleusercontent.com/ 503 KB
503 KB 686ms
633ms Image
image/png 172.217.16.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/rox-XkHxtsZwl3DQrI_YS-OHDqkHyKE7hQt99Bh5yraeofvraHkV8McC5HgKxw1mDdkTYviuuuxQ8iNWhcWQVVTbSIFWcisIUagok7TStPID-x5U4OWMYdMogzP_6IjIIg=w1280

Requested by

Host: www.virtualflashbank.com.br
URL: https://www.virtualflashbank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad08s04-in-f1.1e100.net

Software

fife /

Resource Hash

1c00ef1b57ec30be2abbdb8b0c251e50019d5f1c642b1ddedddcdbdeefef2c5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:54:43 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="MoedaVFB2.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 515022
x-xss-protection: 0
expires: Thu, 16 Sep 2021 12:54:43 GMT

GET
H2 200 HcTk9TZDXSZhI6urGwmS3a4bpuRXkednZUC7BUSboP9nazXRYlN7IqJ3zzj-Kn16-Y60CllQ8IFcM3eN8VHaECEZgDf0bWjeGM1xJoFxFQp011_yl9S1lJ5ocmsuzdFkPA=w1280
lh3.googleusercontent.com/ 10 KB
10 KB 363ms
311ms Image
image/png 172.217.16.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/HcTk9TZDXSZhI6urGwmS3a4bpuRXkednZUC7BUSboP9nazXRYlN7IqJ3zzj-Kn16-Y60CllQ8IFcM3eN8VHaECEZgDf0bWjeGM1xJoFxFQp011_yl9S1lJ5ocmsuzdFkPA=w1280

Requested by

Host: www.virtualflashbank.com.br
URL: https://www.virtualflashbank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad08s04-in-f1.1e100.net

Software

fife /

Resource Hash

36280226a8013e95e9c455414f7277e6655174a12c31a4f831ff4330a42e2d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:54:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10174
x-xss-protection: 0
expires: Thu, 16 Sep 2021 12:54:42 GMT

GET
H2 200 C8FJfXaI6zF_DsYW3r-nyqU-FZpeBy10u9kxSer9ba8VO5IqjyYN4IGdCAqN6vwPMXt8-yNRQb1bt4XGtzS4iU3RAnv3pmpC9Cfld7_F8TIyB9DYIDkxHEZkns_9b_RTLw=w1280
lh4.googleusercontent.com/ 21 KB
21 KB 323ms
272ms Image
image/png 172.217.16.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/C8FJfXaI6zF_DsYW3r-nyqU-FZpeBy10u9kxSer9ba8VO5IqjyYN4IGdCAqN6vwPMXt8-yNRQb1bt4XGtzS4iU3RAnv3pmpC9Cfld7_F8TIyB9DYIDkxHEZkns_9b_RTLw=w1280

Requested by

Host: www.virtualflashbank.com.br
URL: https://www.virtualflashbank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad08s04-in-f1.1e100.net

Software

fife /

Resource Hash

140b4934bb47b72b4bfa956e5583e3343a0670cbd4849a728b805961b040e196

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:54:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="midias-sociais-linkedin-icon.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21333
x-xss-protection: 0
expires: Thu, 16 Sep 2021 12:54:42 GMT

GET
H2 200 LjinO7EwsLh2O5j8CcwW7wZIbIywdLhgZkti09SURASbO_WgBx9IdgEnW31gbM46_DK1LSLPuhKQyjhP92cXXRA=w1280
lh3.googleusercontent.com/ 12 KB
12 KB 483ms
431ms Image
image/png 172.217.16.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/LjinO7EwsLh2O5j8CcwW7wZIbIywdLhgZkti09SURASbO_WgBx9IdgEnW31gbM46_DK1LSLPuhKQyjhP92cXXRA=w1280

Requested by

Host: www.virtualflashbank.com.br
URL: https://www.virtualflashbank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad08s04-in-f1.1e100.net

Software

fife /

Resource Hash

7e7cf127e4e6b4b60a2ad1361666f27c335fa51efdf9b728c2fefd889f544cc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:54:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="5a3a185132ceb1.89894673151375675320812609.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12115
x-xss-protection: 0
expires: Thu, 16 Sep 2021 12:54:42 GMT

GET
H2 200 NT_t_WKXDhehm2ck46xOGgMrryqTJBCepkWMiwrMlMTJdONsGFBIOvEVwjDA0XZYdI6lGz3GunNZK4sTrni9Nsk=w1280
lh4.googleusercontent.com/ 53 KB
54 KB 652ms
647ms Image
image/png 172.217.16.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/NT_t_WKXDhehm2ck46xOGgMrryqTJBCepkWMiwrMlMTJdONsGFBIOvEVwjDA0XZYdI6lGz3GunNZK4sTrni9Nsk=w1280

Requested by

Host: www.virtualflashbank.com.br
URL: https://www.virtualflashbank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad08s04-in-f1.1e100.net

Software

fife /

Resource Hash

182277364b6cca29205b990460ca351561ed63c1fe8df5475d6afb51060d2ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:54:43 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54724
x-xss-protection: 0
expires: Thu, 16 Sep 2021 12:54:43 GMT

GET
H2 200 6s5oJMm1en5pzVqaL2wygBf6pUr8aaMB1-P0IJIL-yFIx4GeGTrO3mBdBCfl_KXuRn4tpy2WusyxRePhIyTXv5gOekFMe_g9B0HJ2la2szQudoqR_WClG_8NyKpXDmo=w1280
lh5.googleusercontent.com/ 70 KB
70 KB 477ms
470ms Image
image/png 172.217.16.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/6s5oJMm1en5pzVqaL2wygBf6pUr8aaMB1-P0IJIL-yFIx4GeGTrO3mBdBCfl_KXuRn4tpy2WusyxRePhIyTXv5gOekFMe_g9B0HJ2la2szQudoqR_WClG_8NyKpXDmo=w1280

Requested by

Host: www.virtualflashbank.com.br
URL: https://www.virtualflashbank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad08s04-in-f1.1e100.net

Software

fife /

Resource Hash

614318d208fc6de594ef2c48cd7fa64c95100734f4d2ef507f8ba6b02ef8c7df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:54:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="logo whats.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71901
x-xss-protection: 0
expires: Thu, 16 Sep 2021 12:54:42 GMT

GET
H2 200 rlVT8tfUU68Uj2VC3pO_uGusO-cN_V7HQI3eFnBUiU3IxnLAEmdiHC3R_QYVi4ek-StGNQQ2GGwZ1JaNJjR5Vtb7HplJx14qDuR3o2DMyQdyB_dIMcebm_VFWspxFqWRqg=w1280
lh5.googleusercontent.com/ 407 KB
407 KB 981ms
975ms Image
image/png 172.217.16.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/rlVT8tfUU68Uj2VC3pO_uGusO-cN_V7HQI3eFnBUiU3IxnLAEmdiHC3R_QYVi4ek-StGNQQ2GGwZ1JaNJjR5Vtb7HplJx14qDuR3o2DMyQdyB_dIMcebm_VFWspxFqWRqg=w1280

Requested by

Host: www.virtualflashbank.com.br
URL: https://www.virtualflashbank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad08s04-in-f1.1e100.net

Software

fife /

Resource Hash

857344b1ebb7ad631dc6ecbc210bea9ae75bc4708b5cda320cb70629b6354166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:54:43 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="instagram-logo-3.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 416866
x-xss-protection: 0
expires: Thu, 16 Sep 2021 12:54:43 GMT

GET
H2 200 Iiln1bGODxuzqBv7vAN_aSxIpgUuAFhaqf3LNvVjg8sAeisOLEnQfPFnH7q43DZ98OAp38nkmqmSpYARZTVWZwU=w1280
lh5.googleusercontent.com/ 22 KB
22 KB 368ms
363ms Image
image/png 172.217.16.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/Iiln1bGODxuzqBv7vAN_aSxIpgUuAFhaqf3LNvVjg8sAeisOLEnQfPFnH7q43DZ98OAp38nkmqmSpYARZTVWZwU=w1280

Requested by

Host: www.virtualflashbank.com.br
URL: https://www.virtualflashbank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad08s04-in-f1.1e100.net

Software

fife /

Resource Hash

75e0477e4353c6463d7e59506d4f273a49dff083ad068adddd01ca3a4c91155a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:54:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22319
x-xss-protection: 0
expires: Thu, 16 Sep 2021 12:54:42 GMT

GET
H2 200 m=view Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.de.08gf8iE04Z0.O/d=1/rs=AGEqA5m2IkdHEP3mUOoCXW6FVNznFijO-A/ 496 KB
167 KB 27ms
26ms Script
text/javascript 172.217.169.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.08gf8iE04Z0.O/d=1/rs=AGEqA5m2IkdHEP3mUOoCXW6FVNznFijO-A/m=view

Requested by

Host: www.virtualflashbank.com.br
URL: https://www.virtualflashbank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.169.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s26-in-f3.1e100.net

Software

sffe /

Resource Hash

8e6f485880a1d8bce177449d4bed20939f52c2fc8fb37ce8662bc01e2ba2b7ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 11:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435473
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 171122
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 12:39:58 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Sep 2022 11:56:49 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/ 313 KB
106 KB 81ms
27ms Script
text/javascript 142.250.200.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f14.1e100.net

Software

sffe /

Resource Hash

b89bb651692e73dc3347c90af5dab24942237d4d5e7475d1e91e707f8fbfec5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 08:03:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108745
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 18:17:31 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 08:03:33 GMT

GET
H3 200 intermediate-frame-minified.html Show response
www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/ Frame BCB7 2 KB
946 B 19ms
18ms Document
text/html 172.217.169.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html

Requested by

Host: www.virtualflashbank.com.br
URL: https://www.virtualflashbank.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.169.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s26-in-f3.1e100.net

Software

sffe /

Resource Hash

3704afefd25c94315efcbcb4513deedbd292002ec51691e6cffe69d2262d7927

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.gstatic.com
:scheme: https
:path: /atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.virtualflashbank.com.br/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 922
date: Sun, 12 Sep 2021 09:17:19 GMT
expires: Mon, 12 Sep 2022 09:17:19 GMT
last-modified: Fri, 10 Sep 2021 12:40:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 272243
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 akABhKdGAzRTBVGdS9aOgaWyF1QXXqKNnUm_yK3QNodIHLXEzbrKrKZQdOdURXTEZ8u9shaKpgcrZWdpveQj_og=w16383
lh6.googleusercontent.com/ 82 KB
82 KB 373ms
367ms Image
image/jpeg 172.217.16.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/akABhKdGAzRTBVGdS9aOgaWyF1QXXqKNnUm_yK3QNodIHLXEzbrKrKZQdOdURXTEZ8u9shaKpgcrZWdpveQj_og=w16383

Requested by

Host: www.virtualflashbank.com.br
URL: https://www.virtualflashbank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad08s04-in-f1.1e100.net

Software

fife /

Resource Hash

f8b35bb0542ea1695f6a5e9e303670ac5eb2aac10e6263f5aad95dbee2e05af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:54:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WhatsApp Image 2020-08-31 at 21.18.04.jpeg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83944
x-xss-protection: 0
expires: Thu, 16 Sep 2021 12:54:42 GMT

