support.grunwald.ru Open in urlscan Pro
188.225.18.85 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.support.grunwald.ru/
Effective URL:
https://support.grunwald.ru/
Submission: On September 21 via automatic, source certstream-suspicious (September 21st 2021, 12:06:41 am UTC) — Scanned from DE

Summary HTTP 132 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 12 domains to perform 132 HTTP transactions. The main IP is 188.225.18.85, located in Russian Federation and belongs to TIMEWEB-AS, RU. The main domain is support.grunwald.ru.
TLS certificate: Issued by R3 on September 20th 2021. Valid for: 3 months.

This is the only time support.grunwald.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 37	188.225.18.85 188.225.18.85	9123 (TIMEWEB-AS) (TIMEWEB-AS)
1	172.217.23.104 172.217.23.104	15169 (GOOGLE) (GOOGLE)
2	216.58.212.136 216.58.212.136	15169 (GOOGLE) (GOOGLE)
1	13.107.42.13 13.107.42.13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 7	93.158.134.119 93.158.134.119	13238 (YANDEX) (YANDEX)
2	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
7	2.16.186.25 2.16.186.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	13.107.6.171 13.107.6.171	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
55	2.18.232.191 2.18.232.191	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2.18.232.120 2.18.232.120	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.109.76.40 52.109.76.40	() ()
1	104.111.237.183 104.111.237.183	() ()
1	2.18.232.238 2.18.232.238	() ()
1	104.111.225.185 104.111.225.185	() ()
132	15

37 188.225.18.85 (Russian Federation) 1 redirects

ASN9123 (TIMEWEB-AS, RU)
PTR: vds.grunwald.ru

www.support.grunwald.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
support.grunwald.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.104 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.136 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f8.1e100.net

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

onedrive.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 93.158.134.119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.16.186.25 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-25.deploy.static.akamaitechnologies.com

spoprod-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 13.107.6.171 (Redmond, United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

excel.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
shared.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 2.18.232.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-191.deploy.static.akamaitechnologies.com

c1h-excel-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.120 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-120.deploy.static.akamaitechnologies.com

fs.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.109.76.40 (None, )

ASN- ()

mrodevicemgr.officeapps.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.237.183 (None, )

ASN- ()

js.live.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.238 (None, )

ASN- ()

c1-shared-15.cdn.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.225.185 (None, )

ASN- ()

static2.sharepointonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	office.net c1h-excel-15.cdn.office.net c1-shared-15.cdn.office.net	3 MB
37	grunwald.ru 1 redirects www.support.grunwald.ru support.grunwald.ru	2 MB
16	live.com onedrive.live.com excel.officeapps.live.com mrodevicemgr.officeapps.live.com shared.officeapps.live.com	115 KB
7	akamaihd.net spoprod-a.akamaihd.net	302 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
4	google-analytics.com ssl.google-analytics.com www.google-analytics.com	37 KB
2	microsoft.com fs.microsoft.com browser.events.data.microsoft.com Failed	1 MB
2	yandex.ru 1 redirects mc.yandex.ru	47 KB
1	sharepointonline.com static2.sharepointonline.com	36 KB
1	live.net js.live.net	16 KB
1	googletagmanager.com www.googletagmanager.com	40 KB
0	googleapis.com Failed fonts.googleapis.com Failed
132	12

	Domain	Requested by
55	c1h-excel-15.cdn.office.net	excel.officeapps.live.com c1h-excel-15.cdn.office.net
36	support.grunwald.ru	support.grunwald.ru
12	excel.officeapps.live.com	c1h-excel-15.cdn.office.net c1-shared-15.cdn.office.net
7	spoprod-a.akamaihd.net	onedrive.live.com
5	mc.yandex.com	2 redirects support.grunwald.ru
2	mrodevicemgr.officeapps.live.com	c1h-excel-15.cdn.office.net
2	fs.microsoft.com	excel.officeapps.live.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	mc.yandex.ru	1 redirects support.grunwald.ru
2	ssl.google-analytics.com	support.grunwald.ru
1	static2.sharepointonline.com
1	c1-shared-15.cdn.office.net	shared.officeapps.live.com
1	js.live.net	c1h-excel-15.cdn.office.net
1	shared.officeapps.live.com	c1h-excel-15.cdn.office.net
1	onedrive.live.com	support.grunwald.ru
1	www.googletagmanager.com	support.grunwald.ru
1	www.support.grunwald.ru	1 redirects
0	browser.events.data.microsoft.com Failed	c1h-excel-15.cdn.office.net
0	fonts.googleapis.com Failed	support.grunwald.ru
132	19

This site contains links to these domains. Also see Links.

Domain
www.avtopoezd.ru
www.casino-spiele.guru
joomlaskins.net

Subject Issuer	Validity	Valid
support.grunwald.ru R3	`2021-09-20` - `2021-12-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
onedrive.com Microsoft RSA TLS CA 01	`2021-08-13` - `2022-08-13`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
officeapps.live.com DigiCert Cloud Services CA-1	`2021-04-30` - `2022-04-29`	a year	crt.sh
*.cdn.office.net Microsoft RSA TLS CA 02	`2021-01-26` - `2022-01-26`	a year	crt.sh
officecdn.microsoft.com Microsoft RSA TLS CA 01	`2021-05-14` - `2022-05-14`	a year	crt.sh
mrodevicemgr.officeapps.live.com Microsoft RSA TLS CA 02	`2020-10-02` - `2021-10-02`	a year	crt.sh
p.sfx.ms Microsoft RSA TLS CA 02	`2020-09-28` - `2021-09-28`	a year	crt.sh
*.sharepointonline.com Microsoft RSA TLS CA 01	`2021-07-08` - `2022-07-08`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://support.grunwald.ru/
Frame ID: F009DA4DF70BED10E6EC5E780E8053C7
Requests: 46 HTTP requests in this frame

Frame: https://onedrive.live.com/embed?resid=19B47E6386D2EF20%211094&authkey=%21AKjRPcS4HgtThDw&em=2&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27!A2&Item=%27VIN%27!A1%3AG10&wdHideGridlines=True&wdInConfigurator=True
Frame ID: 0CE7D89766E1FD9423AA156B4443AB1D
Requests: 8 HTTP requests in this frame

Frame: https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=JNl98pNqqUqEfhQwsL67HA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F19B47E6386D2EF20%211094&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27%21A2&Item=%27VIN%27%21A1%3AG10&wdHideGridlines=True&wdInConfigurator=True&sc=host%3D%26qt%3DFolders%26pt%3Dem
Frame ID: 389D03981C0E520CEF4E8020A350FD4F
Requests: 75 HTTP requests in this frame

Frame: https://shared.officeapps.live.com/clipboard/shared.aspx?CreatorOrigin=https%3A%2F%2Fexcel.officeapps.live.com&usid=bf391436-69ee-4877-96d7-da7ba69b65e8&corrid=587ab8ae-5eda-4572-8d51-3670b79bf621&NoAuth=true
Frame ID: 7B6254F50E9FFED76CFC0D8975D0E73B
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Grunwald Support - Главная

Page URL History Show full URLs

https://www.support.grunwald.ru/ HTTP 301
https://support.grunwald.ru/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

MooTools (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

mootools.*\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

132
Requests

97 %
HTTPS

0 %
IPv6

12
Domains

19
Subdomains

15
IPs

3
Countries

6957 kB
Transfer

23177 kB
Size

24
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.avtopoezd.ru/service/remont/
Title: Сервисная станция Grunwald

Search URL Search Domain Scan URL

URL: https://www.casino-spiele.guru/spielautomaten-casinospiele/novoline-spiele/
Title: Novoline deutschland

Search URL Search Domain Scan URL

URL: http://joomlaskins.net/
Title: Joomla 3.0 templates

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.support.grunwald.ru/ HTTP 301
https://support.grunwald.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9402.Y8vnPqe4PPL0zFPgmoeI_pXGQp_c3m3SnF9aeH6Bz49b0YLSJpe3bwWp98OnBMi2.hoEY1u81vIMUnCcuoBHDRybUrmE%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9402.pEeqZGcQ2AoZ4lwHv2iM3RR0Dk9ibaLD3KlLKtJKqFOMhcXGqkhO4zdzKawHFOo2RUMh-EYPgrQZ9Cke8a4ajw%2C%2C.RhAckFry-o5aB09xPTAbrervclc%2C

Request Chain 41

https://mc.yandex.com/watch/47012490?wmode=7&page-url=https%3A%2F%2Fsupport.grunwald.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A727%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A644%3Acn%3A1%3Adp%3A0%3Als%3A497560019454%3Ahid%3A235749350%3Az%3A0%3Ai%3A20210921000633%3Aet%3A1632182794%3Ac%3A1%3Arn%3A890184657%3Arqn%3A1%3Au%3A1632182794941163526%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632182792906%3Ads%3A0%2C0%2C57%2C1%2C160%2C0%2C%2C506%2C21%2C%2C%2C%2C728%3Adsn%3A0%2C0%2C57%2C1%2C160%2C0%2C%2C509%2C21%2C%2C%2C%2C728%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632182794%3At%3AGrunwald%20Support%20-%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F HTTP 302
https://mc.yandex.com/watch/47012490/1?wmode=7&page-url=https%3A%2F%2Fsupport.grunwald.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A727%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A644%3Acn%3A1%3Adp%3A0%3Als%3A497560019454%3Ahid%3A235749350%3Az%3A0%3Ai%3A20210921000633%3Aet%3A1632182794%3Ac%3A1%3Arn%3A890184657%3Arqn%3A1%3Au%3A1632182794941163526%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632182792906%3Ads%3A0%2C0%2C57%2C1%2C160%2C0%2C%2C506%2C21%2C%2C%2C%2C728%3Adsn%3A0%2C0%2C57%2C1%2C160%2C0%2C%2C509%2C21%2C%2C%2C%2C728%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632182794%3At%3AGrunwald%20Support%20-%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F

132 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
support.grunwald.ru/
Redirect Chain

https://www.support.grunwald.ru/
https://support.grunwald.ru/

9 KB
4 KB

58ms
57ms

Document
text/html

188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://support.grunwald.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: 6e5166f7fb9c25605d1f0739ca9e239f9165f78c473c6c60727f780ab1dd453d

Request headers

:method: GET
:authority: support.grunwald.ru
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx/1.14.2
date: Tue, 21 Sep 2021 00:06:33 GMT
content-type: text/html; charset=utf-8
set-cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos; path=/; HttpOnly
expires: Wed, 17 Aug 2005 00:00:00 GMT
last-modified: Tue, 21 Sep 2021 00:06:32 GMT
pragma: no-cache
etag: "6e6651af25bb47b981aba06be8554f86"
content-encoding: gzip
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache

Redirect headers

server: nginx/1.14.2
date: Tue, 21 Sep 2021 00:06:33 GMT
content-type: text/html
content-length: 185
location: https://support.grunwald.ru/

GET
H2 200 jquery-1.5.1.min.js Show response
support.grunwald.ru/templates/driverally/slideshow/files/ 83 KB
84 KB 108ms
101ms Script
application/javascript 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://support.grunwald.ru/templates/driverally/slideshow/files/jquery-1.5.1.min.js
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: c6ea91234604edce04f8efab9617320d340ec8834efcafc74d2cae74ce5102aa

Request headers

:path: /templates/driverally/slideshow/files/jquery-1.5.1.min.js
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:26:32 GMT
server: nginx/1.14.2
etag: "5f462ac8-14d0b"
content-type: application/javascript
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 85259
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET
H2 200 orbit-1.2.3.css
support.grunwald.ru/templates/driverally/slideshow/files/ 4 KB
5 KB 208ms
200ms Stylesheet
text/css 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://support.grunwald.ru/templates/driverally/slideshow/files/orbit-1.2.3.css
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: 986dec93dfc0e86b96e2744e9205242f5de711af9de9695b1a8b804aa7507625

Request headers

:path: /templates/driverally/slideshow/files/orbit-1.2.3.css
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:26:32 GMT
server: nginx/1.14.2
etag: "5f462ac8-1158"
content-type: text/css
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 4440
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET
H2 200 jquery.orbit-1.2.3.min.js Show response
support.grunwald.ru/templates/driverally/slideshow/files/ 4 KB
5 KB 208ms
201ms Script
application/javascript 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://support.grunwald.ru/templates/driverally/slideshow/files/jquery.orbit-1.2.3.min.js
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: b48e382065d532f01ba73a01418d138eefe8a3ce4ebfffec9a37142b40b9f458

Request headers

:path: /templates/driverally/slideshow/files/jquery.orbit-1.2.3.min.js
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:26:32 GMT
server: nginx/1.14.2
etag: "5f462ac8-11d7"
content-type: application/javascript
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 4567
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET
H2 200 jquery.min.js Show response
support.grunwald.ru/media/jui/js/ 95 KB
96 KB 209ms
202ms Script
application/javascript 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://support.grunwald.ru/media/jui/js/jquery.min.js?3b060fbde409d13456cd3a68b1f6290c
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: 05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba

Request headers

:path: /media/jui/js/jquery.min.js?3b060fbde409d13456cd3a68b1f6290c
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:31:58 GMT
server: nginx/1.14.2
etag: "5f462c0e-17d6e"
content-type: application/javascript
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 97646
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET
H2 200 jquery-noconflict.js Show response
support.grunwald.ru/media/jui/js/ 21 B
207 B 209ms
202ms Script
application/javascript 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://support.grunwald.ru/media/jui/js/jquery-noconflict.js?3b060fbde409d13456cd3a68b1f6290c
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: 5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6

Request headers

:path: /media/jui/js/jquery-noconflict.js?3b060fbde409d13456cd3a68b1f6290c
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:31:58 GMT
server: nginx/1.14.2
etag: "5f462c0e-15"
content-type: application/javascript
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 21
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET
H2 200 jquery-migrate.min.js Show response
support.grunwald.ru/media/jui/js/ 10 KB
10 KB 209ms
202ms Script
application/javascript 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://support.grunwald.ru/media/jui/js/jquery-migrate.min.js?3b060fbde409d13456cd3a68b1f6290c
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path: /media/jui/js/jquery-migrate.min.js?3b060fbde409d13456cd3a68b1f6290c
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:31:58 GMT
server: nginx/1.14.2
etag: "5f462c0e-2748"
content-type: application/javascript
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 10056
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET
H2 200 caption.js Show response
support.grunwald.ru/media/system/js/ 491 B
678 B 209ms
202ms Script
application/javascript 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://support.grunwald.ru/media/system/js/caption.js?3b060fbde409d13456cd3a68b1f6290c
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: 20f7c83ab9dfdc1e88f4c3fafc0712492200ab738fb30660526bad9dcb7282dc

Request headers

:path: /media/system/js/caption.js?3b060fbde409d13456cd3a68b1f6290c
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:32:12 GMT
server: nginx/1.14.2
etag: "5f462c1c-1eb"
content-type: application/javascript
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 491
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET
H2 200 mootools-core.js Show response
support.grunwald.ru/media/system/js/ 82 KB
82 KB 209ms
203ms Script
application/javascript 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://support.grunwald.ru/media/system/js/mootools-core.js?3b060fbde409d13456cd3a68b1f6290c
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: b0fc8a4f81d13b1f3bc1843a6f2d43f46e5c9128837096b8d53f2360b8daec18

Request headers

:path: /media/system/js/mootools-core.js?3b060fbde409d13456cd3a68b1f6290c
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:32:12 GMT
server: nginx/1.14.2
etag: "5f462c1c-147b5"
content-type: application/javascript
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 83893
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET
H2 200 core.js Show response
support.grunwald.ru/media/system/js/ 9 KB
9 KB 209ms
203ms Script
application/javascript 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://support.grunwald.ru/media/system/js/core.js?3b060fbde409d13456cd3a68b1f6290c
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: ee43222bc3a3d6c1cab5dc4115bd2a3c2b348f4b4e448283e0eaca84de6763d6

Request headers

:path: /media/system/js/core.js?3b060fbde409d13456cd3a68b1f6290c
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:32:12 GMT
server: nginx/1.14.2
etag: "5f462c1c-2268"
content-type: application/javascript
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 8808
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET
H2 200 mootools-more.js Show response
support.grunwald.ru/media/system/js/ 231 KB
232 KB 210ms
203ms Script
application/javascript 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://support.grunwald.ru/media/system/js/mootools-more.js?3b060fbde409d13456cd3a68b1f6290c
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: 9db43e4a687084df93038c3d02cc4c149dff1210727059b82a7aac112a486eda

Request headers

:path: /media/system/js/mootools-more.js?3b060fbde409d13456cd3a68b1f6290c
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:32:12 GMT
server: nginx/1.14.2
etag: "5f462c1c-39d19"
content-type: application/javascript
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 236825
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET
H2 200 bootstrap.min.js Show response
support.grunwald.ru/media/jui/js/ 28 KB
29 KB 208ms
204ms Script
application/javascript 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://support.grunwald.ru/media/jui/js/bootstrap.min.js?3b060fbde409d13456cd3a68b1f6290c
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: b240d68de7c3795c87771f510527c201d7d67f0e065d973b16bf86855932f9a2

Request headers

:path: /media/jui/js/bootstrap.min.js?3b060fbde409d13456cd3a68b1f6290c
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:31:58 GMT
server: nginx/1.14.2
etag: "5f462c0e-71c6"
content-type: application/javascript
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 29126
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET
H2 200 styles.css
support.grunwald.ru/templates/driverally/css/ 22 KB
22 KB 205ms
200ms Stylesheet
text/css 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://support.grunwald.ru/templates/driverally/css/styles.css
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: df527c66599dd5d18d9e10452e5f25639ed8a865d41567ec4e3cd86756038186

Request headers

:path: /templates/driverally/css/styles.css
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:26:25 GMT
server: nginx/1.14.2
etag: "5f462ac1-5748"
content-type: text/css
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 22344
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET
H2 200 template.css
support.grunwald.ru/templates/driverally/css/ 51 KB
51 KB 205ms
201ms Stylesheet
text/css 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://support.grunwald.ru/templates/driverally/css/template.css
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: 58d91cc5353cb12183005a33800fd096c2d59338c8a0962317189547029c8359

Request headers

:path: /templates/driverally/css/template.css
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:26:25 GMT
server: nginx/1.14.2
etag: "5f462ac1-cbba"
content-type: text/css
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 52154
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET
H2 200 style2.css
support.grunwald.ru/templates/driverally/css/ 619 B
796 B 205ms
201ms Stylesheet
text/css 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://support.grunwald.ru/templates/driverally/css/style2.css
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: 23a5f4741cf666e540ff561dd971038bb48c2853d039c47990062f9d6f2259d2