GET
H2 200 2kFEPyTk5uuuDlXuQwNVQlaOxa7vcqXEPBb_F2j1K3-oC8f6YrPpPKfGTbzLXhlh4KbKN27VVbnLmGFjD3-qBJQ=w16383
lh6.googleusercontent.com/ 220 KB
220 KB 535ms
528ms Image
image/png 172.217.16.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/2kFEPyTk5uuuDlXuQwNVQlaOxa7vcqXEPBb_F2j1K3-oC8f6YrPpPKfGTbzLXhlh4KbKN27VVbnLmGFjD3-qBJQ=w16383

Requested by

Host: www.virtualflashbank.com.br
URL: https://www.virtualflashbank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad08s04-in-f1.1e100.net

Software

fife /

Resource Hash

d51eb64c46004380ae81100117e7162590f58106bdb536a027a7cdbb0a592d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:54:43 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="layout pagina inicial 04.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225408
x-xss-protection: 0
expires: Thu, 16 Sep 2021 12:54:43 GMT

GET
H2 200 sTQkhQz_kD1b1wr1tEVhvM16gRj1l-uNjSW8FJZG9Xmbc6WmDEGYhJJ5j44Re9oOGFjLWHrftoWOadpi-3J6PqQ=w16383
lh6.googleusercontent.com/ 2 KB
2 KB 354ms
347ms Image
image/jpeg 172.217.16.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/sTQkhQz_kD1b1wr1tEVhvM16gRj1l-uNjSW8FJZG9Xmbc6WmDEGYhJJ5j44Re9oOGFjLWHrftoWOadpi-3J6PqQ=w16383

Requested by

Host: www.virtualflashbank.com.br
URL: https://www.virtualflashbank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad08s04-in-f1.1e100.net

Software

fife /

Resource Hash

176f004492169b4d9e18578f9f051686fd6aa9df4553b592d9826b25df2b2178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:54:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="plain-black-background.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1567
x-xss-protection: 0
expires: Thu, 16 Sep 2021 12:54:42 GMT

GET
H2 200 MrHunSKMdF377ZDbCgZWPITJd6xUIh8JneRK2Mz5wOwZON4cF41GCeTUq3JfhQ_EdGDDfNM9TyhHw2dzIJz_sQ=w16383
lh4.googleusercontent.com/ 2 KB
2 KB 307ms
306ms Image
image/jpeg 172.217.16.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/MrHunSKMdF377ZDbCgZWPITJd6xUIh8JneRK2Mz5wOwZON4cF41GCeTUq3JfhQ_EdGDDfNM9TyhHw2dzIJz_sQ=w16383

Requested by

Host: www.virtualflashbank.com.br
URL: https://www.virtualflashbank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad08s04-in-f1.1e100.net

Software

fife /

Resource Hash

176f004492169b4d9e18578f9f051686fd6aa9df4553b592d9826b25df2b2178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:54:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="plain-black-background.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1567
x-xss-protection: 0
expires: Thu, 16 Sep 2021 12:54:42 GMT

GET
H2 200 mTciWfEa_NGUoIJwVql9951mU_yo5ErqsmKREOmQT16-1pUbXtAAy1ZDHj7s9NhuoFVA88eZUxHJ7hm-ZtN1q24=w16383
lh3.googleusercontent.com/ 2 KB
2 KB 306ms
305ms Image
image/jpeg 172.217.16.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/mTciWfEa_NGUoIJwVql9951mU_yo5ErqsmKREOmQT16-1pUbXtAAy1ZDHj7s9NhuoFVA88eZUxHJ7hm-ZtN1q24=w16383

Requested by

Host: www.virtualflashbank.com.br
URL: https://www.virtualflashbank.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mad08s04-in-f1.1e100.net

Software

fife /

Resource Hash

176f004492169b4d9e18578f9f051686fd6aa9df4553b592d9826b25df2b2178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:54:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="plain-black-background.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1567
x-xss-protection: 0
expires: Thu, 16 Sep 2021 12:54:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 68ms
18ms Font
font/woff2 172.217.169.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.169.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s26-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.virtualflashbank.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 07:49:43 GMT
x-content-type-options: nosniff
age: 450299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Sep 2022 07:49:43 GMT

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v22/ 44 KB
44 KB 103ms
54ms Font
font/woff2 172.217.169.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v22/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair%20Display%3A400%2C700%2C900%7COpen%20Sans%3A400%2C400italic%2C600%2C600italic%2C700%2C700italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.169.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s26-in-f3.1e100.net

Software

sffe /

Resource Hash

62c8f47275e874a210224258f160fdc003caf2d09a24e83f153b901c758509e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.virtualflashbank.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:32:12 GMT
x-content-type-options: nosniff
age: 1350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44876
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 20:29:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Sep 2022 12:32:12 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 83ms
34ms Font
font/woff2 172.217.169.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair%20Display%3A400%2C700%2C900%7COpen%20Sans%3A400%2C400italic%2C600%2C600italic%2C700%2C700italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.169.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s26-in-f3.1e100.net

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.virtualflashbank.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:20:37 GMT
x-content-type-options: nosniff
age: 2045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:34 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Sep 2022 12:20:37 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 14 KB
14 KB 90ms
40ms Font
font/woff2 172.217.169.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair%20Display%3A400%2C700%2C900%7COpen%20Sans%3A400%2C400italic%2C600%2C600italic%2C700%2C700italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.169.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s26-in-f3.1e100.net

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.virtualflashbank.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 02:40:57 GMT
x-content-type-options: nosniff
age: 296025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 02:40:57 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 96ms
47ms Font
font/woff2 172.217.169.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair%20Display%3A400%2C700%2C900%7COpen%20Sans%3A400%2C400italic%2C600%2C600italic%2C700%2C700italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.169.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s26-in-f3.1e100.net

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.virtualflashbank.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:15:21 GMT
x-content-type-options: nosniff
age: 2361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:40 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Sep 2022 12:15:21 GMT

POST
H2 200 logImpressions Show response
www.virtualflashbank.com.br/_/view/ 16 B
199 B 155ms
155ms XHR
application/json 142.250.178.19
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.virtualflashbank.com.br/_/view/logImpressions?authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.08gf8iE04Z0.O/d=1/rs=AGEqA5m2IkdHEP3mUOoCXW6FVNznFijO-A/m=view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.19 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f19.1e100.net

Software

ESF /

Resource Hash

8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
origin: https://www.virtualflashbank.com.br
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
content-length: 2625
:path: /_/view/logImpressions?authuser=0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/x-www-form-urlencoded;charset=UTF-8
accept: */*
cache-control: no-cache
:authority: www.virtualflashbank.com.br
referer: https://www.virtualflashbank.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.virtualflashbank.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 12:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 api.js Show response
apis.google.com/js/ Frame BCB7 12 KB
5 KB 47ms
46ms Script
application/javascript 142.250.200.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js?checkCookie=1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f14.1e100.net

Software

ESF /

Resource Hash

0a36a315a29744c0efd1681460fa333489628a70d3cf47201c3134d7b9829a8a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GuJAJWynsZHllntuMiDNkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "f013b0ee127409a845fc714343fccc45"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-GuJAJWynsZHllntuMiDNkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Wed, 15 Sep 2021 12:54:42 GMT

GET
H3 200 m=MpJwZc,n73qwf,A4UTCb,qAKInc,syu,TGYpv,kbkrpd,X85Uvc,syo,YXyON,sy2c,abQiW,W26a5e,syr,syw,sys,syt,syv,fuVYe,hJUyqe,qEW1W,oNFsLb,KUM7Z,syq,qkPXAf,sy2,sy7,yyxWAc,sy3a,sy3b,sy3c,xQtZb,yf2Bs,sy2d,fNFZH... Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.de.08gf8iE04Z0.O/d=0/rs=AGEqA5m2IkdHEP3mUOoCXW6FVNznFijO-A/ 1 MB
352 KB 20ms
20ms Script
text/javascript 172.217.169.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.08gf8iE04Z0.O/d=0/rs=AGEqA5m2IkdHEP3mUOoCXW6FVNznFijO-A/m=MpJwZc,n73qwf,A4UTCb,qAKInc,syu,TGYpv,kbkrpd,X85Uvc,syo,YXyON,sy2c,abQiW,W26a5e,syr,syw,sys,syt,syv,fuVYe,hJUyqe,qEW1W,oNFsLb,KUM7Z,syq,qkPXAf,sy2,sy7,yyxWAc,sy3a,sy3b,sy3c,xQtZb,yf2Bs,sy2d,fNFZH,Md9ENb,sy11,sy13,sy14,sy12,sym,syn,sy19,sy1b,NlqxW,sy17,sy18,sy1a,sy16,sy1d,sy3,sy15,sy1e,sy1f,sy1h,sy1m,sy1c,sy1l,sy1t,sy1j,sy1g,sy1k,sy1n,sy1r,sy1s,sy10,T807ad,sy1i,ZDEHrf,sy1o,sy1p,sy1q,sy1u,syf,Yr1Pcb,LUQjOd,J9ssyb,SB123c,UubMM,YoEZUb,JKfHhb,DJtOxf,pA2mAb,gypOCd,X4FC5,kYfebb,XMtvld,rrOIJc,ZdZQ6b,Euz7Lc,sAbmxd,sy1w,sy1z,sy20,sy21,sy22,sy23,sy24,UYjpC,vVEdxc,rHjpXd,sy2f,SM1lmd,sy6,sy5,syl,RRzQxe,sy8,sya,sy9,RrXLpc,VYKRW,syy,syx,syz,CG0Qwb,syb,sy2e,syc,cgRV2c,syp,o1L5Wb,X4BaPc,zZvHmd,YV8yqd,RZ9OZ,N0NZx

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.08gf8iE04Z0.O/d=1/rs=AGEqA5m2IkdHEP3mUOoCXW6FVNznFijO-A/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.169.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s26-in-f3.1e100.net

Software

sffe /

Resource Hash

8c70fa95adb2c1a8a23b431f20be651cebc5d0551d3616a741a2e6adf812abe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 14:16:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81473
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360724
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 12:39:58 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 14:16:49 GMT

GET
H3 200 m=sy33,IZT63,SF3gsd,vfuNJf,sy2x,sy30,sy34,O8k1Cd,sy3d,siKnQd,sy2v,sy32,sy36,YNjGDd,sy35,sy37,PrPYRd,xs1Gy,hc6Ubd,o02Jie,SpsfSb,sy2b,sy1v,sy2z,pB6Zqd,zbML3c Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.de.08gf8iE04Z0.O/d=0/rs=AGEqA5m2IkdHEP3mUOoCXW6FVNznFijO-A/ 26 KB
9 KB 27ms
26ms Script
text/javascript 172.217.169.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.08gf8iE04Z0.O/d=0/rs=AGEqA5m2IkdHEP3mUOoCXW6FVNznFijO-A/m=sy33,IZT63,SF3gsd,vfuNJf,sy2x,sy30,sy34,O8k1Cd,sy3d,siKnQd,sy2v,sy32,sy36,YNjGDd,sy35,sy37,PrPYRd,xs1Gy,hc6Ubd,o02Jie,SpsfSb,sy2b,sy1v,sy2z,pB6Zqd,zbML3c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.08gf8iE04Z0.O/d=1/rs=AGEqA5m2IkdHEP3mUOoCXW6FVNznFijO-A/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.169.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s26-in-f3.1e100.net