Request headers

:path: /templates/driverally/css/style2.css
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:26:25 GMT
server: nginx/1.14.2
etag: "5f462ac1-26b"
content-type: text/css
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 619
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET
H2 200 analytics.js Show response
support.grunwald.ru/templates/driverally/modules/ 450 B
637 B 208ms
204ms Script
application/javascript 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://support.grunwald.ru/templates/driverally/modules/analytics.js
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: 52d49bc1c4f2e0defe116c0a2d0c35883b7f2f919f3e72afdbbb5b8d3193d980

Request headers

:path: /templates/driverally/modules/analytics.js
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:26:27 GMT
server: nginx/1.14.2
etag: "5f462ac3-1c2"
content-type: application/javascript
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 450
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET
H2 200 jscript.js Show response
support.grunwald.ru/templates/driverally/html/com_content/archive/ 289 B
476 B 208ms
204ms Script
application/javascript 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://support.grunwald.ru/templates/driverally/html/com_content/archive/jscript.js
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: 7d6005938058587c5cf0c20e3362eb34d8e74822fdc521e114adab287cfa98f0

Request headers

:path: /templates/driverally/html/com_content/archive/jscript.js
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:26:35 GMT
server: nginx/1.14.2
etag: "5f462acb-121"
content-type: application/javascript
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 289
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET
H2 404 jload.js
support.grunwald.ru/templates/driverally/modules/ 0
0 209ms
205ms Script
text/html 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://support.grunwald.ru/templates/driverally/modules/jload.js
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash

Request headers

:path: /templates/driverally/modules/jload.js
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
content-encoding: gzip
server: nginx/1.14.2
content-type: text/html

GET
H2 200 jscroll.js Show response
support.grunwald.ru/templates/driverally/modules/ 484 B
671 B 209ms
205ms Script
application/javascript 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://support.grunwald.ru/templates/driverally/modules/jscroll.js
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: 6918d6d791d6c1d9daa7aee4e27ac93d0c33db07aa07fe06ab31ae2c065c2400

Request headers

:path: /templates/driverally/modules/jscroll.js
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:26:27 GMT
server: nginx/1.14.2
etag: "5f462ac3-1e4"
content-type: application/javascript
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 484
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET
H2 200 logo.png
support.grunwald.ru/templates/driverally/images/ 16 KB
16 KB 54ms
53ms Image
image/png 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.grunwald.ru/templates/driverally/images/logo.png
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: b6d280f2940f76e888cec97c0ba6071751c043612910fe93e1a3b19e34c930ce

Request headers

:path: /templates/driverally/images/logo.png
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:26:26 GMT
server: nginx/1.14.2
etag: "5f462ac2-3fa2"
content-type: image/png
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 16290
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET
H2 200 1.jpg
support.grunwald.ru/templates/driverally/slideshow/ 309 KB
310 KB 55ms
54ms Image
image/jpeg 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.grunwald.ru/templates/driverally/slideshow/1.jpg
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: c1ecbf0ca8021604154fdc23f84332a7832d401d133adafe5f656cdd60d9b699

Request headers

:path: /templates/driverally/slideshow/1.jpg
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:26:28 GMT
server: nginx/1.14.2
etag: "5f462ac4-4d59f"
content-type: image/jpeg
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 316831
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET
H2 200 2.jpg
support.grunwald.ru/templates/driverally/slideshow/ 334 KB
335 KB 56ms
49ms Image
image/jpeg 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.grunwald.ru/templates/driverally/slideshow/2.jpg
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: dabec47e513002d5683b223cb53c49012cf9efe5d11a3e257f69841af134ff5a

Request headers

:path: /templates/driverally/slideshow/2.jpg
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:26:28 GMT
server: nginx/1.14.2
etag: "5f462ac4-5389d"
content-type: image/jpeg
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 342173
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET
H2 200 3.jpg
support.grunwald.ru/templates/driverally/slideshow/ 285 KB
286 KB 60ms
49ms Image
image/jpeg 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.grunwald.ru/templates/driverally/slideshow/3.jpg
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: ce17dc2640366f576bae917f0273df37e1ab66074f6dbc1caa587089e38516b2

Request headers

:path: /templates/driverally/slideshow/3.jpg
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:26:28 GMT
server: nginx/1.14.2
etag: "5f462ac4-474d9"
content-type: image/jpeg
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 292057
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET
H2 404 4.jpg
support.grunwald.ru/templates/driverally/slideshow/ 571 B
571 B 72ms
62ms Image
text/html 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.grunwald.ru/templates/driverally/slideshow/4.jpg
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: d50b9852ce176350c41f3a8b9bc01132659f8b18b9ccec1cdea6e98d28176daf

Request headers

:path: /templates/driverally/slideshow/4.jpg
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
content-encoding: gzip
server: nginx/1.14.2
content-type: text/html

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
40 KB 67ms
34ms Script
application/javascript 172.217.23.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-76975634-3

Requested by

Host: support.grunwald.ru
URL: https://support.grunwald.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

cce35310cf823ef643101f39cf524646e2173be0da703e8ea1c4ccdcff1c8fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40374
x-xss-protection: 0
expires: Tue, 21 Sep 2021 00:06:33 GMT

GET
H2 200 tech_support.png
support.grunwald.ru/images/ 32 KB
32 KB 72ms
63ms Image
image/png 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.grunwald.ru/images/tech_support.png
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: c3642dd2460cdc44889718cbea99907186a5b56fb0624972cfeff639dd77dbfb

Request headers

:path: /images/tech_support.png
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:30:28 GMT
server: nginx/1.14.2
etag: "5f462bb4-7f61"
content-type: image/png
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 32609
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET css
fonts.googleapis.com/ 0
0

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 42ms
9ms Script
text/javascript 216.58.212.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: support.grunwald.ru
URL: https://support.grunwald.ru/templates/driverally/modules/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.136 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f8.1e100.net

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4146
date: Mon, 20 Sep 2021 22:57:27 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 21 Sep 2021 00:57:27 GMT

GET
H2 404 jload.js
support.grunwald.ru/templates/driverally/modules/ 0
0 54ms
53ms Script
text/html 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://support.grunwald.ru/templates/driverally/modules/jload.js
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash

Request headers

:path: /templates/driverally/modules/jload.js
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
content-encoding: gzip
server: nginx/1.14.2
content-type: text/html

GET
H2 200 bannerwd.png
support.grunwald.ru/templates/driverally/images/ 3 KB
3 KB 106ms
97ms Image
image/png 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.grunwald.ru/templates/driverally/images/bannerwd.png
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/templates/driverally/css/styles.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: 9ed66e74a05cf54e421306ac1c05ea1b915c37088dfa0b8cfc6e4e8a400f2c30

Request headers

:path: /templates/driverally/images/bannerwd.png
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/templates/driverally/css/styles.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/templates/driverally/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:26:26 GMT
server: nginx/1.14.2
etag: "5f462ac2-afa"
content-type: image/png
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 2810
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET
H2 200 glow.png
support.grunwald.ru/templates/driverally/images/ 5 KB
5 KB 96ms
93ms Image
image/png 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.grunwald.ru/templates/driverally/images/glow.png
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/templates/driverally/css/styles.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: 37d1ac1ee62c8e139b955a2f55325d173b7507001d00050454abc0ecbdf67077

Request headers

:path: /templates/driverally/images/glow.png
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/templates/driverally/css/styles.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/templates/driverally/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:26:26 GMT
server: nginx/1.14.2
etag: "5f462ac2-150e"
content-type: image/png
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 5390
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET
H2 200 menu.png
support.grunwald.ru/templates/driverally/images/ 851 B
1 KB 88ms
76ms Image
image/png 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.grunwald.ru/templates/driverally/images/menu.png
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/templates/driverally/css/styles.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: 73993229808b7d2113c10a235adc50b966b2dbc3c97dd2f0fd57ca1bef809ba4

Request headers

:path: /templates/driverally/images/menu.png
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/templates/driverally/css/styles.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/templates/driverally/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:26:26 GMT
server: nginx/1.14.2
etag: "5f462ac2-353"
content-type: image/png
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 851
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET
H2 200 loading.gif
support.grunwald.ru/templates/driverally/slideshow/files/components/ 3 KB
3 KB 88ms
76ms Image
image/gif 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.grunwald.ru/templates/driverally/slideshow/files/components/loading.gif
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/templates/driverally/slideshow/files/orbit-1.2.3.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: 56b45911e051c1646d4d3142025c2bde7ce98db38259c207959ac2413db542b5

Request headers

:path: /templates/driverally/slideshow/files/components/loading.gif
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/templates/driverally/slideshow/files/orbit-1.2.3.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/templates/driverally/slideshow/files/orbit-1.2.3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:26:36 GMT
server: nginx/1.14.2
etag: "5f462acc-a30"
content-type: image/gif
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 2608
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET
H2 200 top.png
support.grunwald.ru/templates/driverally/images/ 3 KB
3 KB 88ms
76ms Image
image/png 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.grunwald.ru/templates/driverally/images/top.png
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/templates/driverally/css/styles.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: 7569981ecda6509f584115c42a822700dcd3f700db0dff68447b1500bae8f402

Request headers

:path: /templates/driverally/images/top.png
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/templates/driverally/css/styles.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/templates/driverally/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:26:27 GMT
server: nginx/1.14.2
etag: "5f462ac3-c00"
content-type: image/png
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 3072
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET
H2 200 embed Show response
onedrive.live.com/ Frame 0CE7 61 KB
21 KB 1053ms
866ms Document
text/html 13.107.42.13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://onedrive.live.com/embed?resid=19B47E6386D2EF20%211094&authkey=%21AKjRPcS4HgtThDw&em=2&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27!A2&Item=%27VIN%27!A1%3AG10&wdHideGridlines=True&wdInConfigurator=True

Requested by

Host: support.grunwald.ru
URL: https://support.grunwald.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.42.13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fd01339351e5e649fb01b61f12400759c192039c702b53195dfafb6c161f5f9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onedrive.live.com
:scheme: https
:path: /embed?resid=19B47E6386D2EF20%211094&authkey=%21AKjRPcS4HgtThDw&em=2&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27!A2&Item=%27VIN%27!A1%3AG10&wdHideGridlines=True&wdInConfigurator=True
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://support.grunwald.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
set-cookie: E=P:aqEWrJN82Yg=:wutz7OJOrB6tFYL5xU6HzAUI+Dt/BMSdOccWX/+QqNc=:F; domain=.live.com; path=/ xid=faca8bbd-7c0e-4cae-a6a2-d954509d41b6&&RD00155D6F6AF3&309; domain=.live.com; path=/ xidseq=1; domain=.live.com; path=/ LD=; domain=.live.com; expires=Mon, 20-Sep-2021 22:26:33 GMT; path=/ wla42=; domain=live.com; expires=Tue, 28-Sep-2021 00:06:34 GMT; path=/
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-msnserver: RD00155D6F6AF3
x-odwebserver: northcentralus1-odwebpl
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 64BFEBB0905B48C397D1BEE0A214DDEF Ref B: PRG01EDGE0820 Ref C: 2021-09-21T00:06:33Z
date: Tue, 21 Sep 2021 00:06:33 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 131 KB
47 KB 158ms
69ms Script
application/javascript 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: support.grunwald.ru
URL: https://support.grunwald.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

00486cc6c680bb888862c79194097bb7162d1fcd548edc43218af0cb5af941b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
content-encoding: br
last-modified: Mon, 20 Sep 2021 15:46:01 GMT
etag: "61488289-b939"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 47417
expires: Tue, 21 Sep 2021 01:06:33 GMT

GET
H2 200 arrow_up.png
support.grunwald.ru/templates/driverally/images/ 359 B
537 B 59ms
59ms Image
image/png 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.grunwald.ru/templates/driverally/images/arrow_up.png
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/templates/driverally/css/style2.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: 66b453a1fea4fb3c6f1b13f60325aa57e16a5a2efeda67d25ee049fd87883873

Request headers

:path: /templates/driverally/images/arrow_up.png
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/templates/driverally/css/style2.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/templates/driverally/css/style2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Wed, 26 Aug 2020 09:26:26 GMT
server: nginx/1.14.2
etag: "5f462ac2-167"
content-type: image/png
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 359
expires: Mon, 27 Dec 2021 00:06:33 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 17ms
16ms Image
image/gif 216.58.212.136
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=548146608&utmhn=support.grunwald.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Grunwald%20Support%20-%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F&utmhid=1808940164&utmr=-&utmp=%2F&utmht=1632182793704&utmac=%3C?php%20echo%20($googleanalytics);%20?%3E&utmcc=__utma%3D71392145.122139996.1632182794.1632182794.1632182794.1%3B%2B__utmz%3D71392145.1632182794.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=479540474&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: support.grunwald.ru
URL: https://support.grunwald.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.136 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f8.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:06:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 58ms
6ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-76975634-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4473
date: Mon, 20 Sep 2021 22:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Tue, 21 Sep 2021 00:52:00 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9402.Y8vnPqe4PPL0zFPgmoeI_pXGQp_c3m3SnF9aeH6Bz49b0YLSJpe3bwWp98OnBMi2.hoEY1u81vIMUnCcuoBHDRybUrmE%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9402.pEeqZGcQ2AoZ4lwHv2iM3RR0Dk9ibaLD3KlLKtJKqFOMhcXGqkhO4zdzKawHFOo2RUMh-EYPgrQZ9Cke8a4ajw%2C%2C.RhAckFry-o5aB09xPTAbrervclc%2C

75 B
75 B

35ms
35ms

Image
text/html

93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9402.pEeqZGcQ2AoZ4lwHv2iM3RR0Dk9ibaLD3KlLKtJKqFOMhcXGqkhO4zdzKawHFOo2RUMh-EYPgrQZ9Cke8a4ajw%2C%2C.RhAckFry-o5aB09xPTAbrervclc%2C

Requested by

Host: support.grunwald.ru
URL: https://support.grunwald.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:34 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9402.pEeqZGcQ2AoZ4lwHv2iM3RR0Dk9ibaLD3KlLKtJKqFOMhcXGqkhO4zdzKawHFOo2RUMh-EYPgrQZ9Cke8a4ajw%2C%2C.RhAckFry-o5aB09xPTAbrervclc%2C
date: Tue, 21 Sep 2021 00:06:34 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 41ms
41ms Image
image/gif 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: support.grunwald.ru
URL: https://support.grunwald.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:33 GMT
last-modified: Mon, 20 Sep 2021 15:46:01 GMT
etag: "61488289-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 21 Sep 2021 01:06:33 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 53ms
28ms XHR
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1808940164&t=pageview&_s=1&dl=https%3A%2F%2Fsupport.grunwald.ru%2F&ul=en-us&de=UTF-8&dt=Grunwald%20Support%20-%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=71392145.122139996.1632182794.1632182794.1632182794.1&_utmz=71392145.1632182794.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1632182793954&_u=YQBCAUABAAAAAC~&jid=1489373512&gjid=1510822464&cid=122139996.1632182794&tid=UA-76975634-3&_gid=776741264.1632182794&_r=1&gtm=2ou9k0&z=1525824255

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.grunwald.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:06:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://support.grunwald.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/47012490/
Redirect Chain

https://mc.yandex.com/watch/47012490?wmode=7&page-url=https%3A%2F%2Fsupport.grunwald.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A727%3Afu%3A0%3Aen%3Autf-8%3A...
https://mc.yandex.com/watch/47012490/1?wmode=7&page-url=https%3A%2F%2Fsupport.grunwald.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A727%3Afu%3A0%3Aen%3Autf-8%...