Software

sffe /

Resource Hash

3684fa3b653767cc310014f7973de48b755bac39f626830167f4ddbc2d529e9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 11:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435473
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9660
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 12:39:58 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Sep 2022 11:56:49 GMT

GET
H3 200 m=Ae65rd,Y9atKf,NTMZac,CuaHnc,sy27,gJzDyc,sy2m,uY3Nvd,syh,syj,HYv29e,mxS5xe Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.de.08gf8iE04Z0.O/d=0/rs=AGEqA5m2IkdHEP3mUOoCXW6FVNznFijO-A/ 22 KB
8 KB 25ms
25ms Script
text/javascript 172.217.169.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.08gf8iE04Z0.O/d=0/rs=AGEqA5m2IkdHEP3mUOoCXW6FVNznFijO-A/m=Ae65rd,Y9atKf,NTMZac,CuaHnc,sy27,gJzDyc,sy2m,uY3Nvd,syh,syj,HYv29e,mxS5xe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.08gf8iE04Z0.O/d=1/rs=AGEqA5m2IkdHEP3mUOoCXW6FVNznFijO-A/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.169.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s26-in-f3.1e100.net

Software

sffe /

Resource Hash

4af371a202e92375ee53dafcd51eeb689781b113fa26162fd8fd8349b346fb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 23:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49828
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8186
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 12:39:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Wed, 14 Sep 2022 23:04:14 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
368 B 84ms
24ms Ping
text/plain 216.58.213.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LP7V47TY5L&gtm=2oe9d0&_p=358163522&sr=1600x1200&ul=en-us&cid=398453107.1631710483&_s=1&dl=https%3A%2F%2Fwww.virtualflashbank.com.br%2F&dt=Virtual%20Flashbank&sid=1631710482&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LP7V47TY5L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.213.14 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr25s25-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.virtualflashbank.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 12:54:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.virtualflashbank.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/ Frame BCB7 44 KB
15 KB 26ms
26ms Script
text/javascript 142.250.200.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f14.1e100.net

Software

sffe /

Resource Hash

90281d2a79b4456665ad97839c22cf8757758b42d621897184ad281f1e2b8164

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 19:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15591
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 18:17:31 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 19:43:44 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/ 214 B
178 B 27ms
26ms Script
text/javascript 142.250.200.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f14.1e100.net

Software

sffe /

Resource Hash

5cebac858ab6a0b08be18bd4c30fcb799e191ea9708279de014effd38f91608b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 10:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 154
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 18:17:31 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Sep 2022 10:00:34 GMT

GET
H3 200 intermediate-frame-minified.html Show response
www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/ Frame BCB7 2 KB
947 B 26ms
25ms Document
text/html 172.217.169.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__&r=2114067

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.08gf8iE04Z0.O/d=1/rs=AGEqA5m2IkdHEP3mUOoCXW6FVNznFijO-A/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.169.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s26-in-f3.1e100.net

Software

sffe /

Resource Hash

3704afefd25c94315efcbcb4513deedbd292002ec51691e6cffe69d2262d7927

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.gstatic.com
:scheme: https
:path: /atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__&r=2114067
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.virtualflashbank.com.br/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.virtualflashbank.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-length: 922
date: Wed, 15 Sep 2021 12:54:42 GMT
expires: Thu, 15 Sep 2022 12:54:42 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Sep 2021 12:31:59 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET embed
onedrive.live.com/ Frame F23A 0
0

GET
H3 200 api.js Show response
apis.google.com/js/ Frame BCB7 12 KB
5 KB 68ms
68ms Script
application/javascript 142.250.200.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js?checkCookie=1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.soliK2B9LKA.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw%2Fm%3D__features__&r=2114067

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f14.1e100.net

Software

ESF /

Resource Hash

0a36a315a29744c0efd1681460fa333489628a70d3cf47201c3134d7b9829a8a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eQ6tSVJkWLzfQ8mufzqJ1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:54:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "f013b0ee127409a845fc714343fccc45"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-eQ6tSVJkWLzfQ8mufzqJ1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Wed, 15 Sep 2021 12:54:42 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s30-in-f14.1e100.net

Software

sffe /

Resource Hash

90281d2a79b4456665ad97839c22cf8757758b42d621897184ad281f1e2b8164

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 19:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15591
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 18:17:31 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 19:43:44 GMT

GET
H2 200 embed Show response
onedrive.live.com/ Frame BEFF 60 KB
21 KB 2367ms
2366ms Document
text/html 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/embed?cid=EB18BC484CC1B53C&resid=EB18BC484CC1B53C%21133&authkey=ALYv7sEPA2M5DYQ&em=2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3a71eaba82e2c908d7e8ad406a8e9703eda3d98494510a89224f49c8f4ed94c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onedrive.live.com
:scheme: https
:path: /embed?cid=EB18BC484CC1B53C&resid=EB18BC484CC1B53C%21133&authkey=ALYv7sEPA2M5DYQ&em=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gstatic.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
set-cookie: E=P:b13X/Ed42Yg=:oV+MSKtbWofbUx4OVFoPMpXXkzm4t0i9WfuHmkzbHFk=:F; domain=.live.com; path=/ xid=4929427c-a97d-4df6-ac1a-639348cdda9e&&RDE42AAC886AA0&303; domain=.live.com; path=/ xidseq=1; domain=.live.com; path=/ LD=; domain=.live.com; expires=Wed, 15-Sep-2021 11:14:42 GMT; path=/ wla42=; domain=live.com; expires=Wed, 22-Sep-2021 12:54:45 GMT; path=/
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-msnserver: RDE42AAC886AA0
x-odwebserver: canadacentral0-odwebpl
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: BF437EB4C2C041B8B97AA920534ABB46 Ref B: PRG01EDGE1018 Ref C: 2021-09-15T12:54:42Z
date: Wed, 15 Sep 2021 12:54:45 GMT

GET
H2 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame BEFF 85 KB
16 KB 49ms
8ms Stylesheet
text/css 184.25.50.67
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=EB18BC484CC1B53C&resid=EB18BC484CC1B53C%21133&authkey=ALYv7sEPA2M5DYQ&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 184.25.50.67 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-25-50-67.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Sep 2021 12:54:45 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53BE6E430
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6f0a1371-501e-0080-4432-fbbe78000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=12093990
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss2-a303a402.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame BEFF 169 KB
30 KB 47ms
7ms Stylesheet
text/css 184.25.50.67
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss2-a303a402.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=EB18BC484CC1B53C&resid=EB18BC484CC1B53C%21133&authkey=ALYv7sEPA2M5DYQ&em=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 184.25.50.67 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-25-50-67.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Sep 2021 12:54:45 GMT
content-encoding: gzip
content-md5: owOkAskXvYo3Ps40fhU7TQ==
content-length: 30548
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53C3A1C6F
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: f5613635-d01e-011d-1258-d9826d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=8334216
x-ms-version: 2009-09-19
timing-allow-origin: *

POST
H2 200 xlembed.aspx Show response
excel.officeapps.live.com/x/_layouts/ Frame 08CC 121 KB
47 KB 435ms
327ms Document
text/html 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=uOih/Exul0eVy0u3CqlTjQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEB18BC484CC1B53C%21133&sc=host%3D%26qt%3DFolders%26pt%3Dem

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c8de4d27bd88ec89ff59429170c29bbb290cbc78993746c61e03b235774b963b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: POST
:authority: excel.officeapps.live.com
:scheme: https
:path: /x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=uOih/Exul0eVy0u3CqlTjQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEB18BC484CC1B53C%21133&sc=host%3D%26qt%3DFolders%26pt%3Dem
content-length: 231
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://onedrive.live.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onedrive.live.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://onedrive.live.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: DcLcid=ui=1031&data=1033; expires=Wed, 15-Dec-2021 13:54:45 GMT; path=/; samesite=none; secure; HttpOnly PNL1-Excel-ARRAffinity=8144e78f63881ef06d667471979243689386158d0962755b1c2580a99e6a73c8;Path=/;Domain=excel.officeapps.live.com; samesite=none; secure
x-correlationid: 5a1d0281-934a-4e7a-b460-a68b9d56b45d
x-usersessionid: 5a1d0281-934a-4e7a-b460-a68b9d56b45d
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF000068D5
x-officeversion: 16.0.14501.31875
x-officecluster: PNL1
x-content-type-options: nosniff
document-policy: js-profiling
cross-origin-resource-policy: cross-origin
x-officefd: AM4PEPF000068A6
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-msedge-ref: Ref A: A1C0A54CF1F7452E9C39C6CA5586DB54 Ref B: VIEEDGE1015 Ref C: 2021-09-15T12:54:45Z
date: Wed, 15 Sep 2021 12:54:45 GMT

GET
H3-Q050 200 jquery-1.7.2-39eeb07e.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame BEFF 92 KB
33 KB 45ms
18ms Script
application/javascript 184.25.50.67
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=EB18BC484CC1B53C&resid=EB18BC484CC1B53C%21133&authkey=ALYv7sEPA2M5DYQ&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 184.25.50.67 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-25-50-67.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Sep 2021 12:54:45 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53DB4CCFD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b00977d2-f01e-0041-18ec-ae35c1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=3669889
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed_s_embed-212fe29f.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame BEFF 483 KB
133 KB 46ms
19ms Script
application/javascript 184.25.50.67
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed_s_embed-212fe29f.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=EB18BC484CC1B53C&resid=EB18BC484CC1B53C%21133&authkey=ALYv7sEPA2M5DYQ&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 184.25.50.67 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-25-50-67.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Sep 2021 12:54:45 GMT
content-encoding: gzip
content-md5: IS/in/g30QB+g7MVI79lXQ==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 135707
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E533D8DD7F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4acc2b98-201e-0043-0a8f-3e373b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=19482425
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed1-0986a9b4.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame BEFF 47 KB
14 KB 8ms
7ms Script
application/javascript 184.25.50.67
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed1-0986a9b4.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=EB18BC484CC1B53C&resid=EB18BC484CC1B53C%21133&authkey=ALYv7sEPA2M5DYQ&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 184.25.50.67 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-25-50-67.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Sep 2021 12:54:45 GMT
content-encoding: gzip
content-md5: CYaptDz18cVXSIKt0vWKWA==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 14119
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5332E9B80
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ea603572-001e-0054-47e3-d5f758000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=7953896
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed2-8c600200.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame BEFF 203 KB
68 KB 9ms
9ms Script
application/javascript 184.25.50.67
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed2-8c600200.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=EB18BC484CC1B53C&resid=EB18BC484CC1B53C%21133&authkey=ALYv7sEPA2M5DYQ&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 184.25.50.67 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-25-50-67.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Sep 2021 12:54:45 GMT
content-encoding: gzip
content-md5: jGACACXYYkvx7qKc5FskXg==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 69276
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5337DDB83
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 449c47a3-c01e-000d-37a6-eaf2de000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=10236926
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

GET
H3-Q050 200 embed0-54f3ec81.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame BEFF 15 KB
6 KB 10ms
10ms Script
application/javascript 184.25.50.67
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed0-54f3ec81.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=EB18BC484CC1B53C&resid=EB18BC484CC1B53C%21133&authkey=ALYv7sEPA2M5DYQ&em=2
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 184.25.50.67 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-25-50-67.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Sep 2021 12:54:45 GMT
content-encoding: gzip
content-md5: VPPsgWGZk5RDzVgXZtU7Yg==
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 6057
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:53:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E532CDCC12
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: dda5c441-801e-0105-09a7-37aff8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=18746624
x-ms-version: 2009-09-19
timing-allow-origin: *
quic-version: Q050

POST
H2 200 logImpressions Show response
www.virtualflashbank.com.br/_/view/ 16 B
114 B 177ms
177ms XHR
application/json 142.250.178.19
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.virtualflashbank.com.br/_/view/logImpressions?authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.08gf8iE04Z0.O/d=1/rs=AGEqA5m2IkdHEP3mUOoCXW6FVNznFijO-A/m=view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.19 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f19.1e100.net

Software

ESF /

Resource Hash

8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
origin: https://www.virtualflashbank.com.br
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: _ga_LP7V47TY5L=GS1.1.1631710482.1.0.1631710482.0; _ga=GA1.1.398453107.1631710483
content-length: 11436
:path: /_/view/logImpressions?authuser=0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/x-www-form-urlencoded;charset=UTF-8
accept: */*
cache-control: no-cache
:authority: www.virtualflashbank.com.br
referer: https://www.virtualflashbank.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.virtualflashbank.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 12:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Aacorlib.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/ Frame 08CC 76 KB
19 KB 121ms
59ms Script
application/javascript 184.30.20.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js

Requested by

Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=uOih/Exul0eVy0u3CqlTjQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEB18BC484CC1B53C%21133&sc=host%3D%26qt%3DFolders%26pt%3Dem

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

3f0015967cfdc00b10ed549580bcfcd6e1ab5aaf057df55855e891ea237fd255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "23f622e893a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF00006932
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 19067
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 03 Sep 2021 07:18:34 GMT
x-officefd: AM4PEPF000068C0
x-msedge-ref: Ref A: C1A6965DD85643BF86BB19158F78402B Ref B: AM3EDGE0218 Ref C: 2021-09-12T17:43:09Z
x-usersessionid: 83345ac9-5beb-4845-897e-d7e38ef2e00a
date: Wed, 15 Sep 2021 12:54:45 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 83345ac9-5beb-4845-897e-d7e38ef2e00a
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.js Show response
c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/ Frame 08CC 3 MB
663 KB 125ms
63ms Script
application/javascript 184.30.20.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

1d8cb55fdcca003c04dd491dfc92a6314672281ccd0568c0826060a0390f7905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "61792682a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF00006915
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 676424
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Fri, 03 Sep 2021 05:11:28 GMT
x-officefd: AM4PEPF0001041F
x-msedge-ref: Ref A: 00A836BC60C144A6AFAB92700056200B Ref B: AMS04EDGE2311 Ref C: 2021-09-11T06:01:13Z
x-usersessionid: 34353340-f5d1-471d-972a-97be7e207b9e
date: Wed, 15 Sep 2021 12:54:45 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 34353340-f5d1-471d-972a-97be7e207b9e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.Strings.Wac.js Show response
c1h-excel-15.cdn.office.net/x/s/h145DA2F97A4E3EFE__layouts/App_Scripts/1031/ Frame 08CC 99 KB
26 KB 132ms
70ms Script
application/javascript 184.30.20.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h145DA2F97A4E3EFE__layouts/App_Scripts/1031/Ewa.Strings.Wac.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

145da2f97a4e3efe0e2c44d956760d91f34bf967d01872bb06292d086a30e7c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "c39ce2c498a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF000068DF
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control,2pfz=afd_wordcapacity_4
content-length: 25444
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control,afd_wordcapacity_4
last-modified: Fri, 03 Sep 2021 07:53:22 GMT
x-officefd: AM4PEPF0001041E
x-msedge-ref: Ref A: 740587051491421AA087B80FD82AFA12 Ref B: AMS04EDGE1709 Ref C: 2021-09-11T16:09:17Z
x-usersessionid: d2051970-8935-4336-b9ac-21ffcd206f5c
date: Wed, 15 Sep 2021 12:54:45 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: d2051970-8935-4336-b9ac-21ffcd206f5c
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gridRenderer.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hC5F5AD6CDEF87C78__layouts/App_Scripts/ Frame 08CC 516 KB
105 KB 135ms
73ms Script
application/javascript 184.30.20.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hC5F5AD6CDEF87C78__layouts/App_Scripts/gridRenderer.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

c5f5ad6cdef87c780ecfd3794c0d5acd000dbd4815ab80b2f72f3265bdc4e9fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "49ab2b169ea0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF000068E8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3,2pfz=afd_wordcapacity_4_control
content-length: 106055
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3,afd_wordcapacity_4_control
last-modified: Fri, 03 Sep 2021 08:31:26 GMT
x-officefd: AM4PEPF0001041C
x-msedge-ref: Ref A: DBB3D1C9321E410E83F2CE37934AA5E4 Ref B: AMS04EDGE2111 Ref C: 2021-09-11T05:29:35Z
x-usersessionid: b365ab4d-afee-4b47-93e3-73dfedd8c056
date: Wed, 15 Sep 2021 12:54:45 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b365ab4d-afee-4b47-93e3-73dfedd8c056
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 clientManifest.js Show response
c1h-excel-15.cdn.office.net/x/s/161450131875__layouts/Resources/de-DE/ Frame 08CC 110 KB
38 KB 142ms
80ms Script
application/javascript 184.30.20.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161450131875__layouts/Resources/de-DE/clientManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

6aeced2043d9a095ca4580efeef8af09e7942353fbadfa3191f5c4dbf53120b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "da5862ff92a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF00006924
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 38339
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 03 Sep 2021 07:12:04 GMT
x-officefd: AM4PEPF000068B2
x-msedge-ref: Ref A: 7AEC81B5729A4304BDF1BD87EEDE314A Ref B: AM3EDGE1007 Ref C: 2021-09-11T16:09:17Z
x-usersessionid: b9f5dd23-a891-4bb4-b365-3200ab3e5af0
date: Wed, 15 Sep 2021 12:54:45 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b9f5dd23-a891-4bb4-b365-3200ab3e5af0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 richTextEditor.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h426CD95DF4577DD8__layouts/App_Scripts/ Frame 08CC 282 KB
58 KB 136ms
75ms Script
application/javascript 184.30.20.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h426CD95DF4577DD8__layouts/App_Scripts/richTextEditor.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

426cd95df4577dd867ece754474b1de96ce020b734f27ce35c47cac7165d0b7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "22c6921893a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF00006922
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 58102
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
last-modified: Fri, 03 Sep 2021 07:12:46 GMT
x-officefd: AM4PEPF000068AE
x-msedge-ref: Ref A: E5F34E18873B4CEBAA23B86DE8C99448 Ref B: AMS04EDGE2319 Ref C: 2021-09-13T05:47:41Z
x-usersessionid: fe0ca853-4073-4859-b464-a585bc36cba1
date: Wed, 15 Sep 2021 12:54:45 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: fe0ca853-4073-4859-b464-a585bc36cba1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwrDefault.css
c1h-excel-15.cdn.office.net/x/s/h1649ECF36F462942__layouts/Resources/1031/ Frame 08CC 128 KB
20 KB 91ms
29ms Stylesheet
text/css 184.30.20.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h1649ECF36F462942__layouts/Resources/1031/EwrDefault.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

1649ecf36f462942fd217553d73feedd25ab8824af7b2219ad4d947a2913778f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "3e341cc898a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF000068D6
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 19264
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
last-modified: Fri, 03 Sep 2021 07:53:28 GMT
x-officefd: AM4PEPF0000689E
x-msedge-ref: Ref A: 8FFBB7AC4C85447987984230587F2CC2 Ref B: AMS04EDGE1519 Ref C: 2021-09-05T06:22:28Z
x-usersessionid: e63c0781-be19-4b3c-99e3-07c43e33c3bb
date: Wed, 15 Sep 2021 12:54:45 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: e63c0781-be19-4b3c-99e3-07c43e33c3bb
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excelframe.css
c1h-excel-15.cdn.office.net/x/s/hE6BADC2A49867D22__layouts/Resources/1031/ Frame 08CC 64 KB
11 KB 114ms
52ms Stylesheet
text/css 184.30.20.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hE6BADC2A49867D22__layouts/Resources/1031/excelframe.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

e6badc2a49867d2223c9a45d6cbcdfd79f9d8f3b2e8520e517eea76a8b8c44aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "8212dcc698a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF000068DF
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 10153
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wordcapacity,afd_powerpointslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 03 Sep 2021 07:53:26 GMT
x-officefd: AM4PEPF0000689E
x-msedge-ref: Ref A: 3A2FBE4C3E2042E38FA9D9131470DF0A Ref B: AM3EDGE0617 Ref C: 2021-09-06T13:02:40Z
x-usersessionid: b5bbef64-0f6b-4710-816f-646f4f6586e6
date: Wed, 15 Sep 2021 12:54:45 GMT
content-type: text/css
access-control-allow-origin: *
x-correlationid: b5bbef64-0f6b-4710-816f-646f4f6586e6
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame 08CC 376 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46689198526f176cb3bb2881be2e8f1273be7293fea0625f2c3bfa2058c9b422

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

POST
H2 200 RemoteTelemetry.ashx Show response
excel.officeapps.live.com/x/_layouts/ Frame 08CC 0
337 B 49ms
49ms XHR
text/plain 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_layouts/RemoteTelemetry.ashx

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=uOih/Exul0eVy0u3CqlTjQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEB18BC484CC1B53C%21133&sc=host%3D%26qt%3DFolders%26pt%3Dem
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF000068AE
x-officeversion: 16.0.14501.31875
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: 49d4e1bf-65ec-4de6-9c15-a5e519eb5cc1
x-officecluster: PNL1
x-usersessionid: 49d4e1bf-65ec-4de6-9c15-a5e519eb5cc1
date: Wed, 15 Sep 2021 12:54:45 GMT
x-download-options: noopen
access-control-allow-origin: https://excel.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 2E801685B9CF4835AAA5BDEE0ED98A03 Ref B: VIEEDGE1015 Ref C: 2021-09-15T12:54:46Z
timing-allow-origin: *
x-officefe: AM4PEPF000068D5

GET
H/1.1 200
OK 36920727911
fs.microsoft.com/fs/4.7/rawguids/ Frame 08CC 1 MB
617 KB 163ms
19ms Font
application/octet-stream 184.30.20.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.microsoft.com/fs/4.7/rawguids/36920727911
Requested by: Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=uOih/Exul0eVy0u3CqlTjQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEB18BC484CC1B53C%21133&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-56.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3750f5d563d062ed8c4e2a0516da3374b8fbcdedee0608e107efd97ded80bcae

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 12:54:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 May 2018 19:13:41 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "ead2803dce3d31:0"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=37785
Transfer-Encoding: chunked
Content-Disposition: attachment; filename=36920727911
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
X-CID: 2