350 B
432 B

38ms
38ms

XHR
application/json

93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/47012490/1?wmode=7&page-url=https%3A%2F%2Fsupport.grunwald.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A727%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A644%3Acn%3A1%3Adp%3A0%3Als%3A497560019454%3Ahid%3A235749350%3Az%3A0%3Ai%3A20210921000633%3Aet%3A1632182794%3Ac%3A1%3Arn%3A890184657%3Arqn%3A1%3Au%3A1632182794941163526%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632182792906%3Ads%3A0%2C0%2C57%2C1%2C160%2C0%2C%2C506%2C21%2C%2C%2C%2C728%3Adsn%3A0%2C0%2C57%2C1%2C160%2C0%2C%2C509%2C21%2C%2C%2C%2C728%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632182794%3At%3AGrunwald%20Support%20-%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F

Requested by

Host: support.grunwald.ru
URL: https://support.grunwald.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

a40d6bd1a35a0120958f37a470fcff4088c7c3276a2b3fb2d2936c8bbe4c17e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:06:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 21-Sep-2021 00:06:34 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://support.grunwald.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Tue, 21-Sep-2021 00:06:34 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:06:34 GMT
last-modified: Tue, 21-Sep-2021 00:06:34 GMT
location: /watch/47012490/1?wmode=7&page-url=https%3A%2F%2Fsupport.grunwald.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzp3o2dbm15p1mc%3Afp%3A727%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A644%3Acn%3A1%3Adp%3A0%3Als%3A497560019454%3Ahid%3A235749350%3Az%3A0%3Ai%3A20210921000633%3Aet%3A1632182794%3Ac%3A1%3Arn%3A890184657%3Arqn%3A1%3Au%3A1632182794941163526%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632182792906%3Ads%3A0%2C0%2C57%2C1%2C160%2C0%2C%2C506%2C21%2C%2C%2C%2C728%3Adsn%3A0%2C0%2C57%2C1%2C160%2C0%2C%2C509%2C21%2C%2C%2C%2C728%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632182794%3At%3AGrunwald%20Support%20-%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F
strict-transport-security: max-age=31536000
access-control-allow-origin: https://support.grunwald.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 21-Sep-2021 00:06:34 GMT

GET
H2 200 filescss1-11eb1969.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame 0CE7 85 KB
16 KB 84ms
9ms Stylesheet
text/css 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss1-11eb1969.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?resid=19B47E6386D2EF20%211094&authkey=%21AKjRPcS4HgtThDw&em=2&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27!A2&Item=%27VIN%27!A1%3AG10&wdHideGridlines=True&wdInConfigurator=True
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Sep 2021 00:06:34 GMT
content-encoding: gzip
content-md5: EesZadmsnx78d9ZWIKfswQ==
content-length: 15784
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53BE6E430
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6d2753fc-501e-00e6-0ad5-eb0c22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=11621780
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 filescss2-a303a402.css
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001// Frame 0CE7 169 KB
30 KB 83ms
8ms Stylesheet
text/css 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001//filescss2-a303a402.css
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?resid=19B47E6386D2EF20%211094&authkey=%21AKjRPcS4HgtThDw&em=2&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27!A2&Item=%27VIN%27!A1%3AG10&wdHideGridlines=True&wdInConfigurator=True
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Sep 2021 00:06:34 GMT
content-encoding: gzip
content-md5: owOkAskXvYo3Ps40fhU7TQ==
content-length: 30548
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53C3A1C6F
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 45647edb-101e-00c8-61d5-eb8ce5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=7861939
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 rotator-black.png
support.grunwald.ru/templates/driverally/slideshow/files/components/ 733 B
911 B 51ms
51ms Image
image/png 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.grunwald.ru/templates/driverally/slideshow/files/components/rotator-black.png
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/templates/driverally/slideshow/files/orbit-1.2.3.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: eb6ce0925319afff5bf85c55d4dee6f1239e851b4264ffa14e951aee2bbeab26

Request headers

:path: /templates/driverally/slideshow/files/components/rotator-black.png
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos; __utma=71392145.122139996.1632182794.1632182794.1632182794.1; __utmc=71392145; __utmz=71392145.1632182794.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=71392145.1.10.1632182794; _ym_uid=1632182794941163526; _ym_d=1632182794; _ga=GA1.2.122139996.1632182794; _gid=GA1.2.776741264.1632182794; _gat_gtag_UA_76975634_3=1; _ym_isad=2; _ym_visorc=w
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/templates/driverally/slideshow/files/orbit-1.2.3.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/templates/driverally/slideshow/files/orbit-1.2.3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:34 GMT
last-modified: Wed, 26 Aug 2020 09:26:37 GMT
server: nginx/1.14.2
etag: "5f462acd-2dd"
content-type: image/png
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 733
expires: Mon, 27 Dec 2021 00:06:34 GMT

GET
H2 200 pause-black.png
support.grunwald.ru/templates/driverally/slideshow/files/components/ 330 B
508 B 54ms
53ms Image
image/png 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.grunwald.ru/templates/driverally/slideshow/files/components/pause-black.png
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/templates/driverally/slideshow/files/orbit-1.2.3.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: 7f1e515f5b5de6cf9e095e97e7f91bde29716cb4bb496d69f53a228e651751ac

Request headers

:path: /templates/driverally/slideshow/files/components/pause-black.png
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos; __utma=71392145.122139996.1632182794.1632182794.1632182794.1; __utmc=71392145; __utmz=71392145.1632182794.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=71392145.1.10.1632182794; _ym_uid=1632182794941163526; _ym_d=1632182794; _ga=GA1.2.122139996.1632182794; _gid=GA1.2.776741264.1632182794; _gat_gtag_UA_76975634_3=1; _ym_isad=2; _ym_visorc=w
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/templates/driverally/slideshow/files/orbit-1.2.3.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/templates/driverally/slideshow/files/orbit-1.2.3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:34 GMT
last-modified: Wed, 26 Aug 2020 09:26:36 GMT
server: nginx/1.14.2
etag: "5f462acc-14a"
content-type: image/png
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 330
expires: Mon, 27 Dec 2021 00:06:34 GMT

GET
H2 200 bullets.png
support.grunwald.ru/templates/driverally/slideshow/files/components/ 388 B
566 B 53ms
52ms Image
image/png 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.grunwald.ru/templates/driverally/slideshow/files/components/bullets.png
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/templates/driverally/slideshow/files/orbit-1.2.3.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash: bb7222cfcf4a5744967c74263a7ae6eb54c4035999ced3fa4551d49f9d717409

Request headers

:path: /templates/driverally/slideshow/files/components/bullets.png
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos; __utma=71392145.122139996.1632182794.1632182794.1632182794.1; __utmc=71392145; __utmz=71392145.1632182794.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=71392145.1.10.1632182794; _ym_uid=1632182794941163526; _ym_d=1632182794; _ga=GA1.2.122139996.1632182794; _gid=GA1.2.776741264.1632182794; _gat_gtag_UA_76975634_3=1; _ym_isad=2; _ym_visorc=w
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/templates/driverally/slideshow/files/orbit-1.2.3.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/templates/driverally/slideshow/files/orbit-1.2.3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:34 GMT
last-modified: Wed, 26 Aug 2020 09:26:36 GMT
server: nginx/1.14.2
etag: "5f462acc-184"
content-type: image/png
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 388
expires: Mon, 27 Dec 2021 00:06:34 GMT

POST
H2 200 xlembed.aspx Show response
excel.officeapps.live.com/x/_layouts/ Frame 389D 122 KB
48 KB 404ms
268ms Document
text/html 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=JNl98pNqqUqEfhQwsL67HA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F19B47E6386D2EF20%211094&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27%21A2&Item=%27VIN%27%21A1%3AG10&wdHideGridlines=True&wdInConfigurator=True&sc=host%3D%26qt%3DFolders%26pt%3Dem

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e332e97ad7ff9ecb8f7af90b76e8cebea41cc39f198f3a51ff9f24e30ee6c3c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: POST
:authority: excel.officeapps.live.com
:scheme: https
:path: /x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=JNl98pNqqUqEfhQwsL67HA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F19B47E6386D2EF20%211094&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27%21A2&Item=%27VIN%27%21A1%3AG10&wdHideGridlines=True&wdInConfigurator=True&sc=host%3D%26qt%3DFolders%26pt%3Dem
content-length: 231
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://onedrive.live.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://onedrive.live.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://onedrive.live.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://onedrive.live.com/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: DcLcid=ui=1031&data=1033; expires=Tue, 21-Dec-2021 01:06:35 GMT; path=/; samesite=none; secure; HttpOnly PNL1-Excel-ARRAffinity=9b1e5735bc14d1771e17474835bff827cf2205a06420111e3d5d5831b9cc982a;Path=/;Domain=excel.officeapps.live.com; samesite=none; secure
x-correlationid: bf391436-69ee-4877-96d7-da7ba69b65e8
x-usersessionid: bf391436-69ee-4877-96d7-da7ba69b65e8
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF00006931
x-officeversion: 16.0.14501.31875
x-officecluster: PNL1
x-content-type-options: nosniff
document-policy: js-profiling
cross-origin-resource-policy: cross-origin
x-officefd: AM4PEPF0000F385
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
x-msedge-ref: Ref A: BADA9138CE1A48B983291D784B73E52E Ref B: VIEEDGE3308 Ref C: 2021-09-21T00:06:35Z
date: Tue, 21 Sep 2021 00:06:35 GMT

GET
H2 200 jquery-1.7.2-39eeb07e.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 0CE7 92 KB
33 KB 65ms
22ms Script
application/javascript 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/jquery-1.7.2-39eeb07e.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?resid=19B47E6386D2EF20%211094&authkey=%21AKjRPcS4HgtThDw&em=2&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27!A2&Item=%27VIN%27!A1%3AG10&wdHideGridlines=True&wdInConfigurator=True
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Sep 2021 00:06:34 GMT
content-encoding: gzip
content-md5: Oe6wfmgC4rV/XhCprZvKJA==
content-length: 33335
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E53DB4CCFD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 456481ad-101e-00c8-56d5-eb8ce5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=3197592
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed_s_embed-212fe29f.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 0CE7 483 KB
133 KB 37ms
8ms Script
application/javascript 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed_s_embed-212fe29f.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?resid=19B47E6386D2EF20%211094&authkey=%21AKjRPcS4HgtThDw&em=2&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27!A2&Item=%27VIN%27!A1%3AG10&wdHideGridlines=True&wdInConfigurator=True
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Sep 2021 00:06:34 GMT
content-encoding: gzip
content-md5: IS/in/g30QB+g7MVI79lXQ==
content-length: 135707
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:01 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E533D8DD7F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6d2755cd-501e-00e6-20d5-eb0c22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=19010095
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed1-0986a9b4.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 0CE7 47 KB
14 KB 8ms
6ms Script
application/javascript 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed1-0986a9b4.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?resid=19B47E6386D2EF20%211094&authkey=%21AKjRPcS4HgtThDw&em=2&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27!A2&Item=%27VIN%27!A1%3AG10&wdHideGridlines=True&wdInConfigurator=True
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Sep 2021 00:06:35 GMT
content-encoding: gzip
content-md5: CYaptDz18cVXSIKt0vWKWA==
content-length: 14119
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5332E9B80
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 45648324-101e-00c8-0cd5-eb8ce5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=7481453
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed2-8c600200.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 0CE7 203 KB
68 KB 9ms
7ms Script
application/javascript 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed2-8c600200.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?resid=19B47E6386D2EF20%211094&authkey=%21AKjRPcS4HgtThDw&em=2&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27!A2&Item=%27VIN%27!A1%3AG10&wdHideGridlines=True&wdInConfigurator=True
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Sep 2021 00:06:35 GMT
content-encoding: gzip
content-md5: jGACACXYYkvx7qKc5FskXg==
content-length: 69276
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:54:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E5337DDB83
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6d2756be-501e-00e6-6fd5-eb0c22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=9764538
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 embed0-54f3ec81.js Show response
spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/ Frame 0CE7 15 KB
6 KB 12ms
11ms Script
application/javascript 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://spoprod-a.akamaihd.net/files/onedrive-website-release-prod_master_20180514.001/embed0-54f3ec81.js
Requested by: Host: onedrive.live.com
URL: https://onedrive.live.com/embed?resid=19B47E6386D2EF20%211094&authkey=%21AKjRPcS4HgtThDw&em=2&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27!A2&Item=%27VIN%27!A1%3AG10&wdHideGridlines=True&wdInConfigurator=True
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54

Request headers

Referer: https://onedrive.live.com/
Origin: https://onedrive.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Sep 2021 00:06:35 GMT
content-encoding: gzip
content-md5: VPPsgWGZk5RDzVgXZtU7Yg==
content-length: 6057
x-ms-lease-status: unlocked
last-modified: Mon, 14 May 2018 21:53:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D5B9E532CDCC12
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b96f33ba-101e-0122-1fd5-eb35b1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type
cache-control: public, max-age=18274479
x-ms-version: 2009-09-19
timing-allow-origin: *

GET
H2 200 Aacorlib.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/ Frame 389D 76 KB
19 KB 190ms
0ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js

Requested by

Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=JNl98pNqqUqEfhQwsL67HA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F19B47E6386D2EF20%211094&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27%21A2&Item=%27VIN%27%21A1%3AG10&wdHideGridlines=True&wdInConfigurator=True&sc=host%3D%26qt%3DFolders%26pt%3Dem

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

3f0015967cfdc00b10ed549580bcfcd6e1ab5aaf057df55855e891ea237fd255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "23f622e893a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF00006932
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 19067
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 03 Sep 2021 07:18:34 GMT
x-officefd: AM4PEPF000068C0
x-msedge-ref: Ref A: C1A6965DD85643BF86BB19158F78402B Ref B: AM3EDGE0218 Ref C: 2021-09-12T17:43:09Z
x-usersessionid: 83345ac9-5beb-4845-897e-d7e38ef2e00a
date: Tue, 21 Sep 2021 00:06:35 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 83345ac9-5beb-4845-897e-d7e38ef2e00a
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.js Show response
c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/ Frame 389D 3 MB
663 KB 188ms
0ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

1d8cb55fdcca003c04dd491dfc92a6314672281ccd0568c0826060a0390f7905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "61792682a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF00006915
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 676424
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Fri, 03 Sep 2021 05:11:28 GMT
x-officefd: AM4PEPF0001041F
x-msedge-ref: Ref A: 00A836BC60C144A6AFAB92700056200B Ref B: AMS04EDGE2311 Ref C: 2021-09-11T06:01:13Z
x-usersessionid: 34353340-f5d1-471d-972a-97be7e207b9e
date: Tue, 21 Sep 2021 00:06:35 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 34353340-f5d1-471d-972a-97be7e207b9e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.Strings.Wac.js Show response
c1h-excel-15.cdn.office.net/x/s/h145DA2F97A4E3EFE__layouts/App_Scripts/1031/ Frame 389D 99 KB
26 KB 198ms
9ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h145DA2F97A4E3EFE__layouts/App_Scripts/1031/Ewa.Strings.Wac.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

145da2f97a4e3efe0e2c44d956760d91f34bf967d01872bb06292d086a30e7c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "c39ce2c498a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF000068DF
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control,2pfz=afd_wordcapacity_4
content-length: 25444
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control,afd_wordcapacity_4
last-modified: Fri, 03 Sep 2021 07:53:22 GMT
x-officefd: AM4PEPF0001041E
x-msedge-ref: Ref A: 740587051491421AA087B80FD82AFA12 Ref B: AMS04EDGE1709 Ref C: 2021-09-11T16:09:17Z
x-usersessionid: d2051970-8935-4336-b9ac-21ffcd206f5c
date: Tue, 21 Sep 2021 00:06:35 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: d2051970-8935-4336-b9ac-21ffcd206f5c
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gridRenderer.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hC5F5AD6CDEF87C78__layouts/App_Scripts/ Frame 389D 516 KB
105 KB 198ms
10ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hC5F5AD6CDEF87C78__layouts/App_Scripts/gridRenderer.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

c5f5ad6cdef87c780ecfd3794c0d5acd000dbd4815ab80b2f72f3265bdc4e9fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "49ab2b169ea0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF000068E8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3,2pfz=afd_wordcapacity_4_control
content-length: 106055
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3,afd_wordcapacity_4_control
last-modified: Fri, 03 Sep 2021 08:31:26 GMT
x-officefd: AM4PEPF0001041C
x-msedge-ref: Ref A: DBB3D1C9321E410E83F2CE37934AA5E4 Ref B: AMS04EDGE2111 Ref C: 2021-09-11T05:29:35Z
x-usersessionid: b365ab4d-afee-4b47-93e3-73dfedd8c056
date: Tue, 21 Sep 2021 00:06:35 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b365ab4d-afee-4b47-93e3-73dfedd8c056
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 clientManifest.js Show response
c1h-excel-15.cdn.office.net/x/s/161450131875__layouts/Resources/de-DE/ Frame 389D 110 KB
38 KB 199ms
11ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/161450131875__layouts/Resources/de-DE/clientManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

6aeced2043d9a095ca4580efeef8af09e7942353fbadfa3191f5c4dbf53120b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "da5862ff92a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF00006924
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 38339
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 03 Sep 2021 07:12:04 GMT
x-officefd: AM4PEPF000068B2
x-msedge-ref: Ref A: 7AEC81B5729A4304BDF1BD87EEDE314A Ref B: AM3EDGE1007 Ref C: 2021-09-11T16:09:17Z
x-usersessionid: b9f5dd23-a891-4bb4-b365-3200ab3e5af0
date: Tue, 21 Sep 2021 00:06:35 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: b9f5dd23-a891-4bb4-b365-3200ab3e5af0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 richTextEditor.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h426CD95DF4577DD8__layouts/App_Scripts/ Frame 389D 282 KB
58 KB 200ms
12ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h426CD95DF4577DD8__layouts/App_Scripts/richTextEditor.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

426cd95df4577dd867ece754474b1de96ce020b734f27ce35c47cac7165d0b7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "22c6921893a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF00006922
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 58102
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
last-modified: Fri, 03 Sep 2021 07:12:46 GMT
x-officefd: AM4PEPF000068AE
x-msedge-ref: Ref A: E5F34E18873B4CEBAA23B86DE8C99448 Ref B: AMS04EDGE2319 Ref C: 2021-09-13T05:47:41Z
x-usersessionid: fe0ca853-4073-4859-b464-a585bc36cba1
date: Tue, 21 Sep 2021 00:06:35 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: fe0ca853-4073-4859-b464-a585bc36cba1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwrDefault.css
c1h-excel-15.cdn.office.net/x/s/h1649ECF36F462942__layouts/Resources/1031/ Frame 389D 128 KB
27 KB 172ms
0ms Stylesheet
text/css 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h1649ECF36F462942__layouts/Resources/1031/EwrDefault.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

1649ecf36f462942fd217553d73feedd25ab8824af7b2219ad4d947a2913778f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "a7fbdac681a8d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF00006918
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 26669
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Sep 2021 09:28:57 GMT
x-officefd: AM4PEPF000068AE
x-msedge-ref: Ref A: B462DF134436434D8E93AF0D79C57D62 Ref B: AM3EDGE0220 Ref C: 2021-09-17T18:27:25Z
x-usersessionid: fd222c47-b592-4952-8a27-69dadfa606d9
date: Tue, 21 Sep 2021 00:06:35 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-correlationid: fd222c47-b592-4952-8a27-69dadfa606d9
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excelframe.css
c1h-excel-15.cdn.office.net/x/s/hE6BADC2A49867D22__layouts/Resources/1031/ Frame 389D 64 KB
14 KB 181ms
0ms Stylesheet
text/css 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hE6BADC2A49867D22__layouts/Resources/1031/excelframe.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

e6badc2a49867d2223c9a45d6cbcdfd79f9d8f3b2e8520e517eea76a8b8c44aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "610a7a99a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF000068D1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 13785
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 03 Sep 2021 07:58:26 GMT
x-officefd: AM4PEPF000068A5
x-msedge-ref: Ref A: 0D14ABF5491A4881B323A8ADE1CF4CDD Ref B: AMS04EDGE2115 Ref C: 2021-09-11T05:43:49Z
x-usersessionid: 5226b69f-9f9b-4a7f-a21d-98479928c4f0
date: Tue, 21 Sep 2021 00:06:35 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-correlationid: 5226b69f-9f9b-4a7f-a21d-98479928c4f0
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame 389D 376 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46689198526f176cb3bb2881be2e8f1273be7293fea0625f2c3bfa2058c9b422

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 ewaembed.png
c1h-excel-15.cdn.office.net/x/s/hDEF6F7343B3FA794__layouts/Resources/ Frame 389D 4 KB
4 KB 62ms
14ms Image
image/png 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hDEF6F7343B3FA794__layouts/Resources/ewaembed.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

def6f7343b3fa79427426a51dbf484dc713fb9cc6d2813316303c73f05f29b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "56bfeefcbca8d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF0000690F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control,2pfz=afd_wordcapacity_4_control
content-length: 3592
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control,afd_wordcapacity_4_control
last-modified: Mon, 13 Sep 2021 16:32:48 GMT
x-officefd: AM4PEPF0000689E
x-msedge-ref: Ref A: 83EE423DB52E43A295E6BAC00840BB57 Ref B: AM3EDGE0504 Ref C: 2021-09-14T22:35:53Z
x-usersessionid: 13069c12-0c7d-4284-8e8a-3e22d5a07888
date: Tue, 21 Sep 2021 00:06:35 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 13069c12-0c7d-4284-8e8a-3e22d5a07888
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excelembed28.png
c1h-excel-15.cdn.office.net/x/s/h66C6B19E56A3A283__layouts/Resources/ Frame 389D 458 B
1 KB 60ms
15ms Image
image/png 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h66C6B19E56A3A283__layouts/Resources/excelembed28.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

66c6b19e56a3a283448cfa65e8c47dbc8ac0a83050bb9029f82ed18c4409e1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "836e691893a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF00006929
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 458
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_onenoteslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Fri, 03 Sep 2021 07:12:46 GMT
x-officefd: AM4PEPF000068C0
x-msedge-ref: Ref A: 3EA3B08B184E497D98428B046C07DF6C Ref B: AM3EDGE0616 Ref C: 2021-09-12T18:12:15Z
x-usersessionid: 3c098605-bdc8-4406-a6ea-db5d055767ab
date: Tue, 21 Sep 2021 00:06:35 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 3c098605-bdc8-4406-a6ea-db5d055767ab
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteTelemetry.ashx Show response
excel.officeapps.live.com/x/_layouts/ Frame 389D 0
354 B 51ms
50ms XHR
text/plain 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_layouts/RemoteTelemetry.ashx

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=JNl98pNqqUqEfhQwsL67HA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F19B47E6386D2EF20%211094&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27%21A2&Item=%27VIN%27%21A1%3AG10&wdHideGridlines=True&wdInConfigurator=True&sc=host%3D%26qt%3DFolders%26pt%3Dem
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF0001041A
x-officeversion: 16.0.14501.31875
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 4c7c7eb1-eb96-4888-a4e8-e82ac637f792
x-officecluster: PNL1
x-usersessionid: 4c7c7eb1-eb96-4888-a4e8-e82ac637f792
date: Tue, 21 Sep 2021 00:06:36 GMT
x-download-options: noopen
access-control-allow-origin: https://excel.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: E9C71181ABBF4EBB8BCDB5E7324BFEC5 Ref B: VIEEDGE3308 Ref C: 2021-09-21T00:06:36Z
timing-allow-origin: *
x-officefe: AM4PEPF00006931

GET
H/1.1 200
OK 36920727911
fs.microsoft.com/fs/4.7/rawguids/ Frame 389D 1 MB
617 KB 165ms
19ms Font
application/octet-stream 2.18.232.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.microsoft.com/fs/4.7/rawguids/36920727911
Requested by: Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=JNl98pNqqUqEfhQwsL67HA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F19B47E6386D2EF20%211094&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27%21A2&Item=%27VIN%27%21A1%3AG10&wdHideGridlines=True&wdInConfigurator=True&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-120.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3750f5d563d062ed8c4e2a0516da3374b8fbcdedee0608e107efd97ded80bcae

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:06:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 May 2018 19:13:41 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "ead2803dce3d31:0"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=32054
Transfer-Encoding: chunked
Content-Disposition: attachment; filename=36920727911
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
X-CID: 2

GET
H/1.1 200
OK 44327025345
fs.microsoft.com/fs/4.7/rawguids/ Frame 389D 1 MB
715 KB 89ms
15ms Font
application/octet-stream 2.18.232.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.microsoft.com/fs/4.7/rawguids/44327025345
Requested by: Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=JNl98pNqqUqEfhQwsL67HA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F19B47E6386D2EF20%211094&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27%21A2&Item=%27VIN%27%21A1%3AG10&wdHideGridlines=True&wdInConfigurator=True&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-120.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1522f5c0f14d035c42540d84ad4d00d92b72240e91784c15c59e12921a1f0d79

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:06:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 May 2018 19:13:07 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "126af7eedbe3d31:0"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=105906
Transfer-Encoding: chunked
Content-Disposition: attachment; filename=44327025345
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
X-CID: 2

GET
BLOB 200
OK 975d73ae-9256-41c7-8fdd-cc46060e4f51
https://excel.officeapps.live.com/ Frame 389D 229 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://excel.officeapps.live.com/975d73ae-9256-41c7-8fdd-cc46060e4f51
Requested by: Host: excel.officeapps.live.com
URL: https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=JNl98pNqqUqEfhQwsL67HA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F19B47E6386D2EF20%211094&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27%21A2&Item=%27VIN%27%21A1%3AG10&wdHideGridlines=True&wdInConfigurator=True&sc=host%3D%26qt%3DFolders%26pt%3Dem
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2820061acdbde09cbfbd98b6a84a4fde4e17b96ef6962d822dd43a4f4084ea2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 229
Content-Type: application/javascript

GET
H2 200 Ewa.tmcore.js Show response
c1h-excel-15.cdn.office.net/x/s/h01EF1B08588AB806__layouts/App_Scripts/ Frame 389D 20 KB
6 KB 32ms
3ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h01EF1B08588AB806__layouts/App_Scripts/Ewa.tmcore.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

01ef1b08588ab806358bd49de2094fd8b9e1b0b24dd2f04adaed703b56fda4d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "7d97a3e887a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF0000690C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 5837
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
last-modified: Fri, 03 Sep 2021 05:52:41 GMT
x-officefd: AM4PEPF0000689D
x-msedge-ref: Ref A: BFA87F9D4F31497C83DCBCB420747627 Ref B: AM3EDGE0322 Ref C: 2021-09-11T07:37:13Z
x-usersessionid: e251fba8-d236-4185-9805-01d85ba387ea
date: Tue, 21 Sep 2021 00:06:36 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: e251fba8-d236-4185-9805-01d85ba387ea
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excelOnline.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h0F7DCFFF4F0DEBDF__layouts/App_Scripts/ Frame 389D 8 KB
3 KB 7ms
7ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h0F7DCFFF4F0DEBDF__layouts/App_Scripts/excelOnline.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

0f7dcfff4f0debdf3f67e3619a58bfc2684e0a301121380f43c0065406e852e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "556e9e628da0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF00006941
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 2499
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Fri, 03 Sep 2021 06:31:53 GMT
x-officefd: AM4PEPF000068AE
x-msedge-ref: Ref A: 5488E84DAD16487381850569B5B1E52A Ref B: AMS04EDGE2319 Ref C: 2021-09-13T05:46:20Z
x-usersessionid: ac1cf1ab-d638-4a9a-89e6-4a0c4d251d5b
date: Tue, 21 Sep 2021 00:06:36 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: ac1cf1ab-d638-4a9a-89e6-4a0c4d251d5b
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 GetRangeContentJson Show response
excel.officeapps.live.com/x/_vti_bin/DynamicGridContent.json/ Frame 389D 20 KB
5 KB 72ms
71ms XHR
application/json 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_vti_bin/DynamicGridContent.json/GetRangeContentJson?context=%7B%22WorkbookMetadataParameter%22%3A%7B%22WorkbookMetadataState%22%3A%7B%22MetadataVersion%22%3A0%2C%22ServerEventVersion%22%3A0%7D%7D%2C%22ClientRequestId%22%3A%22c33951ed-c53a-4820-9316-d5e1504f0d5a%22%2C%22MakeInstantaneousChange%22%3Afalse%2C%22SessionId%22%3A%2215.AM4PEPF000069311.A80.1.V25.800507lM0MDa6xO5E%2FgRwwFzv14.5.de-DE5.en-US23.19b47e6386d2ef20-Public1.S1.N16.16.0.14501.3187514.5.de-DE5.en-US1.V1.N0.1.S%22%2C%22TransientEditSessionToken%22%3Anull%2C%22PermissionFlags%22%3A344187%2C%22Configurations%22%3A1648656%2C%22CompleteResponseTimeout%22%3A0%2C%22IsWindowHidden%22%3Afalse%2C%22MachineCluster%22%3A%22PNL1%22%2C%22AjaxOptions%22%3A0%2C%22ReturnSheetProcessedData%22%3Afalse%7D&ewaControlId=%22m_excelEmbedRenderer_ctl15_ewaCtl_m_ewa%22&currentObject=%22%27VIN%27!A1%3AG10%22&namedObjectViewData=%7B%22Mode%22%3A0%2C%22Settings%22%3A1%7D&row=0&column=0&rowCount=28&columnCount=30&blockPosition=%7B%22X%22%3A0%2C%22Y%22%3A0%2C%22PaneType%22%3A1%7D&revision=0&previousRevision=-1&digest=%22%22&renderingOptions=25&colorScheme=null&ecsSpreadsheetDigest=null&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e12e254db4137e7499b0d434cee3e96ec398c953581a3930d7d6bb927fc43eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacNoAuth: 1
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.14501.31875
X-Key: Ms5C2bIP3hWc5OZUGn/bNLL6r2jp/7jVkff5BODTV7E=,637677795952682859
X-Requested-With: XMLHttpRequest
X-xhr: 1
X-XL-SessionId: 15.AM4PEPF000069311.A80.1.V25.800507lM0MDa6xO5E/gRwwFzv14.5.de-DE5.en-US23.19b47e6386d2ef20-Public1.S1.N16.16.0.14501.3187514.5.de-DE5.en-US1.V1.N0.1.S
haep: 1
X-AccessToken: 4wDVOE6QgcIWe45jlvzBUnlAEauTmbWDrxwD7UY5MG6kgoxouKsMHYDHyJoJ9lvChv3daVD2uYAZMUryVY8qrBxgnxFw_xO61E9wnoc3c0YZnLCNdDStYqn_O8A7tMOgnqDYWiXalUapXfxA8ymNbXUg
X-UserSessionId: bf391436-69ee-4877-96d7-da7ba69b65e8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8
X-ClientBootEpochTimeStamp: 1632182795.268286
X-CorrelationId: da702230-9e6f-4b99-8a74-1ff8aefdc45f
Referer: https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=JNl98pNqqUqEfhQwsL67HA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F19B47E6386D2EF20%211094&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27%21A2&Item=%27VIN%27%21A1%3AG10&wdHideGridlines=True&wdInConfigurator=True&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserType: WOPI
X-AccessTokenTtl: 1633997194579
X-WacCluster: PNL1

Response headers

xlsecsid: AM4PEPF00006931
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF00006931
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
xlswfecid: da702230-9e6f-4b99-8a74-1ff8aefdc45f
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 4706
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid: da702230-9e6f-4b99-8a74-1ff8aefdc45f
x-officefd: AM4PEPF000068B8
x-usersessionid: bf391436-69ee-4877-96d7-da7ba69b65e8
date: Tue, 21 Sep 2021 00:06:36 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, max-age=604800
xlsecscid: da702230-9e6f-4b99-8a74-1ff8aefdc45f
x-msedge-ref: Ref A: 538CE0CADE394025BFB618ACA4FA0304 Ref B: VIEEDGE3308 Ref C: 2021-09-21T00:06:36Z
timing-allow-origin: *

GET
H2 200 Ewa.tm.js Show response
c1h-excel-15.cdn.office.net/x/s/hF81BFB51A17B2F99__layouts/App_Scripts/ Frame 389D 145 KB
37 KB 9ms
7ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hF81BFB51A17B2F99__layouts/App_Scripts/Ewa.tm.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

f81bfb51a17b2f99da960378bf877ad620cf5b36556dad069896fd19e30c5baf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "412835d498a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF000068D3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 36700
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Fri, 03 Sep 2021 07:53:48 GMT
x-officefd: AM4PEPF0000F385
x-msedge-ref: Ref A: AF72641820874D2A8C6550434CC132AF Ref B: AM3EDGE0322 Ref C: 2021-09-11T07:37:14Z
x-usersessionid: 469cb854-6d41-4a07-876b-931ee0e34c61
date: Tue, 21 Sep 2021 00:06:37 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 469cb854-6d41-4a07-876b-931ee0e34c61
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.acc.js Show response
c1h-excel-15.cdn.office.net/x/s/hF4C26D44B5F27A56__layouts/App_Scripts/ Frame 389D 285 KB
63 KB 9ms
8ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hF4C26D44B5F27A56__layouts/App_Scripts/Ewa.acc.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

f4c26d44b5f27a564b1980e1a8d51857f2fa4e274aa67f641b8d4e5b91c2ef4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "d5d625b952a8d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF000068F8
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 63827
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Sep 2021 03:52:07 GMT
x-officefd: AM4PEPF000068AD
x-msedge-ref: Ref A: 50E6E671B0AC43C3BDD2A8C03236240B Ref B: AM3EDGE0521 Ref C: 2021-09-13T05:49:13Z
x-usersessionid: 250d1f49-24b9-4e4c-85fd-81f4af25791d
date: Tue, 21 Sep 2021 00:06:37 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 250d1f49-24b9-4e4c-85fd-81f4af25791d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.ev.js Show response
c1h-excel-15.cdn.office.net/x/s/h9944B1FC99C14F0A__layouts/App_Scripts/ Frame 389D 8 KB
3 KB 11ms
11ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h9944B1FC99C14F0A__layouts/App_Scripts/Ewa.ev.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

9944b1fc99c14f0afe75e6911eedea63cfa4b9e361e4ef85cd1e16ad08dd8d00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "12b814109ea0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF000068EA
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 2615
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
last-modified: Fri, 03 Sep 2021 08:31:16 GMT
x-officefd: AM4PEPF000068A6
x-msedge-ref: Ref A: 73B53459367C4499B904235B1073144D Ref B: AMS04EDGE1110 Ref C: 2021-09-12T12:59:00Z
x-usersessionid: 2eb66003-abbb-4048-921a-085f88c7a0b8
date: Tue, 21 Sep 2021 00:06:37 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 2eb66003-abbb-4048-921a-085f88c7a0b8
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
excel.officeapps.live.com/x/ Frame 389D 0
2 KB 159ms
158ms XHR
text/plain 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/RemoteUls.ashx?officeserverversion=16.0.14501.31875&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wDVOE6QgcIWe45jlvzBUnlAEauTmbWDrxwD7UY5MG6kgoxouKsMHYDHyJoJ9lvChv3daVD2uYAZMUryVY8qrBxgnxFw_xO61E9wnoc3c0YZnLCNdDStYqn_O8A7tMOgnqDYWiXalUapXfxA8ymNbXUg
X-UserSessionId: bf391436-69ee-4877-96d7-da7ba69b65e8
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.14501.31875
X-Key: Ms5C2bIP3hWc5OZUGn/bNLL6r2jp/7jVkff5BODTV7E=,637677795952682859
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Referer: https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=JNl98pNqqUqEfhQwsL67HA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F19B47E6386D2EF20%211094&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27%21A2&Item=%27VIN%27%21A1%3AG10&wdHideGridlines=True&wdInConfigurator=True&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1633997194579
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS4
x-officeversion: 16.0.14516.41034
x-officefe: BL6PEPF0000BA37
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 5DFFECF679A2FC7C00513A0222E7FDFB9E769F7F
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-buls-suppressedtags: 378069,1671813,2209344,3290144,4298965,4298968,4298969,4751696,5306497,6375195,6572226,6948167,17085210,17085216,17162522,17358857,19743902,21627712,21631370,22401293,22410500,22598977,22680210,22680213,22680214,22836558,22946650,23909858,24401375,24462656,24515087,25514973,33592839,34388130,35682372,36472266,36546380,36546381,36546382,36569418,36708451,36773964,36791688,36811158,36811159,36963655,37288035,37876293,37876294,37889309,38293640,38535900,38543496,38580697,38637954,38922202,39076766,39076767,39105358,39613840,39966341,40437001,40935455,41003225,41207258,41502555,41711299,41952657,41964885,42272991,42496725,42513088,42815875,42857251,50406866,50431969,50619726,50622685,50622687,51451613,51504083,51667010,545783884,557077970,557670930,558735363,559423838,559424262,559486496,559760215,559760216,570507662,571786073,571786074,574468116,575157663,575157664,575157665,575157666,575157667,575157696,575157697,575157698,575157699,575157700,575157701,575157702,577295376,577626581,578164000,587862985,591729363,592556551,592843145,593780815,593838232,594134597,594396706,594830612,595137156,595714715,595895774,596115913,596444186,596464289,845836083,845836084,845836085,846166132,876178018,963472182,1630679666,1630679667,1633958006,1647605351,1664576567,1698260075,1718235956,1765045358,1802139698,1986689397,1986689633,1986689647,1986748791,1986748793,1986749030,1986749288,1986749546,2004443760,2004444278,2004448354,2037215329
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-correlationid: f923357e-f55b-4f9c-882a-161a0709d03b
x-officefd: BL6PEPF0000BA37
x-usersessionid: bf391436-69ee-4877-96d7-da7ba69b65e8
date: Tue, 21 Sep 2021 00:06:37 GMT
x-download-options: noopen
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-type: text/plain
access-control-allow-origin: https://excel.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 4D1B8B17F5B04ACFB3DFF7D65DD5301E Ref B: VIEEDGE3308 Ref C: 2021-09-21T00:06:37Z

POST
H2 200 RemoteTelemetry.ashx Show response
excel.officeapps.live.com/x/_layouts/ Frame 389D 0
322 B 67ms
66ms XHR
text/plain 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_layouts/RemoteTelemetry.ashx

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=JNl98pNqqUqEfhQwsL67HA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F19B47E6386D2EF20%211094&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27%21A2&Item=%27VIN%27%21A1%3AG10&wdHideGridlines=True&wdInConfigurator=True&sc=host%3D%26qt%3DFolders%26pt%3Dem
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officefd: AM4PEPF0000601C
x-officeversion: 16.0.14501.31875
x-cache: CONFIG_NOCACHE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 0
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid: 4d3a5538-f661-46c4-99ce-765f42db02c0
x-officecluster: PNL1
x-usersessionid: 4d3a5538-f661-46c4-99ce-765f42db02c0
date: Tue, 21 Sep 2021 00:06:37 GMT
x-download-options: noopen
access-control-allow-origin: https://excel.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: 6983521A713A4662957BC9497D0F25E7 Ref B: VIEEDGE3308 Ref C: 2021-09-21T00:06:37Z
timing-allow-origin: *
x-officefe: AM4PEPF00006931

OPTIONS
H2 200 SDXReleaseDataPackages
mrodevicemgr.officeapps.live.com/mrodevicemgrsvc/api/v1/ Frame 0
0 202ms
42ms Preflight 52.109.76.40