GET
H/1.1 200
OK 44327025345
fs.microsoft.com/fs/4.7/rawguids/ Frame 08CC 1 MB
715 KB 133ms
13ms Font
application/octet-stream 184.30.20.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.microsoft.com/fs/4.7/rawguids/44327025345
Requested by: Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=uOih/Exul0eVy0u3CqlTjQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEB18BC484CC1B53C%21133&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-56.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1522f5c0f14d035c42540d84ad4d00d92b72240e91784c15c59e12921a1f0d79

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 15 Sep 2021 12:54:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 May 2018 19:13:07 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "126af7eedbe3d31:0"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=120281
Transfer-Encoding: chunked
Content-Disposition: attachment; filename=44327025345
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
X-CID: 2

GET
BLOB 200
OK 2ade1622-d787-40c8-b128-b77514090449
https://excel.officeapps.live.com/ Frame 08CC 229 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://excel.officeapps.live.com/2ade1622-d787-40c8-b128-b77514090449
Requested by: Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=uOih/Exul0eVy0u3CqlTjQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEB18BC484CC1B53C%21133&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2820061acdbde09cbfbd98b6a84a4fde4e17b96ef6962d822dd43a4f4084ea2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length: 229
Content-Type: application/javascript

GET
H2 200 Ewa.tmcore.js Show response
c1h-excel-15.cdn.office.net/x/s/h01EF1B08588AB806__layouts/App_Scripts/ Frame 08CC 20 KB
6 KB 141ms
141ms Script
application/javascript 184.30.20.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h01EF1B08588AB806__layouts/App_Scripts/Ewa.tmcore.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

01ef1b08588ab806358bd49de2094fd8b9e1b0b24dd2f04adaed703b56fda4d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "7d97a3e887a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF0000690C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 5837
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
last-modified: Fri, 03 Sep 2021 05:52:41 GMT
x-officefd: AM4PEPF0000689D
x-msedge-ref: Ref A: BFA87F9D4F31497C83DCBCB420747627 Ref B: AM3EDGE0322 Ref C: 2021-09-11T07:37:13Z
x-usersessionid: e251fba8-d236-4185-9805-01d85ba387ea
date: Wed, 15 Sep 2021 12:54:46 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: e251fba8-d236-4185-9805-01d85ba387ea
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ewaembed.png
c1h-excel-15.cdn.office.net/x/s/hDEF6F7343B3FA794__layouts/Resources/ Frame 08CC 4 KB
4 KB 108ms
77ms Image
image/png 184.30.20.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hDEF6F7343B3FA794__layouts/Resources/ewaembed.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

def6f7343b3fa79427426a51dbf484dc713fb9cc6d2813316303c73f05f29b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "56bfeefcbca8d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF0000690F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control,2pfz=afd_wordcapacity_4_control
content-length: 3592
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control,afd_wordcapacity_4_control
last-modified: Mon, 13 Sep 2021 16:32:48 GMT
x-officefd: AM4PEPF0000689E
x-msedge-ref: Ref A: 83EE423DB52E43A295E6BAC00840BB57 Ref B: AM3EDGE0504 Ref C: 2021-09-14T22:35:53Z
x-usersessionid: 13069c12-0c7d-4284-8e8a-3e22d5a07888
date: Wed, 15 Sep 2021 12:54:46 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 13069c12-0c7d-4284-8e8a-3e22d5a07888
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excelembed28.png
c1h-excel-15.cdn.office.net/x/s/h66C6B19E56A3A283__layouts/Resources/ Frame 08CC 458 B
1 KB 161ms
130ms Image
image/png 184.30.20.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h66C6B19E56A3A283__layouts/Resources/excelembed28.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

66c6b19e56a3a283448cfa65e8c47dbc8ac0a83050bb9029f82ed18c4409e1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "fdf03bd88da0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF00006948
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 458
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Fri, 03 Sep 2021 06:35:10 GMT
x-officefd: AM4PEPF000068B2
x-msedge-ref: Ref A: 62FC7C0466374844B33EC58E4CAC0CA9 Ref B: AM3EDGE0712 Ref C: 2021-09-06T12:15:36Z
x-usersessionid: 80da81bc-2c0d-4d5d-933a-c9549d3f7ad5
date: Wed, 15 Sep 2021 12:54:46 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 80da81bc-2c0d-4d5d-933a-c9549d3f7ad5
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excelOnline.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h0F7DCFFF4F0DEBDF__layouts/App_Scripts/ Frame 08CC 8 KB
3 KB 252ms
252ms Script
application/javascript 184.30.20.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h0F7DCFFF4F0DEBDF__layouts/App_Scripts/excelOnline.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

0f7dcfff4f0debdf3f67e3619a58bfc2684e0a301121380f43c0065406e852e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "556e9e628da0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF00006941
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 2499
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Fri, 03 Sep 2021 06:31:53 GMT
x-officefd: AM4PEPF000068AE
x-msedge-ref: Ref A: 5488E84DAD16487381850569B5B1E52A Ref B: AMS04EDGE2319 Ref C: 2021-09-13T05:46:20Z
x-usersessionid: ac1cf1ab-d638-4a9a-89e6-4a0c4d251d5b
date: Wed, 15 Sep 2021 12:54:46 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: ac1cf1ab-d638-4a9a-89e6-4a0c4d251d5b
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 GetChartContent Show response
excel.officeapps.live.com/x/_vti_bin/DynamicGridContent.json/ Frame 08CC 5 KB
3 KB 70ms
70ms XHR
text/xml 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_vti_bin/DynamicGridContent.json/GetChartContent?context=%7B%22WorkbookMetadataParameter%22%3A%7B%22WorkbookMetadataState%22%3A%7B%22MetadataVersion%22%3A0%2C%22ServerEventVersion%22%3A0%7D%7D%2C%22ClientRequestId%22%3A%22bce7d884-a66f-4a02-93e6-eb30cb1f51ea%22%2C%22MakeInstantaneousChange%22%3Afalse%2C%22SessionId%22%3A%2215.AM4PEPF000068D51.A80.1.V25.24997kgRjz%2F1pZNNUJL6iyvrj14.5.de-DE5.en-US23.eb18bc484cc1b53c-Public1.S1.N16.16.0.14501.3187514.5.de-DE5.en-US1.V1.N0.1.S%22%2C%22TransientEditSessionToken%22%3Anull%2C%22PermissionFlags%22%3A98235%2C%22Configurations%22%3A1639184%2C%22CompleteResponseTimeout%22%3A0%2C%22IsWindowHidden%22%3Afalse%2C%22MachineCluster%22%3A%22PNL1%22%2C%22AjaxOptions%22%3A0%2C%22ReturnSheetProcessedData%22%3Afalse%7D&ewaControlId=%22m_excelEmbedRenderer_ctl15_ewaCtl_m_ewa%22&currentObject=%22(VFBB3)%22&namedObjectViewData=%7B%22Mode%22%3A0%2C%22Settings%22%3A0%7D&width=0&height=0&revision=0&colorScheme=null&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

21f635b36caa284819ec8675ef985f5f6d54cec97ecfc55283610eb3e980b0c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacNoAuth: 1
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.14501.31875
X-Key: EBVwXzPTpNlBtADsdLniP7jp96OfBjo5GbNVIAUqo08=,637673072857870704
X-Requested-With: XMLHttpRequest
X-xhr: 1
X-XL-SessionId: 15.AM4PEPF000068D51.A80.1.V25.24997kgRjz/1pZNNUJL6iyvrj14.5.de-DE5.en-US23.eb18bc484cc1b53c-Public1.S1.N16.16.0.14501.3187514.5.de-DE5.en-US1.V1.N0.1.S
haep: 1
X-AccessToken: 4wClXz9GkE6LIT3Z6Q6VnX4BEXjY-bO7gSAQF6cgMKfAeX7QCczqnxiaBLBVDsNa3RQ6q9Ioj-d7T5IiXv3FhGIAn0filDDuBTxlACpYI_Vr94iGVPGyabSLG3SlClMohVYzwO3lM5s-GTMXLczFqFeA
X-UserSessionId: 5a1d0281-934a-4e7a-b460-a68b9d56b45d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json; charset=utf-8
X-CorrelationId: 7ea3ba4c-d3b8-48fb-be46-019b6ff9b998
Referer: https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=uOih/Exul0eVy0u3CqlTjQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEB18BC484CC1B53C%21133&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserType: WOPI
X-AccessTokenTtl: 1633524885180
X-WacCluster: PNL1

Response headers

xlsecsid: AM4PEPF000068D5
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF000068D5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
xlswfecid: 7ea3ba4c-d3b8-48fb-be46-019b6ff9b998
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 2163
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
x-correlationid: 7ea3ba4c-d3b8-48fb-be46-019b6ff9b998
x-officefd: AM4PEPF000068AD
x-usersessionid: 5a1d0281-934a-4e7a-b460-a68b9d56b45d
date: Wed, 15 Sep 2021 12:54:45 GMT
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
cache-control: private, max-age=604800
xlsecscid: 7ea3ba4c-d3b8-48fb-be46-019b6ff9b998
x-msedge-ref: Ref A: 7C494042CB8E49C0AB0E0995428CF9AD Ref B: VIEEDGE1015 Ref C: 2021-09-15T12:54:46Z
timing-allow-origin: *

GET
H2 200 DynamicImageProvider.aspx
excel.officeapps.live.com/x/_layouts/ Frame 08CC 100 KB
101 KB 370ms
370ms Image
image/x-png 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://excel.officeapps.live.com/x/_layouts/DynamicImageProvider.aspx?sid=15%2EAM4PEPF000068D51%2EA80%2E1%2EV25%2E24997kgRjz%2F1pZNNUJL6iyvrj14%2E5%2Ede%2DDE5%2Een%2DUS23%2Eeb18bc484cc1b53c%2DPublic1%2ES1%2EN16%2E16%2E0%2E14501%2E3187514%2E5%2Ede%2DDE5%2Een%2DUS1%2EV1%2EN0%2E1%2ES&sidt=&stid=2&uwid=0&it=Chart&iid=38%2E%7B00000000%2D0008%2D0000%2D0100%2D000002000000%7D&NoAuth=1&WacUserType=WOPI&waccluster=PNL1&iro=0&usid=5a1d0281%2D934a%2D4e7a%2Db460%2Da68b9d56b45d

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

095abd27b0b1bf8700332910ddc5cd82409e38a9c54ffa2b54b9bc31eb7a3745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=uOih/Exul0eVy0u3CqlTjQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEB18BC484CC1B53C%21133&sc=host%3D%26qt%3DFolders%26pt%3Dem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

xlsecsid: AM4PEPF000068D5
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF000068D5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
xlswfecid: 09035dd3-8f15-4133-b10d-08acdafd48f7
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 102637
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid: 09035dd3-8f15-4133-b10d-08acdafd48f7
x-officefd: AM4PEPF0000689F
x-usersessionid: 5a1d0281-934a-4e7a-b460-a68b9d56b45d
date: Wed, 15 Sep 2021 12:54:46 GMT
content-type: Image/x-png; charset=utf-8
cache-control: private, max-age=604800
xlsecscid: 09035dd3-8f15-4133-b10d-08acdafd48f7
x-msedge-ref: Ref A: 70D3B00DD6C7488A9B784A3A51E2C34E Ref B: VIEEDGE1015 Ref C: 2021-09-15T12:54:46Z
timing-allow-origin: *