General

Check archive.org

Show headers Download Go to

Full URL: https://mrodevicemgr.officeapps.live.com/mrodevicemgrsvc/api/v1/SDXReleaseDataPackages
Protocol: H2
Server: 52.109.76.40 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,dmsactivityid,haep,x-accesstoken,x-accesstokenttl,x-key,x-officeversion,x-requested-with,x-usersessionid,x-usertype,x-waccluster,x-xhr
Origin: https://excel.officeapps.live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-allow-headers: content-type,dmsactivityid,haep,x-accesstoken,x-accesstokenttl,x-key,x-officeversion,x-requested-with,x-usersessionid,x-usertype,x-waccluster,x-xhr
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Tue, 21 Sep 2021 00:06:36 GMT
content-length: 0

GET
H2 200 Ewa.CommonIntl.js Show response
c1h-excel-15.cdn.office.net/x/s/hEC934A05F4E8931D__layouts/App_Scripts/1031/ Frame 389D 96 KB
25 KB 7ms
7ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hEC934A05F4E8931D__layouts/App_Scripts/1031/Ewa.CommonIntl.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec934a05f4e8931d018e2779ccdf397960a3ddd95ffd771abaa538ba12933ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "26174f139ea0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF000068E1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 24813
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 03 Sep 2021 08:31:21 GMT
x-officefd: AM4PEPF0001041E
x-msedge-ref: Ref A: 9236956A76884A57B06ECE1C4020905B Ref B: AMS04EDGE2121 Ref C: 2021-09-11T16:09:17Z
x-usersessionid: 20114498-39b6-4795-a738-366f91559f69
date: Tue, 21 Sep 2021 00:06:37 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 20114498-39b6-4795-a738-366f91559f69
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 BeaconHandler.ashx
excel.officeapps.live.com/x/_layouts/ Frame 389D 542 B
883 B 46ms
45ms Ping
text/plain 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_layouts/BeaconHandler.ashx?WacUserType=WOPI&usid=bf391436-69ee-4877-96d7-da7ba69b65e8&NoAuth=1&waccluster=PNL1&WebMethod=Xlplt

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5b40665a9c6eda7ee5b01320fae0bc3bda499e8df67c518193f944683dc70c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=JNl98pNqqUqEfhQwsL67HA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F19B47E6386D2EF20%211094&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27%21A2&Item=%27VIN%27%21A1%3AG10&wdHideGridlines=True&wdInConfigurator=True&sc=host%3D%26qt%3DFolders%26pt%3Dem
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officefd: AM4PEPF00010AD1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF00006931
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 421
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice_control,afd_wacinfra4,afd_wacinfra5
x-correlationid: 748475e7-91a2-478d-b475-026dccaf3c20
x-officecluster: PNL1
x-usersessionid: bf391436-69ee-4877-96d7-da7ba69b65e8
date: Tue, 21 Sep 2021 00:06:37 GMT
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://excel.officeapps.live.com
cache-control: private
x-msedge-ref: Ref A: A941684BCBD749479FEE139040940A48 Ref B: VIEEDGE3308 Ref C: 2021-09-21T00:06:37Z
timing-allow-origin: *

POST
H2 202 SDXReleaseDataPackages Show response
mrodevicemgr.officeapps.live.com/mrodevicemgrsvc/api/v1/ Frame 389D 5 KB
5 KB 74ms
39ms XHR
application/json 52.109.76.40

General

Check archive.org

Show headers Download Go to

Full URL: https://mrodevicemgr.officeapps.live.com/mrodevicemgrsvc/api/v1/SDXReleaseDataPackages
Requested by: Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.109.76.40 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 47d2b72e7abffa3440f4cb7dd32119b0a7e2c19d31c068fcddf23e30ccc3a2f1

Request headers

DMSActivityId: e5b51c0b-b331-403c-878e-861c4cf970e7
haep: 1
X-AccessToken: 4wDVOE6QgcIWe45jlvzBUnlAEauTmbWDrxwD7UY5MG6kgoxouKsMHYDHyJoJ9lvChv3daVD2uYAZMUryVY8qrBxgnxFw_xO61E9wnoc3c0YZnLCNdDStYqn_O8A7tMOgnqDYWiXalUapXfxA8ymNbXUg
X-UserSessionId: bf391436-69ee-4877-96d7-da7ba69b65e8
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.14501.31875
X-Key: Ms5C2bIP3hWc5OZUGn/bNLL6r2jp/7jVkff5BODTV7E=,637677795952682859
Content-Type: application/json
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Referer: https://excel.officeapps.live.com/
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
X-xhr: 1
X-AccessTokenTtl: 1633997194579
X-WacCluster: PNL1

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 00:06:36 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
content-length: 5342
expires: -1

GET
H2 200 Ewa.pi.js Show response
c1h-excel-15.cdn.office.net/x/s/h8C8B3C65C98D4826__layouts/App_Scripts/ Frame 389D 218 KB
50 KB 28ms
8ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h8C8B3C65C98D4826__layouts/App_Scripts/Ewa.pi.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

8c8b3c65c98d4826cb0965190543579aa451f4ee1e099a23c4e51f05fe5e4d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "51d28fe92a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF0000692E
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3,2pfz=afd_wordcapacity_4_control
content-length: 50513
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3,afd_wordcapacity_4_control
last-modified: Fri, 03 Sep 2021 07:12:02 GMT
x-officefd: AM4PEPF0000601C
x-msedge-ref: Ref A: A88FB44DAB1342AC95E7BE92E59923DE Ref B: AMS04EDGE2113 Ref C: 2021-09-11T07:37:15Z
x-usersessionid: fdf7457a-99db-44e3-a61d-75057927b6d7
date: Tue, 21 Sep 2021 00:06:37 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: fdf7457a-99db-44e3-a61d-75057927b6d7
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.calc.js Show response
c1h-excel-15.cdn.office.net/x/s/h2DB897AC8ECA59E7__layouts/App_Scripts/ Frame 389D 80 KB
20 KB 40ms
4ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h2DB897AC8ECA59E7__layouts/App_Scripts/Ewa.calc.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

2db897ac8eca59e7bdd59769bc3d66e344e874be7c331e9554931f6aa09d597e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "b7cb9bf49ea0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF000068E9
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 19773
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 03 Sep 2021 08:37:39 GMT
x-officefd: AM4PEPF000068A7
x-msedge-ref: Ref A: 087511EF30904252A2036B462C00BCE6 Ref B: AMS04EDGE1517 Ref C: 2021-09-11T07:37:15Z
x-usersessionid: 2979c10f-4b67-4f0e-a549-3ba74da44f9c
date: Tue, 21 Sep 2021 00:06:37 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 2979c10f-4b67-4f0e-a549-3ba74da44f9c
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.oauth.js Show response
c1h-excel-15.cdn.office.net/x/s/h43760BB114C3F99B__layouts/App_Scripts/ Frame 389D 27 KB
7 KB 41ms
6ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h43760BB114C3F99B__layouts/App_Scripts/Ewa.oauth.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

43760bb114c3f99b6e82f37a12b9d89c4903b53bde6b1c04e158bb6e7c2b8603

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "74ff38ed87a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF00006907
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control,2pfz=afd_wordcapacity_4
content-length: 6537
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control,afd_wordcapacity_4
last-modified: Fri, 03 Sep 2021 05:52:49 GMT
x-officefd: AM4PEPF000068B6
x-msedge-ref: Ref A: 651262FED1654C9F95FE556D27EB4B7C Ref B: AMS04EDGE2120 Ref C: 2021-09-11T07:37:15Z
x-usersessionid: dbfece5b-677c-4459-9b01-ed7be11cf38c
date: Tue, 21 Sep 2021 00:06:37 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: dbfece5b-677c-4459-9b01-ed7be11cf38c
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.kpae.js Show response
c1h-excel-15.cdn.office.net/x/s/hB2D37ECC3EC60D42__layouts/App_Scripts/ Frame 389D 436 KB
101 KB 45ms
10ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hB2D37ECC3EC60D42__layouts/App_Scripts/Ewa.kpae.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

b2d37ecc3ec60d4253dffbf672275fa7b75abf99f814864d35fd61830a69306f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: W/"5e822370d2a6d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF000068DB
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 102816
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Sat, 11 Sep 2021 06:01:18 GMT
x-officefd: AM4PEPF0001041F
x-msedge-ref: Ref A: B13E5E2338BD4D9C8FD869CA688AA5F7 Ref B: AMS04EDGE1206 Ref C: 2021-09-11T06:01:18Z
x-usersessionid: 7ed9cc05-a7a6-4ec0-a562-0b00fb6ce50a
date: Tue, 21 Sep 2021 00:06:37 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 7ed9cc05-a7a6-4ec0-a562-0b00fb6ce50a
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.zoom.js Show response
c1h-excel-15.cdn.office.net/x/s/h2FD29732FE09CF1B__layouts/App_Scripts/ Frame 389D 17 KB
5 KB 61ms
25ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h2FD29732FE09CF1B__layouts/App_Scripts/Ewa.zoom.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

2fd29732fe09cf1b9ece18cce04e47509bf66ebbb9e9b2e9ef27a97b5e682f76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "392724be98a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF000068DC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 4398
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Fri, 03 Sep 2021 07:53:11 GMT
x-officefd: AM4PEPF000068A6
x-msedge-ref: Ref A: 2B9CC2FFCCEC499DBC8363FD9234F242 Ref B: AM3EDGE0322 Ref C: 2021-09-11T07:37:15Z
x-usersessionid: 473a6cad-a956-4ffb-acd1-2ac2c3a52159
date: Tue, 21 Sep 2021 00:06:37 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 473a6cad-a956-4ffb-acd1-2ac2c3a52159
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.le.js Show response
c1h-excel-15.cdn.office.net/x/s/hC7AF168FBC072419__layouts/App_Scripts/ Frame 389D 87 KB
21 KB 54ms
16ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hC7AF168FBC072419__layouts/App_Scripts/Ewa.le.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

c7af168fbc0724193588c71424cff5083e61c94616cbcb825e9cb9ac5743cfe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "d8b34f59ea0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF000068E9
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 20713
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Fri, 03 Sep 2021 08:37:40 GMT
x-officefd: AM4PEPF0000689D
x-msedge-ref: Ref A: 48EC7500111342438998A727363A3236 Ref B: AM3EDGE1006 Ref C: 2021-09-11T07:37:15Z
x-usersessionid: 59a322d9-e2e4-4f01-a924-c2122e6d12e8
date: Tue, 21 Sep 2021 00:06:37 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 59a322d9-e2e4-4f01-a924-c2122e6d12e8
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.tlv.js Show response
c1h-excel-15.cdn.office.net/x/s/h5D640EA5000F6B53__layouts/App_Scripts/ Frame 389D 162 KB
37 KB 61ms
24ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h5D640EA5000F6B53__layouts/App_Scripts/Ewa.tlv.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

5d640ea5000f6b536946952f2c6336b4bf01d8704ea337f5f3c81d4f4aaf527c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "9f9d681d82a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF000068ED
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 37382
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
last-modified: Fri, 03 Sep 2021 05:11:13 GMT
x-officefd: AM4PEPF000068B2
x-msedge-ref: Ref A: 30FDDAA016804513A48191EF1E89810F Ref B: AM3EDGE1021 Ref C: 2021-09-11T07:37:16Z
x-usersessionid: 7e9f45a3-bbec-40cd-86e7-c30dd8fb49bd
date: Tue, 21 Sep 2021 00:06:37 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 7e9f45a3-bbec-40cd-86e7-c30dd8fb49bd
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 otelFull.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h36DA7C3931E03AE2__layouts/App_Scripts/ Frame 389D 103 KB
28 KB 63ms
24ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h36DA7C3931E03AE2__layouts/App_Scripts/otelFull.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

36da7c3931e03ae21506b0e7a9a26573e414d4ca7bb659c7c6c8a421a79efb6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "18a09c27a2a8d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF00006932
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 28386
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_powerpointslice_control,afd_wacinfra4,afd_wacinfra5
last-modified: Mon, 13 Sep 2021 13:20:43 GMT
x-officefd: AM4PEPF0000F385
x-msedge-ref: Ref A: 6FE42BF3D0FD49E3AA8F170FB61EC57E Ref B: AMS04EDGE1518 Ref C: 2021-09-18T21:29:14Z
x-usersessionid: ef482ca2-6d63-414f-acd2-10d536ff49e6
date: Tue, 21 Sep 2021 00:06:37 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: ef482ca2-6d63-414f-acd2-10d536ff49e6
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excel-app-intl.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hF9386FA35FC60F08__layouts/App_Scripts/1031/ Frame 389D 382 KB
63 KB 61ms
19ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hF9386FA35FC60F08__layouts/App_Scripts/1031/excel-app-intl.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

f9386fa35fc60f08c38d340a811492596679978277a65ece123505e27ffd23ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "bbc46cf092a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF0000692D
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 63914
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 03 Sep 2021 07:11:39 GMT
x-officefd: AM4PEPF0001041E
x-msedge-ref: Ref A: EB892C95E02B49E28EFA7A32B2D20FAB Ref B: AMS04EDGE2121 Ref C: 2021-09-11T16:09:20Z
x-usersessionid: cf9dcc11-3e1e-4915-b7b0-cf72aa55faba
date: Tue, 21 Sep 2021 00:06:37 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: cf9dcc11-3e1e-4915-b7b0-cf72aa55faba
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.cuixas.js Show response
c1h-excel-15.cdn.office.net/x/s/h675EF8C6058F9536__layouts/App_Scripts/ Frame 389D 755 KB
143 KB 47ms
20ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h675EF8C6058F9536__layouts/App_Scripts/Ewa.cuixas.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

675ef8c6058f95362d85e617ed010feb16858eb80faf6c9f7fb595d9f9a10ed7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "14d0f35c8da0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF00006942
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3,2pfz=afd_wordcapacity_4
content-length: 145697
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3,afd_wordcapacity_4
last-modified: Fri, 03 Sep 2021 06:31:44 GMT
x-officefd: AM4PEPF000068A7
x-msedge-ref: Ref A: 42C9EC52AC6A471FB3FE5474612B282B Ref B: AMS04EDGE2113 Ref C: 2021-09-11T07:37:14Z
x-usersessionid: fa76b4eb-ca9e-4618-a312-7a5f6a53c0ff
date: Tue, 21 Sep 2021 00:06:37 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: fa76b4eb-ca9e-4618-a312-7a5f6a53c0ff
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.tp.js Show response
c1h-excel-15.cdn.office.net/x/s/h2BBC1C9E7EB1713C__layouts/App_Scripts/ Frame 389D 47 KB
12 KB 45ms
20ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h2BBC1C9E7EB1713C__layouts/App_Scripts/Ewa.tp.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

2bbc1c9e7eb1713cfd939dfdf4148c02c7aa093088452ca0bd25ff2c76c17a60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "46c09b09ea0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF000068F1
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 11751
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordslice,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 03 Sep 2021 08:30:50 GMT
x-officefd: AM4PEPF0000F385
x-msedge-ref: Ref A: 1E9821D2DCA5480886A459D324270CAB Ref B: AM3EDGE1006 Ref C: 2021-09-11T07:37:16Z
x-usersessionid: ac49ee2b-efa6-4908-b695-5d6aebf7ebbf
date: Tue, 21 Sep 2021 00:06:37 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: ac49ee2b-efa6-4908-b695-5d6aebf7ebbf
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 numfmtcalc.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h3A836610FB63660D__layouts/App_Scripts/ Frame 389D 433 KB
88 KB 26ms
11ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h3A836610FB63660D__layouts/App_Scripts/numfmtcalc.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

3a836610fb63660d033694ca940795a15a1c245429b1ed59cdb8e38fb40113a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "7182af792a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF0000692F
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 89638
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Fri, 03 Sep 2021 07:11:50 GMT
x-officefd: AM4PEPF000068B6
x-msedge-ref: Ref A: E0B5949A911B443283AC1082B4383072 Ref B: AMS04EDGE1610 Ref C: 2021-09-13T05:48:06Z
x-usersessionid: 577d15a5-324f-46fc-8aa5-88b74bbe947b
date: Tue, 21 Sep 2021 00:06:37 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 577d15a5-324f-46fc-8aa5-88b74bbe947b
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excelOnlineCalcStable.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h647C9C68E9BF2551__layouts/App_Scripts/ Frame 389D 948 KB
217 KB 26ms
14ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h647C9C68E9BF2551__layouts/App_Scripts/excelOnlineCalcStable.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

647c9c68e9bf25514196b610062d407928a9c57a63813b7ac93c7d892c98921f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "378e361193a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF00006927
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3,2pfz=afd_wordcapacity_4_control
content-length: 220646
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3,afd_wordcapacity_4_control
last-modified: Fri, 03 Sep 2021 07:12:34 GMT
x-officefd: AM4PEPF0000689F
x-msedge-ref: Ref A: 54BD522D43F644FC91FBF8B2017FEE37 Ref B: AM3EDGE0309 Ref C: 2021-09-11T07:28:59Z
x-usersessionid: 68ee8f68-21f9-440d-bca2-8e49bf1ca589
date: Tue, 21 Sep 2021 00:06:37 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 68ee8f68-21f9-440d-bca2-8e49bf1ca589
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 RemoteUls.ashx Show response
excel.officeapps.live.com/x/ Frame 389D 0
611 B 212ms
202ms XHR
text/plain 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/RemoteUls.ashx?officeserverversion=16.0.14501.31875&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wDVOE6QgcIWe45jlvzBUnlAEauTmbWDrxwD7UY5MG6kgoxouKsMHYDHyJoJ9lvChv3daVD2uYAZMUryVY8qrBxgnxFw_xO61E9wnoc3c0YZnLCNdDStYqn_O8A7tMOgnqDYWiXalUapXfxA8ymNbXUg
X-UserSessionId: bf391436-69ee-4877-96d7-da7ba69b65e8
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.14501.31875
X-Key: Ms5C2bIP3hWc5OZUGn/bNLL6r2jp/7jVkff5BODTV7E=,637677795952682859
X-bULS-SuppressionETag: 5DFFECF679A2FC7C00513A0222E7FDFB9E769F7F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Referer: https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=JNl98pNqqUqEfhQwsL67HA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F19B47E6386D2EF20%211094&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27%21A2&Item=%27VIN%27%21A1%3AG10&wdHideGridlines=True&wdInConfigurator=True&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1633997194579
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS2
x-officeversion: 16.0.14516.41034
x-officefe: MW1PEPF00008567
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 5DFFECF679A2FC7C00513A0222E7FDFB9E769F7F
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
x-correlationid: c390a35f-1f64-4760-900d-18f469dfec8b
x-officefd: MW1PEPF00008567
x-usersessionid: bf391436-69ee-4877-96d7-da7ba69b65e8
date: Tue, 21 Sep 2021 00:06:37 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://excel.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: 35191A54D70A4B83A9E41913AF3F5F2C Ref B: VIEEDGE3308 Ref C: 2021-09-21T00:06:37Z

GET
H2 200 copyPasteInfra.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hDFC299D01FCF919C__layouts/App_Scripts/ Frame 389D 112 KB
22 KB 28ms
11ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hDFC299D01FCF919C__layouts/App_Scripts/copyPasteInfra.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

dfc299d01fcf919cecf9a6595437751327d29e5523e51058affd20e5bec8b891

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "9389c05b55a8d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF000068FD
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 21612
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
last-modified: Mon, 13 Sep 2021 04:10:59 GMT
x-officefd: AM4PEPF0001041F
x-msedge-ref: Ref A: AC1D57027A5A47B9B25729247D3F2A9A Ref B: AM3EDGE0310 Ref C: 2021-09-13T05:47:02Z
x-usersessionid: 2c3c6d79-ffde-46d6-878e-2de6b44c37c9
date: Tue, 21 Sep 2021 00:06:37 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 2c3c6d79-ffde-46d6-878e-2de6b44c37c9
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 clipboardPlatform.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h28D2EA830419C111__layouts/App_Scripts/ Frame 389D 157 KB
30 KB 28ms
9ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h28D2EA830419C111__layouts/App_Scripts/clipboardPlatform.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

28d2ea830419c1113b472abdb05ea9379d3e46893cb8335055e2afb3e1f6b725

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "8d3a35f298a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF000068CE
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 29812
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 03 Sep 2021 07:54:38 GMT
x-officefd: AM4PEPF000068B2
x-msedge-ref: Ref A: 5EC47680D2294CE38DABD6529837EDB6 Ref B: AM3EDGE1006 Ref C: 2021-09-11T07:28:58Z
x-usersessionid: 1ff60287-fc12-4003-9a6c-eae6cac54e1e
date: Tue, 21 Sep 2021 00:06:37 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 1ff60287-fc12-4003-9a6c-eae6cac54e1e
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwrNov.css
c1h-excel-15.cdn.office.net/x/s/h1D9579B38A442F25__layouts/Resources/1031/ Frame 389D 11 KB
3 KB 8ms
7ms Stylesheet
text/css 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h1D9579B38A442F25__layouts/Resources/1031/EwrNov.css

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

1d9579b38a442f25fea006d3ef8c712ce0e024d7800013a7368c37d47943de09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "3cc54c65d1a3d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF0000690C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 2766
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_visioslice,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Tue, 07 Sep 2021 10:16:17 GMT
x-officefd: AM4PEPF000068AD
x-msedge-ref: Ref A: CFDB5962D723414F98129E10BCDBDF91 Ref B: AMS04EDGE1614 Ref C: 2021-09-09T09:55:00Z
x-usersessionid: 236b5060-c9ae-4ee8-bac7-98e6a5b58218
date: Tue, 21 Sep 2021 00:06:37 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-correlationid: 236b5060-c9ae-4ee8-bac7-98e6a5b58218
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaNov.png
c1h-excel-15.cdn.office.net/x/s/hF987E2D9828EAD77__layouts/Resources/ Frame 389D 10 KB
11 KB 7ms
7ms Image
image/png 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hF987E2D9828EAD77__layouts/Resources/EwaNov.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

f987e2d9828ead776cb236e3efa082920c6605fd4bc3676bc93447ef677657c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "a6bc9e299ea0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF000068EC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 10090
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
last-modified: Fri, 03 Sep 2021 08:31:59 GMT
x-officefd: AM4PEPF0001041C
x-msedge-ref: Ref A: 63F6DC9188714C909C96326A0AAE739D Ref B: AM3EDGE1019 Ref C: 2021-09-11T15:38:31Z
x-usersessionid: bbbd5d5a-5591-4f19-bc62-f9be1811dc55
date: Tue, 21 Sep 2021 00:06:37 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: bbbd5d5a-5591-4f19-bc62-f9be1811dc55
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.kmhv.js Show response
c1h-excel-15.cdn.office.net/x/s/h3D8504AC195B0D06__layouts/App_Scripts/ Frame 389D 469 KB
101 KB 8ms
8ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h3D8504AC195B0D06__layouts/App_Scripts/Ewa.kmhv.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

3d8504ac195b0d06441b5063b842cec45e895ef594773a187783cf4290d55658

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "424d38e887a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF0000690C
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 102495
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Fri, 03 Sep 2021 05:52:40 GMT
x-officefd: AM4PEPF000068C1
x-msedge-ref: Ref A: B2529AA248CE4CF78564163DBF2B1AE2 Ref B: AM3EDGE1021 Ref C: 2021-09-11T07:37:16Z
x-usersessionid: e31e3158-38a2-457f-a60b-b7c69249c8ba
date: Tue, 21 Sep 2021 00:06:37 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: e31e3158-38a2-457f-a60b-b7c69249c8ba
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.commonui.js Show response
c1h-excel-15.cdn.office.net/x/s/h62E7C9968D382FA4__layouts/App_Scripts/ Frame 389D 21 KB
6 KB 8ms
8ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h62E7C9968D382FA4__layouts/App_Scripts/Ewa.commonui.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

62e7c9968d382fa4b9dadad3c9e3647d9515ea09329a72f66708d0ff239a48e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "48cf32d93a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF00006929
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3,2pfz=afd_wordcapacity_4_control
content-length: 5388
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3,afd_wordcapacity_4_control
last-modified: Fri, 03 Sep 2021 07:12:27 GMT
x-officefd: AM4PEPF000068B6
x-msedge-ref: Ref A: 928F5B42F2D74AA880A6C1DBEF72C06F Ref B: AMS04EDGE1517 Ref C: 2021-09-11T07:37:16Z
x-usersessionid: 526c9ab0-9960-4c14-92e5-45fb5a3a3678
date: Tue, 21 Sep 2021 00:06:37 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 526c9ab0-9960-4c14-92e5-45fb5a3a3678
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.commentpane.js Show response
c1h-excel-15.cdn.office.net/x/s/hB78A3D922099CEB1__layouts/App_Scripts/ Frame 389D 117 KB
30 KB 8ms
7ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hB78A3D922099CEB1__layouts/App_Scripts/Ewa.commentpane.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

b78a3d922099ceb15cf0682457ba90b960322482b42d167dab98b0a066671062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "da614bc398a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF000068D4
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 29983
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 03 Sep 2021 07:53:20 GMT
x-officefd: AM4PEPF0000689E
x-msedge-ref: Ref A: 3BFE396911DB4DFEA88A68D03387A72A Ref B: AMS04EDGE1407 Ref C: 2021-09-11T08:40:29Z
x-usersessionid: 304af6db-cafa-4e6d-8ee1-eda21dc81bcc
date: Tue, 21 Sep 2021 00:06:37 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 304af6db-cafa-4e6d-8ee1-eda21dc81bcc
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.kffa.js Show response
c1h-excel-15.cdn.office.net/x/s/hE295962FC14484BB__layouts/App_Scripts/ Frame 389D 400 KB
90 KB 9ms
9ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hE295962FC14484BB__layouts/App_Scripts/Ewa.kffa.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

e295962fc14484bba2b922665176096ce99fadced1abb18a9f53d78338017a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "02bfbf49ea0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF000068E9
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 90818
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Fri, 03 Sep 2021 08:37:40 GMT
x-officefd: AM4PEPF0000F385
x-msedge-ref: Ref A: EBA20D4676BA4DB2B356A08972C78639 Ref B: AMS04EDGE2113 Ref C: 2021-09-11T07:37:15Z
x-usersessionid: 8556c9c8-5d22-474c-98b7-81676fff16db
date: Tue, 21 Sep 2021 00:06:37 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 8556c9c8-5d22-474c-98b7-81676fff16db
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excel-uiSlice20-sprite.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h8B7E6E9BC542F9D5__layouts/App_Scripts/1031/ Frame 389D 426 KB
49 KB 10ms
7ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h8B7E6E9BC542F9D5__layouts/App_Scripts/1031/excel-uiSlice20-sprite.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

8b7e6e9bc542f9d526d4363ce316df91e1eb78e777a104241125dd1cea127a77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "e2cc1527c7a8d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF00006952
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3,2pfz=afd_wordcapacity_4_control
content-length: 49580
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3,afd_wordcapacity_4_control
last-modified: Mon, 13 Sep 2021 17:45:33 GMT
x-officefd: AM4PEPF000068A6
x-msedge-ref: Ref A: 00610A3BAEFB46CFA498FE0702DB9AB9 Ref B: AM3EDGE1016 Ref C: 2021-09-17T07:33:41Z
x-usersessionid: 83045cd3-6a1b-46a7-8c3e-423528b27ef7
date: Tue, 21 Sep 2021 00:06:38 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 83045cd3-6a1b-46a7-8c3e-423528b27ef7
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaCommon.png
c1h-excel-15.cdn.office.net/x/s/h2F95CDDC41D79343__layouts/Resources/1031/ Frame 389D 19 KB
19 KB 11ms
7ms Image
image/png 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h2F95CDDC41D79343__layouts/Resources/1031/EwaCommon.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

2f95cddc41d79343acd4194569538eb07ae5bdd1ec90469253f41ee5db530b67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "cbf0cd179ea0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF000068E3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 19229
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_pptcapacity,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 03 Sep 2021 08:31:29 GMT
x-officefd: AM4PEPF000068C0
x-msedge-ref: Ref A: 2E82F2C248CC46468DFDE85CC9BF482F Ref B: AMS04EDGE1105 Ref C: 2021-09-12T18:02:58Z
x-usersessionid: 37b25f19-4a28-4650-9da9-595507e2e139
date: Tue, 21 Sep 2021 00:06:38 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: 37b25f19-4a28-4650-9da9-595507e2e139
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 common.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hFD713610C137ABC8__layouts/App_Scripts/ Frame 389D 2 MB
289 KB 9ms
7ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hFD713610C137ABC8__layouts/App_Scripts/common.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

fd713610c137abc82bbf5f5301cb8c3568c54d661b010b78b193bb8919d8ffa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "40a2b5d798a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF000068D3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 294802
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 03 Sep 2021 07:53:54 GMT
x-officefd: AM4PEPF0001041B
x-msedge-ref: Ref A: 4137D5D623C84FAFA885BDBEE1B813F5 Ref B: AM3EDGE1006 Ref C: 2021-09-11T07:28:53Z
x-usersessionid: 813f79f5-dda6-47ca-9219-d2787b6b9994
date: Tue, 21 Sep 2021 00:06:38 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 813f79f5-dda6-47ca-9219-d2787b6b9994
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 runtime.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h3E75DBC7DC8464E4__layouts/App_Scripts/ Frame 389D 14 KB
5 KB 20ms
18ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h3E75DBC7DC8464E4__layouts/App_Scripts/runtime.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

3e75dbc7dc8464e4c3d80f69282ee80de12c62c7b0d320d07900a75e3f1b1d9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "3d72199ea0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF000068E4
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 4478
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 03 Sep 2021 08:31:31 GMT
x-officefd: AM4PEPF000068B2
x-msedge-ref: Ref A: AEBE5B557073443AAB06A76DC0B025B8 Ref B: AM3EDGE1006 Ref C: 2021-09-11T07:28:51Z
x-usersessionid: 83aff974-12ef-4fd5-9dce-5621c0c9fbd9
date: Tue, 21 Sep 2021 00:06:38 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 83aff974-12ef-4fd5-9dce-5621c0c9fbd9
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appChrome.min.js Show response
c1h-excel-15.cdn.office.net/x/s/hA7B0B397679C4C48__layouts/App_Scripts/ Frame 389D 172 KB
36 KB 19ms
19ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hA7B0B397679C4C48__layouts/App_Scripts/appChrome.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

a7b0b397679c4c48b0e39459e834c5bc04cb95b52e015cc92a32c6001ae47596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "1952f41c93a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF00006928
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 36283
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Fri, 03 Sep 2021 07:12:53 GMT
x-officefd: AM4PEPF0001041D
x-msedge-ref: Ref A: E2229365960C47CB8C5136A330D406F4 Ref B: AM3EDGE1006 Ref C: 2021-09-11T07:28:52Z
x-usersessionid: 5cc5fc53-079a-4aa9-8d69-e02936e70566
date: Tue, 21 Sep 2021 00:06:38 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 5cc5fc53-079a-4aa9-8d69-e02936e70566
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 shared.aspx Show response
shared.officeapps.live.com/clipboard/ Frame 7B62 2 KB
2 KB 104ms
49ms Document
text/html 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://shared.officeapps.live.com/clipboard/shared.aspx?CreatorOrigin=https%3A%2F%2Fexcel.officeapps.live.com&usid=bf391436-69ee-4877-96d7-da7ba69b65e8&corrid=587ab8ae-5eda-4572-8d51-3670b79bf621&NoAuth=true

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h28D2EA830419C111__layouts/App_Scripts/clipboardPlatform.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3373040c892aede5173d0ff79f656b840a88c3ff98d5ae2d3cb86d002b124f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: shared.officeapps.live.com
:scheme: https
:path: /clipboard/shared.aspx?CreatorOrigin=https%3A%2F%2Fexcel.officeapps.live.com&usid=bf391436-69ee-4877-96d7-da7ba69b65e8&corrid=587ab8ae-5eda-4572-8d51-3670b79bf621&NoAuth=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://excel.officeapps.live.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/

Response headers

cache-control: private
content-length: 1110
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
set-cookie: DcLcid=ui=1031&data=1031; expires=Tue, 21-Dec-2021 01:06:38 GMT; path=/; samesite=none; secure; HttpOnly PNL1-ARRAffinity=d5e05ca02215bd2bbbdd8a17b2cbc08ee75840dbdb227bad2fa97032a3c94d43;Path=/;Domain=shared.officeapps.live.com; samesite=none; secure
x-correlationid: 587ab8ae-5eda-4572-8d51-3670b79bf621
x-usersessionid: bf391436-69ee-4877-96d7-da7ba69b65e8
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-officefe: AM4PEPF000068EE
x-officeversion: 16.0.14501.31875
x-officecluster: PNL1
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-site
x-officefd: AM4PEPF000068B8
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
x-msedge-ref: Ref A: 297D4621A82B4D1D83A03118D72EF4D3 Ref B: VIEEDGE3308 Ref C: 2021-09-21T00:06:38Z
date: Tue, 21 Sep 2021 00:06:38 GMT

GET
H2 200 GetInstantaneousSupportInformation Show response
excel.officeapps.live.com/x/_vti_bin/EwaInternalWebService.json/ Frame 389D 7 KB
3 KB 164ms
164ms XHR
application/json 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_vti_bin/EwaInternalWebService.json/GetInstantaneousSupportInformation?context=%7B%22WorkbookMetadataParameter%22%3A%7B%22WorkbookMetadataState%22%3A%7B%22MetadataVersion%22%3A0%2C%22ServerEventVersion%22%3A0%7D%7D%2C%22ClientRequestId%22%3A%2279329d31-064e-4a59-ba79-99c21e52128d%22%2C%22MakeInstantaneousChange%22%3Afalse%2C%22SessionId%22%3A%2215.AM4PEPF000069311.A80.1.V25.800507lM0MDa6xO5E%2FgRwwFzv14.5.de-DE5.en-US23.19b47e6386d2ef20-Public1.S1.N16.16.0.14501.3187514.5.de-DE5.en-US1.V1.N0.1.S%22%2C%22TransientEditSessionToken%22%3Anull%2C%22PermissionFlags%22%3A344187%2C%22Configurations%22%3A1648656%2C%22CompleteResponseTimeout%22%3A0%2C%22IsWindowHidden%22%3Afalse%2C%22CollaborationParameter%22%3A%7B%22CollaborationState%22%3A%7B%22CollabStateId%22%3A0%2C%22UserListVersion%22%3A0%7D%7D%2C%22ViewModeStateId%22%3A0%2C%22MachineCluster%22%3A%22PNL1%22%2C%22AjaxOptions%22%3A0%2C%22ReturnSheetProcessedData%22%3Afalse%7D&previousResponseDigest=%22%22&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f9ecc6f5b65610fbb9031e5506ee566d4d7fb74136770bb7e1d0260e52f38f12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacNoAuth: 1
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.14501.31875
X-Key: Ms5C2bIP3hWc5OZUGn/bNLL6r2jp/7jVkff5BODTV7E=,637677795952682859
X-Requested-With: XMLHttpRequest
X-xhr: 1
X-XL-SessionId: 15.AM4PEPF000069311.A80.1.V25.800507lM0MDa6xO5E/gRwwFzv14.5.de-DE5.en-US23.19b47e6386d2ef20-Public1.S1.N16.16.0.14501.3187514.5.de-DE5.en-US1.V1.N0.1.S
haep: 1
X-AccessToken: 4wDVOE6QgcIWe45jlvzBUnlAEauTmbWDrxwD7UY5MG6kgoxouKsMHYDHyJoJ9lvChv3daVD2uYAZMUryVY8qrBxgnxFw_xO61E9wnoc3c0YZnLCNdDStYqn_O8A7tMOgnqDYWiXalUapXfxA8ymNbXUg
X-UserSessionId: bf391436-69ee-4877-96d7-da7ba69b65e8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8
X-CorrelationId: 03519b92-b918-40ac-9e09-e82f7c48fd5b
Referer: https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=JNl98pNqqUqEfhQwsL67HA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F19B47E6386D2EF20%211094&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27%21A2&Item=%27VIN%27%21A1%3AG10&wdHideGridlines=True&wdInConfigurator=True&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserType: WOPI
X-AccessTokenTtl: 1633997194579
X-WacCluster: PNL1

Response headers

xlsecsid: AM4PEPF00006931
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF00006931
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
xlswfecid: 03519b92-b918-40ac-9e09-e82f7c48fd5b
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 2393
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5
x-correlationid: 03519b92-b918-40ac-9e09-e82f7c48fd5b
x-officefd: AM4PEPF0001041B
x-usersessionid: bf391436-69ee-4877-96d7-da7ba69b65e8
date: Tue, 21 Sep 2021 00:06:38 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
xlsecscid: 03519b92-b918-40ac-9e09-e82f7c48fd5b
x-msedge-ref: Ref A: D7BB8C8499E44573AC6F425D1FEDEF9D Ref B: VIEEDGE3308 Ref C: 2021-09-21T00:06:38Z
timing-allow-origin: *