OPTIONS
H2 200 SDXReleaseDataPackages
mrodevicemgr.officeapps.live.com/mrodevicemgrsvc/api/v1/ Frame 0
0 215ms
30ms Preflight 52.109.88.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mrodevicemgr.officeapps.live.com/mrodevicemgrsvc/api/v1/SDXReleaseDataPackages
Protocol: H2
Server: 52.109.88.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,dmsactivityid,haep,x-accesstoken,x-accesstokenttl,x-key,x-officeversion,x-requested-with,x-usersessionid,x-usertype,x-waccluster,x-xhr
Origin: https://excel.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-allow-headers: content-type,dmsactivityid,haep,x-accesstoken,x-accesstokenttl,x-key,x-officeversion,x-requested-with,x-usersessionid,x-usertype,x-waccluster,x-xhr
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Wed, 15 Sep 2021 12:54:46 GMT
content-length: 0

POST
H2 202 SDXReleaseDataPackages Show response
mrodevicemgr.officeapps.live.com/mrodevicemgrsvc/api/v1/ Frame 08CC 5 KB
5 KB 29ms
29ms XHR
application/json 52.109.88.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mrodevicemgr.officeapps.live.com/mrodevicemgrsvc/api/v1/SDXReleaseDataPackages
Requested by: Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.109.88.44 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d110a2ab2a6885425a2f4c3b6f5dbc4c8173d2247367a3d7445108cddc751ada

Request headers

DMSActivityId: 77078ab9-66f3-469a-84d0-a4bd3cffdb53
haep: 1
X-AccessToken: 4wClXz9GkE6LIT3Z6Q6VnX4BEXjY-bO7gSAQF6cgMKfAeX7QCczqnxiaBLBVDsNa3RQ6q9Ioj-d7T5IiXv3FhGIAn0filDDuBTxlACpYI_Vr94iGVPGyabSLG3SlClMohVYzwO3lM5s-GTMXLczFqFeA
X-UserSessionId: 5a1d0281-934a-4e7a-b460-a68b9d56b45d
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.14501.31875
X-Key: EBVwXzPTpNlBtADsdLniP7jp96OfBjo5GbNVIAUqo08=,637673072857870704
Content-Type: application/json
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://excel.officeapps.live.com/
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1633524885180
X-WacCluster: PNL1

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 12:54:46 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
content-length: 4810
expires: -1

GET
H2 200 otelFull.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h36DA7C3931E03AE2__layouts/App_Scripts/ Frame 08CC 103 KB
28 KB 180ms
179ms Script
application/javascript 184.30.20.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h36DA7C3931E03AE2__layouts/App_Scripts/otelFull.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

36da7c3931e03ae21506b0e7a9a26573e414d4ca7bb659c7c6c8a421a79efb6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "2ba8ac2682a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF000068E2
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 28386
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
last-modified: Fri, 03 Sep 2021 05:11:28 GMT
x-officefd: AM4PEPF000068A6
x-msedge-ref: Ref A: C1819AB242DE4FD1A2124D4C7C18170A Ref B: AMS04EDGE1211 Ref C: 2021-09-06T06:47:11Z
x-usersessionid: 30e43fa1-6952-4198-8c60-80562443775e
date: Wed, 15 Sep 2021 12:54:46 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 30e43fa1-6952-4198-8c60-80562443775e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.tm.js Show response
c1h-excel-15.cdn.office.net/x/s/hF81BFB51A17B2F99__layouts/App_Scripts/ Frame 08CC 145 KB
37 KB 232ms
232ms Script
application/javascript 184.30.20.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hF81BFB51A17B2F99__layouts/App_Scripts/Ewa.tm.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

f81bfb51a17b2f99da960378bf877ad620cf5b36556dad069896fd19e30c5baf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "412835d498a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF000068D3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 36700
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Fri, 03 Sep 2021 07:53:48 GMT
x-officefd: AM4PEPF0000F385
x-msedge-ref: Ref A: AF72641820874D2A8C6550434CC132AF Ref B: AM3EDGE0322 Ref C: 2021-09-11T07:37:14Z
x-usersessionid: 469cb854-6d41-4a07-876b-931ee0e34c61
date: Wed, 15 Sep 2021 12:54:46 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 469cb854-6d41-4a07-876b-931ee0e34c61
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.acc.js Show response
c1h-excel-15.cdn.office.net/x/s/hF4C26D44B5F27A56__layouts/App_Scripts/ Frame 08CC 285 KB
63 KB 627ms
627ms Script
application/javascript 184.30.20.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hF4C26D44B5F27A56__layouts/App_Scripts/Ewa.acc.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

f4c26d44b5f27a564b1980e1a8d51857f2fa4e274aa67f641b8d4e5b91c2ef4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "d86c8f392a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF0000692F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 63827
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Fri, 03 Sep 2021 07:11:44 GMT
x-officefd: AM4PEPF000068B8
x-msedge-ref: Ref A: D0277877809846FA98609EAEDD78D6A3 Ref B: AMS04EDGE2120 Ref C: 2021-09-11T07:37:14Z
x-usersessionid: f662a904-9706-45d3-884e-a1ffe3bc3e37
date: Wed, 15 Sep 2021 12:54:47 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: f662a904-9706-45d3-884e-a1ffe3bc3e37
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.ev.js Show response
c1h-excel-15.cdn.office.net/x/s/h9944B1FC99C14F0A__layouts/App_Scripts/ Frame 08CC 8 KB
4 KB 671ms
670ms Script
application/javascript 184.30.20.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h9944B1FC99C14F0A__layouts/App_Scripts/Ewa.ev.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

9944b1fc99c14f0afe75e6911eedea63cfa4b9e361e4ef85cd1e16ad08dd8d00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "93d720a9ea0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF000068E8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 3289
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Fri, 03 Sep 2021 08:31:06 GMT
x-officefd: AM4PEPF000068B6
x-msedge-ref: Ref A: 78C87EC7D8DC4F8EB22F60AA76EAE7BA Ref B: AM3EDGE0610 Ref C: 2021-09-11T07:15:33Z
x-usersessionid: b77752d3-2eab-49b4-b8b6-4903164c4f87
date: Wed, 15 Sep 2021 12:54:47 GMT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b77752d3-2eab-49b4-b8b6-4903164c4f87
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.CommonIntl.js Show response
c1h-excel-15.cdn.office.net/x/s/hEC934A05F4E8931D__layouts/App_Scripts/1031/ Frame 08CC 96 KB
25 KB 702ms
702ms Script
application/javascript 184.30.20.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hEC934A05F4E8931D__layouts/App_Scripts/1031/Ewa.CommonIntl.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec934a05f4e8931d018e2779ccdf397960a3ddd95ffd771abaa538ba12933ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "5570172082a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF000068FE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 24813
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Fri, 03 Sep 2021 05:11:17 GMT
x-officefd: AM4PEPF000068A5
x-msedge-ref: Ref A: FC29A78C75E94B16991AC0DC60958BEB Ref B: AMS04EDGE1519 Ref C: 2021-09-05T06:22:28Z
x-usersessionid: a6605a70-5f06-461b-86a3-ecaef738fbaf
date: Wed, 15 Sep 2021 12:54:47 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: a6605a70-5f06-461b-86a3-ecaef738fbaf
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.pi.js Show response
c1h-excel-15.cdn.office.net/x/s/h8C8B3C65C98D4826__layouts/App_Scripts/ Frame 08CC 218 KB
50 KB 755ms
755ms Script
application/javascript 184.30.20.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h8C8B3C65C98D4826__layouts/App_Scripts/Ewa.pi.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

8c8b3c65c98d4826cb0965190543579aa451f4ee1e099a23c4e51f05fe5e4d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "51d28fe92a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF0000692E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3,2pfz=afd_wordcapacity_4_control
content-length: 50513
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3,afd_wordcapacity_4_control
last-modified: Fri, 03 Sep 2021 07:12:02 GMT
x-officefd: AM4PEPF0000601C
x-msedge-ref: Ref A: A88FB44DAB1342AC95E7BE92E59923DE Ref B: AMS04EDGE2113 Ref C: 2021-09-11T07:37:15Z
x-usersessionid: fdf7457a-99db-44e3-a61d-75057927b6d7
date: Wed, 15 Sep 2021 12:54:47 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: fdf7457a-99db-44e3-a61d-75057927b6d7
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.oauth.js Show response
c1h-excel-15.cdn.office.net/x/s/h43760BB114C3F99B__layouts/App_Scripts/ Frame 08CC 27 KB
7 KB 907ms
907ms Script
application/javascript 184.30.20.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h43760BB114C3F99B__layouts/App_Scripts/Ewa.oauth.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

43760bb114c3f99b6e82f37a12b9d89c4903b53bde6b1c04e158bb6e7c2b8603

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "74ff38ed87a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF00006907
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control,2pfz=afd_wordcapacity_4
content-length: 6537
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control,afd_wordcapacity_4
last-modified: Fri, 03 Sep 2021 05:52:49 GMT
x-officefd: AM4PEPF000068B6
x-msedge-ref: Ref A: 651262FED1654C9F95FE556D27EB4B7C Ref B: AMS04EDGE2120 Ref C: 2021-09-11T07:37:15Z
x-usersessionid: dbfece5b-677c-4459-9b01-ed7be11cf38c
date: Wed, 15 Sep 2021 12:54:47 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: dbfece5b-677c-4459-9b01-ed7be11cf38c
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.zoom.js Show response
c1h-excel-15.cdn.office.net/x/s/h2FD29732FE09CF1B__layouts/App_Scripts/ Frame 08CC 17 KB
5 KB 1053ms
1053ms Script
application/javascript 184.30.20.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h2FD29732FE09CF1B__layouts/App_Scripts/Ewa.zoom.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2fd29732fe09cf1b9ece18cce04e47509bf66ebbb9e9b2e9ef27a97b5e682f76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "392724be98a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF000068DC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 4398
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Fri, 03 Sep 2021 07:53:11 GMT
x-officefd: AM4PEPF000068A6
x-msedge-ref: Ref A: 2B9CC2FFCCEC499DBC8363FD9234F242 Ref B: AM3EDGE0322 Ref C: 2021-09-11T07:37:15Z
x-usersessionid: 473a6cad-a956-4ffb-acd1-2ac2c3a52159
date: Wed, 15 Sep 2021 12:54:47 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 473a6cad-a956-4ffb-acd1-2ac2c3a52159
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.calc.js Show response
c1h-excel-15.cdn.office.net/x/s/h2DB897AC8ECA59E7__layouts/App_Scripts/ Frame 08CC 80 KB
20 KB 1158ms
1158ms Script
application/javascript 184.30.20.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h2DB897AC8ECA59E7__layouts/App_Scripts/Ewa.calc.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2db897ac8eca59e7bdd59769bc3d66e344e874be7c331e9554931f6aa09d597e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "b7cb9bf49ea0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF000068E9
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 19773
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 03 Sep 2021 08:37:39 GMT
x-officefd: AM4PEPF000068A7
x-msedge-ref: Ref A: 087511EF30904252A2036B462C00BCE6 Ref B: AMS04EDGE1517 Ref C: 2021-09-11T07:37:15Z
x-usersessionid: 2979c10f-4b67-4f0e-a549-3ba74da44f9c
date: Wed, 15 Sep 2021 12:54:47 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 2979c10f-4b67-4f0e-a549-3ba74da44f9c
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.le.js Show response
c1h-excel-15.cdn.office.net/x/s/hC7AF168FBC072419__layouts/App_Scripts/ Frame 08CC 87 KB
21 KB 1268ms
1268ms Script
application/javascript 184.30.20.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hC7AF168FBC072419__layouts/App_Scripts/Ewa.le.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

c7af168fbc0724193588c71424cff5083e61c94616cbcb825e9cb9ac5743cfe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "d8b34f59ea0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF000068E9
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 20713
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Fri, 03 Sep 2021 08:37:40 GMT
x-officefd: AM4PEPF0000689D
x-msedge-ref: Ref A: 48EC7500111342438998A727363A3236 Ref B: AM3EDGE1006 Ref C: 2021-09-11T07:37:15Z
x-usersessionid: 59a322d9-e2e4-4f01-a924-c2122e6d12e8
date: Wed, 15 Sep 2021 12:54:47 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 59a322d9-e2e4-4f01-a924-c2122e6d12e8
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.tlv.js Show response
c1h-excel-15.cdn.office.net/x/s/h5D640EA5000F6B53__layouts/App_Scripts/ Frame 08CC 162 KB
37 KB 1348ms
1348ms Script
application/javascript 184.30.20.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h5D640EA5000F6B53__layouts/App_Scripts/Ewa.tlv.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