GET
H2 200 GetFunctionList Show response
excel.officeapps.live.com/x/_vti_bin/EwaInternalWebService.json/ Frame 389D 178 KB
26 KB 88ms
88ms XHR
application/json 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_vti_bin/EwaInternalWebService.json/GetFunctionList?context=%7B%22WorkbookMetadataParameter%22%3A%7B%22WorkbookMetadataState%22%3A%7B%22MetadataVersion%22%3A0%2C%22ServerEventVersion%22%3A0%7D%7D%2C%22ClientRequestId%22%3A%228a9fe43d-2559-406c-92e4-951df7c1e2ca%22%2C%22MakeInstantaneousChange%22%3Afalse%2C%22SessionId%22%3A%2215.AM4PEPF000069311.A80.1.V25.800507lM0MDa6xO5E%2FgRwwFzv14.5.de-DE5.en-US23.19b47e6386d2ef20-Public1.S1.N16.16.0.14501.3187514.5.de-DE5.en-US1.V1.N0.1.S%22%2C%22TransientEditSessionToken%22%3Anull%2C%22PermissionFlags%22%3A344187%2C%22Configurations%22%3A1648656%2C%22CompleteResponseTimeout%22%3A0%2C%22IsWindowHidden%22%3Afalse%2C%22CollaborationParameter%22%3A%7B%22CollaborationState%22%3A%7B%22CollabStateId%22%3A0%2C%22UserListVersion%22%3A0%7D%7D%2C%22ViewModeStateId%22%3A0%2C%22MachineCluster%22%3A%22PNL1%22%2C%22AjaxOptions%22%3A0%2C%22ReturnSheetProcessedData%22%3Afalse%7D&functionOptions=%7B%22FilterType%22%3A0%7D&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fd755fdf6f0b8c28a8790a7e8b4fdc8ffba8f73bd6ea05b61e7566c09afa8086

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacNoAuth: 1
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.14501.31875
X-Key: Ms5C2bIP3hWc5OZUGn/bNLL6r2jp/7jVkff5BODTV7E=,637677795952682859
X-Requested-With: XMLHttpRequest
X-xhr: 1
X-XL-SessionId: 15.AM4PEPF000069311.A80.1.V25.800507lM0MDa6xO5E/gRwwFzv14.5.de-DE5.en-US23.19b47e6386d2ef20-Public1.S1.N16.16.0.14501.3187514.5.de-DE5.en-US1.V1.N0.1.S
haep: 1
X-AccessToken: 4wDVOE6QgcIWe45jlvzBUnlAEauTmbWDrxwD7UY5MG6kgoxouKsMHYDHyJoJ9lvChv3daVD2uYAZMUryVY8qrBxgnxFw_xO61E9wnoc3c0YZnLCNdDStYqn_O8A7tMOgnqDYWiXalUapXfxA8ymNbXUg
X-UserSessionId: bf391436-69ee-4877-96d7-da7ba69b65e8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8
X-CorrelationId: f35c80a2-207b-47de-849f-dafba2dc0ac1
Referer: https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=JNl98pNqqUqEfhQwsL67HA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F19B47E6386D2EF20%211094&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27%21A2&Item=%27VIN%27%21A1%3AG10&wdHideGridlines=True&wdInConfigurator=True&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserType: WOPI
X-AccessTokenTtl: 1633997194579
X-WacCluster: PNL1

Response headers

xlsecsid: AM4PEPF00006931
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF00006931
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
xlswfecid: f35c80a2-207b-47de-849f-dafba2dc0ac1
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control,2pfz=afd_wordcapacity_4_control
content-length: 26288
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control,afd_wordcapacity_4_control
x-correlationid: f35c80a2-207b-47de-849f-dafba2dc0ac1
x-officefd: AM4PEPF0001041F
x-usersessionid: bf391436-69ee-4877-96d7-da7ba69b65e8
date: Tue, 21 Sep 2021 00:06:38 GMT
content-type: application/json; charset=utf-8
cache-control: private, max-age=31536000
xlsecscid: f35c80a2-207b-47de-849f-dafba2dc0ac1
x-msedge-ref: Ref A: E6CDA2FADFDD4758A5798827CA0E7ADC Ref B: VIEEDGE3308 Ref C: 2021-09-21T00:06:38Z
timing-allow-origin: *

GET
BLOB 200
OK ef94683b-3e93-4453-aaa2-c436fab1d7ef
https://excel.officeapps.live.com/ Frame 389D 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://excel.officeapps.live.com/ef94683b-3e93-4453-aaa2-c436fab1d7ef
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1794807fd115917bc39549ecf3b5bf5d72d2989275e28bb85dfedfae90621104

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 4679
Content-Type: application/javascript

GET
H/1.1 200
OK wl.ms.js Show response
js.live.net/v5.0/ Frame 389D 42 KB
16 KB 113ms
8ms Script
application/javascript 104.111.237.183

General

Check archive.org

Show headers Download Go to

Full URL: https://js.live.net/v5.0/wl.ms.js
Requested by: Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 104.111.237.183 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 00:06:38 GMT
X-MSNServer: RD0003FF242117
Last-Modified: Fri, 10 Jul 2020 18:30:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0b3b92be856d61:0"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=47031, public
X-ODWebServer: westeurope1-odwebp
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 16199

GET
H2 200 common50.min.js
c1h-excel-15.cdn.office.net/x/s/h6DC9FAA50C5B05EE__layouts/App_Scripts/ Frame 389D 1 MB
216 KB 9ms
8ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h6DC9FAA50C5B05EE__layouts/App_Scripts/common50.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "c057197b8da0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF0000693B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 219905
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_powerpointslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Fri, 03 Sep 2021 06:32:34 GMT
x-officefd: AM4PEPF0001041B
x-msedge-ref: Ref A: F7ED6B8DFD244B849FA6F6E74FD44D8B Ref B: AM3EDGE1006 Ref C: 2021-09-11T07:28:55Z
x-usersessionid: bad8aa22-5afc-4a2e-95b2-1425ff463eee
date: Tue, 21 Sep 2021 00:06:39 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: bad8aa22-5afc-4a2e-95b2-1425ff463eee
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 dialogControls.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h74E5E7AD189ED8C1__layouts/App_Scripts/ Frame 389D 21 KB
5 KB 9ms
8ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h74E5E7AD189ED8C1__layouts/App_Scripts/dialogControls.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

74e5e7ad189ed8c14231da0263924c7db19f272098f01ca82f6160d95970735f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "8bfb8cf592a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF00006930
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 4915
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 03 Sep 2021 07:11:47 GMT
x-officefd: AM4PEPF000068B2
x-msedge-ref: Ref A: BE2300391EAC44ED89C609CF7AD62A04 Ref B: AMS04EDGE1206 Ref C: 2021-09-11T06:01:18Z
x-usersessionid: 80b6a949-9a67-4480-ac79-116fd3824d92
date: Tue, 21 Sep 2021 00:06:39 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 80b6a949-9a67-4480-ac79-116fd3824d92
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 appChromeLazy.min.js Show response
c1h-excel-15.cdn.office.net/x/s/h21BBE419FB274F00__layouts/App_Scripts/ Frame 389D 406 KB
93 KB 10ms
9ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h21BBE419FB274F00__layouts/App_Scripts/appChromeLazy.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h3E75DBC7DC8464E4__layouts/App_Scripts/runtime.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

21bbe419fb274f00ec3e37cdcd8f11b45f9fc8757d20a9624730793bc1d4bae4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "75e5a578da0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF0000693A
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 94424
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Fri, 03 Sep 2021 06:31:34 GMT
x-officefd: AM4PEPF000068AE
x-msedge-ref: Ref A: 1D5FBD9962BC424EAD77E656A09EAC8F Ref B: AM3EDGE0215 Ref C: 2021-09-11T07:28:55Z
x-usersessionid: facfe5ab-571f-4822-b923-747327e4fd31
date: Tue, 21 Sep 2021 00:06:39 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: facfe5ab-571f-4822-b923-747327e4fd31
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK sharedclipboard.min.js
c1-shared-15.cdn.office.net/clipboard/s/161450131875_App_Scripts/ Frame 7B62 66 KB
15 KB 140ms
8ms Script
application/javascript 2.18.232.238

General

Check archive.org

Show headers Download Go to

Full URL

https://c1-shared-15.cdn.office.net/clipboard/s/161450131875_App_Scripts/sharedclipboard.min.js

Requested by

Host: shared.officeapps.live.com
URL: https://shared.officeapps.live.com/clipboard/shared.aspx?CreatorOrigin=https%3A%2F%2Fexcel.officeapps.live.com&usid=bf391436-69ee-4877-96d7-da7ba69b65e8&corrid=587ab8ae-5eda-4572-8d51-3670b79bf621&NoAuth=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.238 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shared.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: br
ETag: "43482eacafa8d71:0"
X-OfficeCluster: PNL1
X-OfficeVersion: 16.0.14501.31875
X-OfficeFE: AM4PEPF00006941
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-MSEdge-Flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
Content-Length: 14298
Cache-Control: public,max-age=31536000
X-MSEdge-Features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
Last-Modified: Mon, 13 Sep 2021 14:57:29 GMT
X-OFFICEFD: AM4PEPF000068AE
X-MSEdge-Ref: Ref A: 0D697F9C5E50408CA04165B116940925 Ref B: AM3EDGE0710 Ref C: 2021-09-15T00:19:13Z
X-UserSessionId: 4d497b0d-d61d-4812-adac-3649f481f482
Date: Tue, 21 Sep 2021 00:06:39 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-CorrelationId: 4d497b0d-d61d-4812-adac-3649f481f482
Accept-Ranges: bytes
Timing-Allow-Origin: *

POST
H2 200 RemoteUls.ashx
excel.officeapps.live.com/x/ Frame 389D 0
657 B 173ms
154ms XHR
text/plain 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/RemoteUls.ashx?officeserverversion=16.0.14501.31875&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

haep: 1
X-AccessToken: 4wDVOE6QgcIWe45jlvzBUnlAEauTmbWDrxwD7UY5MG6kgoxouKsMHYDHyJoJ9lvChv3daVD2uYAZMUryVY8qrBxgnxFw_xO61E9wnoc3c0YZnLCNdDStYqn_O8A7tMOgnqDYWiXalUapXfxA8ymNbXUg
X-UserSessionId: bf391436-69ee-4877-96d7-da7ba69b65e8
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.14501.31875
X-Key: Ms5C2bIP3hWc5OZUGn/bNLL6r2jp/7jVkff5BODTV7E=,637677795952682859
X-bULS-SuppressionETag: 5DFFECF679A2FC7C00513A0222E7FDFB9E769F7F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Referer: https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=JNl98pNqqUqEfhQwsL67HA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F19B47E6386D2EF20%211094&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27%21A2&Item=%27VIN%27%21A1%3AG10&wdHideGridlines=True&wdInConfigurator=True&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-Requested-With: XMLHttpRequest
X-UserType: WOPI
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-xhr: 1
X-AccessTokenTtl: 1633997194579
X-WacCluster: PNL1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-officecluster: PGTUS6
x-officeversion: 16.0.14516.41034
x-officefe: BL6PEPF0000B6FC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
x-buls-suppressionetag: 5DFFECF679A2FC7C00513A0222E7FDFB9E769F7F
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4
content-length: 0
x-cache: CONFIG_NOCACHE
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4
x-correlationid: e8414621-2681-437d-b65f-8808f30806f2
x-officefd: BL6PEPF0000B6FC
x-usersessionid: bf391436-69ee-4877-96d7-da7ba69b65e8
date: Tue, 21 Sep 2021 00:06:39 GMT
x-download-options: noopen
content-type: text/plain
access-control-allow-origin: https://excel.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags
cache-control: private
x-msedge-ref: Ref A: DBFA1D1F01414221AF56CB579F1012A4 Ref B: VIEEDGE3308 Ref C: 2021-09-21T00:06:39Z

GET
H2 200 excel-app-intl-lazy-exp.min.js
c1h-excel-15.cdn.office.net/x/s/h895EC7D88C4C288C__layouts/App_Scripts/1031/ Frame 389D 373 KB
50 KB 35ms
16ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h895EC7D88C4C288C__layouts/App_Scripts/1031/excel-app-intl-lazy-exp.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "df3424319a8d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF000068D5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 50830
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Sun, 12 Sep 2021 21:00:48 GMT
x-officefd: AM4PEPF0001041E
x-msedge-ref: Ref A: C67966E890D543A9B179E1994925E067 Ref B: AM3EDGE1016 Ref C: 2021-09-17T07:33:35Z
x-usersessionid: 38a3664f-40ed-454e-bcbe-9cf073861250
date: Tue, 21 Sep 2021 00:06:39 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 38a3664f-40ed-454e-bcbe-9cf073861250
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 comment-pane-strings.min.js
c1h-excel-15.cdn.office.net/x/s/h8576FD6A8D5F430C__layouts/App_Scripts/1031/ Frame 389D 11 KB
4 KB 26ms
19ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h8576FD6A8D5F430C__layouts/App_Scripts/1031/comment-pane-strings.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "e1dba45f8da0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF00006942
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 2873
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Fri, 03 Sep 2021 06:31:48 GMT
x-officefd: AM4PEPF0001041A
x-msedge-ref: Ref A: 7598D8C8A07E4EE5B3C7EAD87B85C416 Ref B: AM3EDGE0716 Ref C: 2021-09-12T16:59:37Z
x-usersessionid: 80904a06-5253-496b-9f2c-404f6d858937
date: Tue, 21 Sep 2021 00:06:39 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 80904a06-5253-496b-9f2c-404f6d858937
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 EwaNov.png
c1h-excel-15.cdn.office.net/x/s/hF987E2D9828EAD77__layouts/Resources/ Frame 389D 10 KB
11 KB 21ms
14ms Image
image/png 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hF987E2D9828EAD77__layouts/Resources/EwaNov.png

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h2BBC1C9E7EB1713C__layouts/App_Scripts/Ewa.tp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://excel.officeapps.live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "a6bc9e299ea0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF000068EC
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2pfz=afd_wordcapacity_4_control
content-length: 10090
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_4_control
last-modified: Fri, 03 Sep 2021 08:31:59 GMT
x-officefd: AM4PEPF0001041C
x-msedge-ref: Ref A: 63F6DC9188714C909C96326A0AAE739D Ref B: AM3EDGE1019 Ref C: 2021-09-11T15:38:31Z
x-usersessionid: bbbd5d5a-5591-4f19-bc62-f9be1811dc55
date: Tue, 21 Sep 2021 00:06:39 GMT
content-type: image/png
access-control-allow-origin: *
x-correlationid: bbbd5d5a-5591-4f19-bc62-f9be1811dc55
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sharedComments.min.js
c1h-excel-15.cdn.office.net/x/s/h23263BAFDF5E1CD3__layouts/App_Scripts/ Frame 389D 412 KB
80 KB 24ms
17ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h23263BAFDF5E1CD3__layouts/App_Scripts/sharedComments.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "ebddf2139ea0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF000068E3
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 81053
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_control,afd_visioslice_control,afd_pptcapacity_2,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 03 Sep 2021 08:31:23 GMT
x-officefd: AM4PEPF000068A6
x-msedge-ref: Ref A: 1C70162648C64745BFE243AEE3332193 Ref B: AMS04EDGE1407 Ref C: 2021-09-11T08:40:30Z
x-usersessionid: be464402-f145-418e-867f-00fb583f13c2
date: Tue, 21 Sep 2021 00:06:39 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: be464402-f145-418e-867f-00fb583f13c2
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 GetHasUntrustedImageUrls
excel.officeapps.live.com/x/_vti_bin/EwaInternalWebService.json/ Frame 389D 1 KB
1 KB 54ms
53ms XHR
application/json 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excel.officeapps.live.com/x/_vti_bin/EwaInternalWebService.json/GetHasUntrustedImageUrls?context=%7B%22WorkbookMetadataParameter%22%3A%7B%22WorkbookMetadataState%22%3A%7B%22MetadataVersion%22%3A0%2C%22ServerEventVersion%22%3A0%7D%7D%2C%22ClientRequestId%22%3A%22144df0ae-1ce2-4f1f-9d53-e2b820baf6c9%22%2C%22MakeInstantaneousChange%22%3Afalse%2C%22SessionId%22%3A%2215.AM4PEPF000069311.A80.1.V25.800507lM0MDa6xO5E%2FgRwwFzv14.5.de-DE5.en-US23.19b47e6386d2ef20-Public1.S1.N16.16.0.14501.3187514.5.de-DE5.en-US1.V1.N0.1.S%22%2C%22TransientEditSessionToken%22%3Anull%2C%22PermissionFlags%22%3A344187%2C%22Configurations%22%3A1648656%2C%22CompleteResponseTimeout%22%3A0%2C%22IsWindowHidden%22%3Afalse%2C%22CollaborationParameter%22%3A%7B%22CollaborationState%22%3A%7B%22CollabStateId%22%3A0%2C%22UserListVersion%22%3A0%7D%7D%2C%22ViewModeStateId%22%3A0%2C%22MachineCluster%22%3A%22PNL1%22%2C%22AjaxOptions%22%3A0%2C%22ReturnSheetProcessedData%22%3Afalse%7D&waccluster=PNL1

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

X-WacNoAuth: 1
Accept-Language: de-DE,de;q=0.9
X-OfficeVersion: 16.0.14501.31875
X-Key: Ms5C2bIP3hWc5OZUGn/bNLL6r2jp/7jVkff5BODTV7E=,637677795952682859
X-Requested-With: XMLHttpRequest
X-xhr: 1
X-XL-SessionId: 15.AM4PEPF000069311.A80.1.V25.800507lM0MDa6xO5E/gRwwFzv14.5.de-DE5.en-US23.19b47e6386d2ef20-Public1.S1.N16.16.0.14501.3187514.5.de-DE5.en-US1.V1.N0.1.S
haep: 1
X-AccessToken: 4wDVOE6QgcIWe45jlvzBUnlAEauTmbWDrxwD7UY5MG6kgoxouKsMHYDHyJoJ9lvChv3daVD2uYAZMUryVY8qrBxgnxFw_xO61E9wnoc3c0YZnLCNdDStYqn_O8A7tMOgnqDYWiXalUapXfxA8ymNbXUg
X-UserSessionId: bf391436-69ee-4877-96d7-da7ba69b65e8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json; charset=utf-8
X-CorrelationId: 876916a3-2cb0-4aeb-9ff0-d95ed205c051
Referer: https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=JNl98pNqqUqEfhQwsL67HA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F19B47E6386D2EF20%211094&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27%21A2&Item=%27VIN%27%21A1%3AG10&wdHideGridlines=True&wdInConfigurator=True&sc=host%3D%26qt%3DFolders%26pt%3Dem
X-UserType: WOPI
X-AccessTokenTtl: 1633997194579
X-WacCluster: PNL1