5d640ea5000f6b536946952f2c6336b4bf01d8704ea337f5f3c81d4f4aaf527c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "9f9d681d82a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF000068ED
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 37382
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
last-modified: Fri, 03 Sep 2021 05:11:13 GMT
x-officefd: AM4PEPF000068B2
x-msedge-ref: Ref A: 30FDDAA016804513A48191EF1E89810F Ref B: AM3EDGE1021 Ref C: 2021-09-11T07:37:16Z
x-usersessionid: 7e9f45a3-bbec-40cd-86e7-c30dd8fb49bd
date: Wed, 15 Sep 2021 12:54:47 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 7e9f45a3-bbec-40cd-86e7-c30dd8fb49bd
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.cuixas.js Show response
c1h-excel-15.cdn.office.net/x/s/h675EF8C6058F9536__layouts/App_Scripts/ Frame 08CC 755 KB
143 KB 1483ms
1483ms Script
application/javascript 184.30.20.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h675EF8C6058F9536__layouts/App_Scripts/Ewa.cuixas.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

675ef8c6058f95362d85e617ed010feb16858eb80faf6c9f7fb595d9f9a10ed7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "14d0f35c8da0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF00006942
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3,2pfz=afd_wordcapacity_4
content-length: 145697
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3,afd_wordcapacity_4
last-modified: Fri, 03 Sep 2021 06:31:44 GMT
x-officefd: AM4PEPF000068A7
x-msedge-ref: Ref A: 42C9EC52AC6A471FB3FE5474612B282B Ref B: AMS04EDGE2113 Ref C: 2021-09-11T07:37:14Z
x-usersessionid: fa76b4eb-ca9e-4618-a312-7a5f6a53c0ff
date: Wed, 15 Sep 2021 12:54:48 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: fa76b4eb-ca9e-4618-a312-7a5f6a53c0ff
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.kffa.js
c1h-excel-15.cdn.office.net/x/s/hE295962FC14484BB__layouts/App_Scripts/ Frame 08CC 400 KB
90 KB 1299ms
1299ms Script
application/javascript 184.30.20.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hE295962FC14484BB__layouts/App_Scripts/Ewa.kffa.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "02bfbf49ea0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF000068E9
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 90818
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Fri, 03 Sep 2021 08:37:40 GMT
x-officefd: AM4PEPF0000F385
x-msedge-ref: Ref A: EBA20D4676BA4DB2B356A08972C78639 Ref B: AMS04EDGE2113 Ref C: 2021-09-11T07:37:15Z
x-usersessionid: 8556c9c8-5d22-474c-98b7-81676fff16db
date: Wed, 15 Sep 2021 12:54:48 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 8556c9c8-5d22-474c-98b7-81676fff16db
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
excel.officeapps.live.com/x/ Frame 08CC 0
2 KB 663ms
663ms XHR
text/plain 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/RemoteUls.ashx?officeserverversion=16.0.14501.31875&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wClXz9GkE6LIT3Z6Q6VnX4BEXjY-bO7gSAQF6cgMKfAeX7QCczqnxiaBLBVDsNa3RQ6q9Ioj-d7T5IiXv3FhGIAn0filDDuBTxlACpYI_Vr94iGVPGyabSLG3SlClMohVYzwO3lM5s-GTMXLczFqFeA
X-UserSessionId: 5a1d0281-934a-4e7a-b460-a68b9d56b45d
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.14501.31875
X-Key: EBVwXzPTpNlBtADsdLniP7jp96OfBjo5GbNVIAUqo08=,637673072857870704
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=uOih/Exul0eVy0u3CqlTjQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEB18BC484CC1B53C%21133&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1633524885180
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS3
x-officeversion: 16.0.14509.41021
x-officefe: BN3PEPF000041BE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 5DFFECF679A2FC7C00513A0222E7FDFB9E769F7F
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-buls-suppressedtags: 378069,1671813,2209344,3290144,4298965,4298968,4298969,4751696,5306497,6375195,6572226,6948167,17085210,17085216,17162522,17358857,19743902,21627712,21631370,22401293,22410500,22598977,22680210,22680213,22680214,22836558,22946650,23909858,24401375,24462656,24515087,25514973,33592839,34388130,35682372,36472266,36546380,36546381,36546382,36569418,36708451,36773964,36791688,36811158,36811159,36963655,37288035,37876293,37876294,37889309,38293640,38535900,38543496,38580697,38637954,38922202,39076766,39076767,39105358,39613840,39966341,40437001,40935455,41003225,41207258,41502555,41711299,41952657,41964885,42272991,42496725,42513088,42815875,42857251,50406866,50431969,50619726,50622685,50622687,51451613,51504083,51667010,545783884,557077970,557670930,558735363,559423838,559424262,559486496,559760215,559760216,570507662,571786073,571786074,574468116,575157663,575157664,575157665,575157666,575157667,575157696,575157697,575157698,575157699,575157700,575157701,575157702,577295376,577626581,578164000,587862985,591729363,592556551,592843145,593780815,593838232,594134597,594396706,594830612,595137156,595714715,595895774,596115913,596444186,596464289,845836083,845836084,845836085,846166132,876178018,963472182,1630679666,1630679667,1633958006,1647605351,1664576567,1698260075,1718235956,1765045358,1802139698,1986689397,1986689633,1986689647,1986748791,1986748793,1986749030,1986749288,1986749546,2004443760,2004444278,2004448354,2037215329
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: bfa80ab8-7b11-4c89-8314-eee7cf269459
x-officefd: BN3PEPF000041BE
x-usersessionid: 5a1d0281-934a-4e7a-b460-a68b9d56b45d
date: Wed, 15 Sep 2021 12:54:47 GMT
x-download-options: noopen
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-type: text/plain
access-control-allow-origin: https://excel.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: F45CDC708BB24E88B865363FCBA19B01 Ref B: VIEEDGE1015 Ref C: 2021-09-15T12:54:47Z

POST
H2 200 BeaconHandler.ashx
excel.officeapps.live.com/x/_layouts/ Frame 08CC 542 B
1012 B 87ms
87ms Ping
text/plain 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_layouts/BeaconHandler.ashx?WacUserType=WOPI&usid=5a1d0281-934a-4e7a-b460-a68b9d56b45d&NoAuth=1&waccluster=PNL1&WebMethod=Xlplt

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5b40665a9c6eda7ee5b01320fae0bc3bda499e8df67c518193f944683dc70c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=uOih/Exul0eVy0u3CqlTjQ.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2FEB18BC484CC1B53C%21133&sc=host%3D%26qt%3DFolders%26pt%3Dem
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officefd: AM4PEPF0000601B
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF000068D5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 421
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
x-correlationid: acdcd7fb-4b8b-4fe3-bec9-1d03a4f19de8
x-officecluster: PNL1
x-usersessionid: 5a1d0281-934a-4e7a-b460-a68b9d56b45d
date: Wed, 15 Sep 2021 12:54:46 GMT
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://excel.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 001499EA7DDA4400B4E128DA0DA00DC9 Ref B: VIEEDGE1015 Ref C: 2021-09-15T12:54:47Z
timing-allow-origin: *

GET excel-app-intl.min.js
c1h-excel-15.cdn.office.net/x/s/hF9386FA35FC60F08__layouts/App_Scripts/1031/ Frame 08CC 0
0

GET Ewa.kpae.js
c1h-excel-15.cdn.office.net/x/s/hB2D37ECC3EC60D42__layouts/App_Scripts/ Frame 08CC 0
0

GET copyPasteInfra.min.js
c1h-excel-15.cdn.office.net/x/s/hDFC299D01FCF919C__layouts/App_Scripts/ Frame 08CC 0
0

GET clipboardPlatform.min.js
c1h-excel-15.cdn.office.net/x/s/h28D2EA830419C111__layouts/App_Scripts/ Frame 08CC 0
0

GET excelOnlineCalcStable.min.js
c1h-excel-15.cdn.office.net/x/s/h647C9C68E9BF2551__layouts/App_Scripts/ Frame 08CC 0
0

GET Ewa.kmhv.js
c1h-excel-15.cdn.office.net/x/s/h3D8504AC195B0D06__layouts/App_Scripts/ Frame 08CC 0
0

GET Ewa.commonui.js
c1h-excel-15.cdn.office.net/x/s/h62E7C9968D382FA4__layouts/App_Scripts/ Frame 08CC 0
0

GET Ewa.tp.js
c1h-excel-15.cdn.office.net/x/s/h2BBC1C9E7EB1713C__layouts/App_Scripts/ Frame 08CC 0
0

GET common.min.js
c1h-excel-15.cdn.office.net/x/s/hFD713610C137ABC8__layouts/App_Scripts/ Frame 08CC 0
0

GET runtime.min.js
c1h-excel-15.cdn.office.net/x/s/h3E75DBC7DC8464E4__layouts/App_Scripts/ Frame 08CC 0
0

GET appChrome.min.js
c1h-excel-15.cdn.office.net/x/s/hA7B0B397679C4C48__layouts/App_Scripts/ Frame 08CC 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: onedrive.live.com
URL: https://onedrive.live.com/embed?cid=EB18BC484CC1B53C&resid=EB18BC484CC1B53C%21133&authkey=ALYv7sEPA2M5DYQ&em=2

Domain: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hF9386FA35FC60F08__layouts/App_Scripts/1031/excel-app-intl.min.js

Domain: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hB2D37ECC3EC60D42__layouts/App_Scripts/Ewa.kpae.js

Domain: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hDFC299D01FCF919C__layouts/App_Scripts/copyPasteInfra.min.js

Domain: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h28D2EA830419C111__layouts/App_Scripts/clipboardPlatform.min.js

Domain: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h647C9C68E9BF2551__layouts/App_Scripts/excelOnlineCalcStable.min.js

Domain: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h3D8504AC195B0D06__layouts/App_Scripts/Ewa.kmhv.js

Domain: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h62E7C9968D382FA4__layouts/App_Scripts/Ewa.commonui.js

Domain: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2BBC1C9E7EB1713C__layouts/App_Scripts/Ewa.tp.js

Domain: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hFD713610C137ABC8__layouts/App_Scripts/common.min.js

Domain: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h3E75DBC7DC8464E4__layouts/App_Scripts/runtime.min.js

Domain: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/hA7B0B397679C4C48__layouts/App_Scripts/appChrome.min.js

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
excel.officeapps.live.com/x/_layouts	1970-01-20 06:00:46	Name: PageLoadSkeletonState Value: %7B%22IsEnabled%22%3Atrue%2C%22Options%22%3A1088%7D
.officeapps.live.com/x	1970-01-20 06:00:46	Name: timeZoneId Value: Etc%2FUnknown
.google.com/	1970-01-20 01:38:41	Name: NID Value: 223=m--_os2DA29ZceR4Vs9WNmJxKH6xaWtHJYMlarkCjQ2QFOzFcVfB08KDC5V1QUHrf7KVvhneKkCmighv4nOJxAvt0AoRyFGqfPaZKTVf17vqdzOE8EdZMcB-vWCZGBDdx83VAnzuHP83eeT1bWih7msrRbrxPFXqRS8EjV06JKM
.virtualflashbank.com.br/	1970-01-20 14:46:22	Name: _ga_LP7V47TY5L Value: GS1.1.1631710482.1.0.1631710482.0
.virtualflashbank.com.br/	1970-01-20 14:46:22	Name: _ga Value: GA1.1.398453107.1631710483
excel.officeapps.live.com/	1970-01-19 23:26:16	Name: DcLcid Value: ui=1031&data=1033
.excel.officeapps.live.com/	1969-12-31 23:59:59	Name: PNL1-Excel-ARRAffinity Value: 8144e78f63881ef06d667471979243689386158d0962755b1c2580a99e6a73c8

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js Message: Refused to get unsafe header "X-EndSession"
javascript	error	URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js Message: Refused to get unsafe header "X-OfficeFE"
javascript	error	URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js Message: Refused to get unsafe header "X-WacFrontEnd"
javascript	error	URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js Message: Refused to get unsafe header "X-RemoveWacFrontEnd"
javascript	error	URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js Message: Refused to get unsafe header "X-IsCacheable"
javascript	error	URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js Message: Refused to get unsafe header "X-CorrelationId"
javascript	error	URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js Message: Refused to get unsafe header "X-NewKey"
javascript	error	URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js Message: Refused to get unsafe header "OdsiHttpModule"
javascript	error	URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js Message: Refused to get unsafe header "X-CorrelationId"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-QLW6920J5PWm33OMckss5g' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
c1h-excel-15.cdn.office.net
excel.officeapps.live.com
fonts.googleapis.com
fonts.gstatic.com
fs.microsoft.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
mrodevicemgr.officeapps.live.com
onedrive.live.com
spoprod-a.akamaihd.net
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.virtualflashbank.com.br
c1h-excel-15.cdn.office.net
onedrive.live.com
13.107.42.13
13.107.6.171
142.250.178.19
142.250.180.8
142.250.200.46
172.217.16.225
172.217.16.234
172.217.169.3
184.25.50.67
184.30.20.217
184.30.20.56
216.58.213.14
52.109.88.44
01ef1b08588ab806358bd49de2094fd8b9e1b0b24dd2f04adaed703b56fda4d9
095abd27b0b1bf8700332910ddc5cd82409e38a9c54ffa2b54b9bc31eb7a3745
0a36a315a29744c0efd1681460fa333489628a70d3cf47201c3134d7b9829a8a
0ae1cdc4532897095c44378e141df37ad1152638dc81711c61d7a45485ae956e
0e69178cd36b09c72863a8ac7960f78fbba75476e7941e1b363497c83c612c56
0f6d85287c1652ddfc7d69651f6d686f39267189f2780f09cec5591294678496
0f7dcfff4f0debdf3f67e3619a58bfc2684e0a301121380f43c0065406e852e3
1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e
140b4934bb47b72b4bfa956e5583e3343a0670cbd4849a728b805961b040e196
145da2f97a4e3efe0e2c44d956760d91f34bf967d01872bb06292d086a30e7c2
1522f5c0f14d035c42540d84ad4d00d92b72240e91784c15c59e12921a1f0d79
1649ecf36f462942fd217553d73feedd25ab8824af7b2219ad4d947a2913778f
176f004492169b4d9e18578f9f051686fd6aa9df4553b592d9826b25df2b2178
182277364b6cca29205b990460ca351561ed63c1fe8df5475d6afb51060d2ee5
1c00ef1b57ec30be2abbdb8b0c251e50019d5f1c642b1ddedddcdbdeefef2c5d
1d8cb55fdcca003c04dd491dfc92a6314672281ccd0568c0826060a0390f7905
21f635b36caa284819ec8675ef985f5f6d54cec97ecfc55283610eb3e980b0c2
234af629e87d3c97a29b183b0df4b4ddc07b1042bb1f9c58f6beaf11a841ce4d
2db897ac8eca59e7bdd59769bc3d66e344e874be7c331e9554931f6aa09d597e
2fd29732fe09cf1b9ece18cce04e47509bf66ebbb9e9b2e9ef27a97b5e682f76
31b61fee8898b93e50594aa0dcf38983737c9c0eaaee235abac7598bf100a1c0
36280226a8013e95e9c455414f7277e6655174a12c31a4f831ff4330a42e2d84
3684fa3b653767cc310014f7973de48b755bac39f626830167f4ddbc2d529e9d
36da7c3931e03ae21506b0e7a9a26573e414d4ca7bb659c7c6c8a421a79efb6c
3704afefd25c94315efcbcb4513deedbd292002ec51691e6cffe69d2262d7927
3750f5d563d062ed8c4e2a0516da3374b8fbcdedee0608e107efd97ded80bcae
3a71eaba82e2c908d7e8ad406a8e9703eda3d98494510a89224f49c8f4ed94c2
3f0015967cfdc00b10ed549580bcfcd6e1ab5aaf057df55855e891ea237fd255
40067c299d098645b0b5b87fb545ec1bbc30743b5913fa0bf94f4f7efb9a6b26
426cd95df4577dd867ece754474b1de96ce020b734f27ce35c47cac7165d0b7d
43760bb114c3f99b6e82f37a12b9d89c4903b53bde6b1c04e158bb6e7c2b8603
46689198526f176cb3bb2881be2e8f1273be7293fea0625f2c3bfa2058c9b422
4af371a202e92375ee53dafcd51eeb689781b113fa26162fd8fd8349b346fb30
4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553
5b40665a9c6eda7ee5b01320fae0bc3bda499e8df67c518193f944683dc70c79
5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb
5cebac858ab6a0b08be18bd4c30fcb799e191ea9708279de014effd38f91608b
5d640ea5000f6b536946952f2c6336b4bf01d8704ea337f5f3c81d4f4aaf527c
5f30fea937e5012438336934792ca1a91a984993e529d469d1e54a5a3cf81f42
614318d208fc6de594ef2c48cd7fa64c95100734f4d2ef507f8ba6b02ef8c7df
62c8f47275e874a210224258f160fdc003caf2d09a24e83f153b901c758509e5
66c6b19e56a3a283448cfa65e8c47dbc8ac0a83050bb9029f82ed18c4409e1b2
675ef8c6058f95362d85e617ed010feb16858eb80faf6c9f7fb595d9f9a10ed7
6aeced2043d9a095ca4580efeef8af09e7942353fbadfa3191f5c4dbf53120b4
75e0477e4353c6463d7e59506d4f273a49dff083ad068adddd01ca3a4c91155a
7898c431b5cc74232cbc8fdd3da2f19e55351b62f46cf41c442e817c2a6562fd
7e7cf127e4e6b4b60a2ad1361666f27c335fa51efdf9b728c2fefd889f544cc8
857344b1ebb7ad631dc6ecbc210bea9ae75bc4708b5cda320cb70629b6354166
8c70fa95adb2c1a8a23b431f20be651cebc5d0551d3616a741a2e6adf812abe9
8c8b3c65c98d4826cb0965190543579aa451f4ee1e099a23c4e51f05fe5e4d43
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
8e6f485880a1d8bce177449d4bed20939f52c2fc8fb37ce8662bc01e2ba2b7ce
90281d2a79b4456665ad97839c22cf8757758b42d621897184ad281f1e2b8164
9944b1fc99c14f0afe75e6911eedea63cfa4b9e361e4ef85cd1e16ad08dd8d00
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a5068f26e4af20a65d9bd96e6176f31bf694c6548f39d11c01b698f4f9c43629
a5f9f4ed754689a52bc6862006b524ef8b3f4b12a1c96c663abed1c6a7c8706f
b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547
b89bb651692e73dc3347c90af5dab24942237d4d5e7475d1e91e707f8fbfec5c
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c5f5ad6cdef87c780ecfd3794c0d5acd000dbd4815ab80b2f72f3265bdc4e9fa
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c7af168fbc0724193588c71424cff5083e61c94616cbcb825e9cb9ac5743cfe3
c8de4d27bd88ec89ff59429170c29bbb290cbc78993746c61e03b235774b963b
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d110a2ab2a6885425a2f4c3b6f5dbc4c8173d2247367a3d7445108cddc751ada
d1ee61247c62cee2c0adebe155c862507672e11dcc970385bf744aecfa0ee6d8
d51eb64c46004380ae81100117e7162590f58106bdb536a027a7cdbb0a592d84
d62f80ea1bb9475072fd29f1bba38fdfd3e3e546a9e7ce3dc930ce1beea22ef6
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f
def6f7343b3fa79427426a51dbf484dc713fb9cc6d2813316303c73f05f29b3a
e2820061acdbde09cbfbd98b6a84a4fde4e17b96ef6962d822dd43a4f4084ea2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6badc2a49867d2223c9a45d6cbcdfd79f9d8f3b2e8520e517eea76a8b8c44aa
ec934a05f4e8931d018e2779ccdf397960a3ddd95ffd771abaa538ba12933ea7
f4c26d44b5f27a564b1980e1a8d51857f2fa4e274aa67f641b8d4e5b91c2ef4b
f81bfb51a17b2f99da960378bf877ad620cf5b36556dad069896fd19e30c5baf
f8b35bb0542ea1695f6a5e9e303670ac5eb2aac10e6263f5aad95dbee2e05af6

www.virtualflashbank.com.br Open in urlscan Pro 142.250.178.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

101 Requests

87 %HTTPS

0 %IPv6

11 Domains

17 Subdomains

14 IPs

3 Countries

7519 kBTransfer

17126 kBSize

7 Cookies

10 Outgoing links

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.virtualflashbank.com.br Open in urlscan Pro
142.250.178.19 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

87 %
HTTPS

0 %
IPv6

11
Domains

17
Subdomains

14
IPs

3
Countries

7519 kB
Transfer

17126 kB
Size

7
Cookies

101 HTTP transactions
1 data transactions