Response headers

xlsecsid: AM4PEPF00006931
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF00006931
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
xlswfecid: 876916a3-2cb0-4aeb-9ff0-d95ed205c051
x-cache: CONFIG_NOCACHE
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 889
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
x-correlationid: 876916a3-2cb0-4aeb-9ff0-d95ed205c051
x-officefd: AM4PEPF000068AD
x-usersessionid: bf391436-69ee-4877-96d7-da7ba69b65e8
date: Tue, 21 Sep 2021 00:06:39 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
xlsecscid: 876916a3-2cb0-4aeb-9ff0-d95ed205c051
x-msedge-ref: Ref A: E5E478F45D0847BE9079139CE10E52EF Ref B: VIEEDGE3308 Ref C: 2021-09-21T00:06:39Z
timing-allow-origin: *

GET
H2 200 timer-black.png
support.grunwald.ru/templates/driverally/slideshow/files/components/ 705 B
883 B 51ms
51ms Image
image/png 188.225.18.85
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.grunwald.ru/templates/driverally/slideshow/files/components/timer-black.png
Requested by: Host: support.grunwald.ru
URL: https://support.grunwald.ru/templates/driverally/slideshow/files/orbit-1.2.3.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.225.18.85 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: vds.grunwald.ru
Software: nginx/1.14.2 /
Resource Hash

Request headers

:path: /templates/driverally/slideshow/files/components/timer-black.png
pragma: no-cache
cookie: e9d1433a0b8b4f8af26d1eeb85a2edc1=uvlqd0pkgk1ifkc2j0f3g6eeos; __utma=71392145.122139996.1632182794.1632182794.1632182794.1; __utmc=71392145; __utmz=71392145.1632182794.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=71392145.1.10.1632182794; _ym_uid=1632182794941163526; _ym_d=1632182794; _ga=GA1.2.122139996.1632182794; _gid=GA1.2.776741264.1632182794; _gat_gtag_UA_76975634_3=1; _ym_isad=2; _ym_visorc=w
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: support.grunwald.ru
referer: https://support.grunwald.ru/templates/driverally/slideshow/files/orbit-1.2.3.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://support.grunwald.ru/templates/driverally/slideshow/files/orbit-1.2.3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 00:06:39 GMT
last-modified: Wed, 26 Aug 2020 09:26:37 GMT
server: nginx/1.14.2
etag: "5f462acd-2c1"
content-type: image/png
cache-control: max-age=8380800
accept-ranges: bytes
content-length: 705
expires: Mon, 27 Dec 2021 00:06:39 GMT

POST
H2 200 RemoteUls.ashx
excel.officeapps.live.com/x/ Frame 7B62 0
0 47ms
47ms Ping
text/plain 13.107.6.171
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://excel.officeapps.live.com/x/RemoteUls.ashx?usid=bf391436-69ee-4877-96d7-da7ba69b65e8
Requested by: Host: c1-shared-15.cdn.office.net
URL: https://c1-shared-15.cdn.office.net/clipboard/s/161450131875_App_Scripts/sharedclipboard.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.6.171 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://shared.officeapps.live.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://shared.officeapps.live.com
access-control-expose-headers: X-EndSession, X-CorrelationId, X-OfficeFE, X-NewKey, X-bULS-SuppressionETag, X-bULS-SuppressedTags

GET
H2 200 floatingContainerManager.min.js
c1h-excel-15.cdn.office.net/x/s/hC999BDAD69575CAB__layouts/App_Scripts/ Frame 389D 39 KB
9 KB 7ms
7ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hC999BDAD69575CAB__layouts/App_Scripts/floatingContainerManager.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "fe4012a498a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF000068D5
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 8730
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Fri, 03 Sep 2021 07:52:27 GMT
x-officefd: AM4PEPF0001041F
x-msedge-ref: Ref A: 3BD92B1EB7FD4C7481CB4395F5F5EF22 Ref B: AMS04EDGE1407 Ref C: 2021-09-11T08:40:31Z
x-usersessionid: da1c0912-e759-4649-9c59-38ff9bbc2de4
date: Tue, 21 Sep 2021 00:06:39 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: da1c0912-e759-4649-9c59-38ff9bbc2de4
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 excel-uiSlice20-sprite-exp.min.js
c1h-excel-15.cdn.office.net/x/s/h2348B3C2E0885D6E__layouts/App_Scripts/1031/ Frame 389D 1 MB
120 KB 8ms
7ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h2348B3C2E0885D6E__layouts/App_Scripts/1031/excel-uiSlice20-sprite-exp.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "2b102ba524a8d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF000068DF
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3,2pfz=afd_wordcapacity_4
content-length: 122177
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wordcapacity_2_control,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3,afd_wordcapacity_4
last-modified: Sun, 12 Sep 2021 22:22:17 GMT
x-officefd: AM4PEPF0000F385
x-msedge-ref: Ref A: E4528CC5B3EB4BEFBF144FAEA97A535E Ref B: AM3EDGE0705 Ref C: 2021-09-16T14:57:32Z
x-usersessionid: 2fefd224-5882-4fe4-a5dc-971860ef78b3
date: Tue, 21 Sep 2021 00:06:39 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 2fefd224-5882-4fe4-a5dc-971860ef78b3
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 uiSlice20.min.js
c1h-excel-15.cdn.office.net/x/s/hC20E97C20D19C6F0__layouts/App_Scripts/ Frame 389D 707 KB
125 KB 11ms
11ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hC20E97C20D19C6F0__layouts/App_Scripts/uiSlice20.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h3E75DBC7DC8464E4__layouts/App_Scripts/runtime.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "f551e42082a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF000068ED
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3
content-length: 126952
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_visioslice,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3
last-modified: Fri, 03 Sep 2021 05:11:18 GMT
x-officefd: AM4PEPF0001041C
x-msedge-ref: Ref A: 1DE5C6533A764657A7415A85777CD822 Ref B: AMS04EDGE1206 Ref C: 2021-09-11T06:01:21Z
x-usersessionid: f760cf09-c74a-4952-93cc-bb576dc823c0
date: Tue, 21 Sep 2021 00:06:39 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: f760cf09-c74a-4952-93cc-bb576dc823c0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ewa.safelinks.js
c1h-excel-15.cdn.office.net/x/s/h1CF57144972C8A0E__layouts/App_Scripts/ Frame 389D 14 KB
4 KB 12ms
12ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/h1CF57144972C8A0E__layouts/App_Scripts/Ewa.safelinks.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h1D8CB55FDCCA003C__layouts/App_Scripts/Ewa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "144a1bd898a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.31875
x-officefe: AM4PEPF000068DD
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3_control
content-length: 3839
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3_control
last-modified: Fri, 03 Sep 2021 07:53:55 GMT
x-officefd: AM4PEPF000068A7
x-msedge-ref: Ref A: 01AB9F27ED73407EAE506CA0FCD4F078 Ref B: AMS04EDGE1211 Ref C: 2021-09-11T11:28:01Z
x-usersessionid: 723025b5-dae5-4047-9c4d-5fbb5bfdd8e4
date: Tue, 21 Sep 2021 00:06:39 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 723025b5-dae5-4047-9c4d-5fbb5bfdd8e4
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sharedCommentsLazy.min.js
c1h-excel-15.cdn.office.net/x/s/hD9013364FA7C735E__layouts/App_Scripts/ Frame 389D 477 KB
92 KB 12ms
12ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hD9013364FA7C735E__layouts/App_Scripts/sharedCommentsLazy.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h3E75DBC7DC8464E4__layouts/App_Scripts/runtime.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "fc2aed1c93a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF00006928
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5,2oge=afd_wordcapacity_3,2pfz=afd_wordcapacity_4_control
content-length: 93559
cache-control: public,max-age=31536000
x-msedge-features: typeheadertest,afd_waccluster,afd_wacinfra4,afd_wacinfra5,afd_wordcapacity_3,afd_wordcapacity_4_control
last-modified: Fri, 03 Sep 2021 07:12:53 GMT
x-officefd: AM4PEPF000068A5
x-msedge-ref: Ref A: 5DC44AD3292546DE86209581370253D1 Ref B: AMS04EDGE1208 Ref C: 2021-09-11T08:40:32Z
x-usersessionid: c27dffb1-6c83-4484-a406-2604d35eb034
date: Tue, 21 Sep 2021 00:06:39 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: c27dffb1-6c83-4484-a406-2604d35eb034
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 uiFabricLazy.min.js
c1h-excel-15.cdn.office.net/x/s/hFD4D2A1CDCE0AFAB__layouts/App_Scripts/ Frame 389D 2 KB
1 KB 13ms
8ms Script
application/javascript 2.18.232.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c1h-excel-15.cdn.office.net/x/s/hFD4D2A1CDCE0AFAB__layouts/App_Scripts/uiFabricLazy.min.js

Requested by

Host: c1h-excel-15.cdn.office.net
URL: https://c1h-excel-15.cdn.office.net/x/s/h3E75DBC7DC8464E4__layouts/App_Scripts/runtime.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "456138f292a0d71:0"
x-officecluster: PNL1
x-officeversion: 16.0.14501.35904
x-officefe: AM4PEPF0000692B
p3p: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
cross-origin-resource-policy: cross-origin
x-msedge-flight: 2i49=afd_wacinfra4,2i4a=afd_wacinfra5
content-length: 764
cache-control: public,max-age=31536000
x-msedge-features: tasmigration015,typeheadertest,afd_waccluster,afd_pptcapacity_control,afd_wacinfra4,afd_wacinfra5
last-modified: Fri, 03 Sep 2021 07:11:42 GMT
x-officefd: AM4PEPF0001041C
x-msedge-ref: Ref A: 2EF4F2F330C24CCEA43F9D906E072D14 Ref B: AM3EDGE1006 Ref C: 2021-09-11T07:28:58Z
x-usersessionid: 9d90154a-25cf-4e8f-bbfd-eeb802acd8bf
date: Tue, 21 Sep 2021 00:06:40 GMT
content-type: application/javascript
access-control-allow-origin: *
x-correlationid: 9d90154a-25cf-4e8f-bbfd-eeb802acd8bf
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/ Frame 389D 35 KB
36 KB 106ms
8ms Font
application/font-woff2 104.111.225.185

General

Check archive.org

Show headers Download Go to

Full URL: https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.225.185 -, , ASN (),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer: https://excel.officeapps.live.com/
Origin: https://excel.officeapps.live.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 21 Sep 2021 00:06:40 GMT
last-modified: Thu, 02 Nov 2017 17:22:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: hl8dtlRfyUovRETdYOe7xg==
etag: 0x8D522163B704E10
content-type: application/font-woff2
access-control-allow-origin: *
x-ms-request-id: acf6ab5b-401e-0096-046c-528ffc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=21174349
x-ms-version: 2009-09-19
content-length: 36344

POST /
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 389D 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Oswald

Domain: browser.events.data.microsoft.com
URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-2.4.6&apikey=79b56d2f6f2444f1a3d7f7c7f12bcc0c-f47f5fe6-ed89-42f6-8a43-cea0f5930b17-7407,fad3bd1d8e4b4c06894bd7bac80e4f02-67df67b4-f1fd-4ecd-9d55-4d41540b1757-7724,c274b3e05ac5448dae8fbb7466da6acb-fd6dc8de-18b7-409c-a696-4bd66f7a5322-7902&upload-time=1632182800103&time-delta-to-apply-millis=use-collector-delta&w=2

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
excel.officeapps.live.com/x/_layouts	1970-01-20 06:08:38	Name: PageLoadSkeletonState Value: %7B%22IsEnabled%22%3Atrue%2C%22Options%22%3A1088%7D
.officeapps.live.com/x	1970-01-20 06:08:38	Name: timeZoneId Value: Etc%2FUnknown
support.grunwald.ru/	1969-12-31 23:59:59	Name: e9d1433a0b8b4f8af26d1eeb85a2edc1 Value: uvlqd0pkgk1ifkc2j0f3g6eeos
.support.grunwald.ru/	1970-01-20 14:54:14	Name: __utma Value: 71392145.122139996.1632182794.1632182794.1632182794.1
.support.grunwald.ru/	1969-12-31 23:59:59	Name: __utmc Value: 71392145
.support.grunwald.ru/	1970-01-20 01:45:50	Name: __utmz Value: 71392145.1632182794.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.support.grunwald.ru/	1970-01-19 21:23:03	Name: __utmt Value: 1
.support.grunwald.ru/	1970-01-19 21:23:04	Name: __utmb Value: 71392145.1.10.1632182794
.grunwald.ru/	1970-01-20 06:08:38	Name: _ym_uid Value: 1632182794941163526
.grunwald.ru/	1970-01-20 06:08:38	Name: _ym_d Value: 1632182794
.grunwald.ru/	1970-01-20 14:54:14	Name: _ga Value: GA1.2.122139996.1632182794
.grunwald.ru/	1970-01-19 21:24:29	Name: _gid Value: GA1.2.776741264.1632182794
.grunwald.ru/	1970-01-19 21:23:02	Name: _gat_gtag_UA_76975634_3 Value: 1
.mc.yandex.com/	1970-01-19 21:23:03	Name: sync_cookie_csrf Value: 1966556610fake
.grunwald.ru/	1970-01-19 21:24:14	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-19 21:23:03	Name: sync_cookie_csrf Value: 3787225578fake
.yandex.com/	1970-01-20 06:08:38	Name: yandexuid Value: 6130906711632182794
.yandex.com/	1970-01-20 06:08:38	Name: yuidss Value: 6130906711632182794
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2032705541632182794
.yandex.com/	1970-01-23 12:59:02	Name: i Value: zgGhO3bgIT1z/uAvLIRxAw5Vvf0mNs3bG7UsY8zsQDLPyS2STmnbJrv4MSEOgOEhEIBvRsKlQ9g2VjXE+at2l4Q+X44=
.yandex.com/	1970-01-20 06:08:38	Name: ymex Value: 1663718794.yrts.1632182794#1663718794.yrtsi.1632182794
.grunwald.ru/	1970-01-19 21:23:04	Name: _ym_visorc Value: w
excel.officeapps.live.com/	1970-01-19 23:34:08	Name: DcLcid Value: ui=1031&data=1033
.excel.officeapps.live.com/	1969-12-31 23:59:59	Name: PNL1-Excel-ARRAffinity Value: 9b1e5735bc14d1771e17474835bff827cf2205a06420111e3d5d5831b9cc982a

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://support.grunwald.ru/templates/driverally/modules/jload.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://support.grunwald.ru/(Line 45) Message: Mixed Content: The page at 'https://support.grunwald.ru/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Oswald'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://support.grunwald.ru/templates/driverally/modules/jload.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://support.grunwald.ru/templates/driverally/slideshow/4.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9402.pEeqZGcQ2AoZ4lwHv2iM3RR0Dk9ibaLD3KlLKtJKqFOMhcXGqkhO4zdzKawHFOo2RUMh-EYPgrQZ9Cke8a4ajw%2C%2C.RhAckFry-o5aB09xPTAbrervclc%2C Message: Failed to load resource: the server responded with a status of 400 ()
javascript	error	URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js Message: Refused to get unsafe header "X-EndSession"
javascript	error	URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js Message: Refused to get unsafe header "X-OfficeFE"
javascript	error	URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js Message: Refused to get unsafe header "X-WacFrontEnd"
javascript	error	URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js Message: Refused to get unsafe header "X-RemoveWacFrontEnd"
javascript	error	URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js Message: Refused to get unsafe header "X-IsCacheable"
javascript	error	URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js Message: Refused to get unsafe header "X-CorrelationId"
javascript	error	URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js Message: Refused to get unsafe header "X-NewKey"
javascript	error	URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js Message: Refused to get unsafe header "OdsiHttpModule"
javascript	error	URL: https://c1h-excel-15.cdn.office.net/x/s/h3F0015967CFDC00B__layouts/App_Scripts/Aacorlib.min.js Message: Refused to get unsafe header "X-CorrelationId"
javascript	warning	URL: https://excel.officeapps.live.com/x/_layouts/xlembed.aspx?ui=de-DE&rs=en-US&hid=JNl98pNqqUqEfhQwsL67HA.0&WOPISrc=https%3A%2F%2Fwopi.onedrive.com%2Fwopi%2Ffiles%2F19B47E6386D2EF20%211094&wdAllowInteractivity=False&AllowTyping=True&ActiveCell=%27VIN%27%21A2&Item=%27VIN%27%21A1%3AG10&wdHideGridlines=True&wdInConfigurator=True&sc=host%3D%26qt%3DFolders%26pt%3Dem Message: The resource https://c1h-excel-15.cdn.office.net/x/s/h426CD95DF4577DD8__layouts/App_Scripts/richTextEditor.min.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.events.data.microsoft.com
c1-shared-15.cdn.office.net
c1h-excel-15.cdn.office.net
excel.officeapps.live.com
fonts.googleapis.com
fs.microsoft.com
js.live.net
mc.yandex.com
mc.yandex.ru
mrodevicemgr.officeapps.live.com
onedrive.live.com
shared.officeapps.live.com
spoprod-a.akamaihd.net
ssl.google-analytics.com
static2.sharepointonline.com
support.grunwald.ru
www.google-analytics.com
www.googletagmanager.com
www.support.grunwald.ru
browser.events.data.microsoft.com
fonts.googleapis.com
104.111.225.185
104.111.237.183
13.107.42.13
13.107.6.171
142.250.184.238
172.217.23.104
188.225.18.85
2.16.186.25
2.18.232.120
2.18.232.191
2.18.232.238
216.58.212.136
52.109.76.40
93.158.134.119
00486cc6c680bb888862c79194097bb7162d1fcd548edc43218af0cb5af941b4
01ef1b08588ab806358bd49de2094fd8b9e1b0b24dd2f04adaed703b56fda4d9
05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba
0f7dcfff4f0debdf3f67e3619a58bfc2684e0a301121380f43c0065406e852e3
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1394b1c43663fa167060186091800d4cae0696af7b64c14f2848b44124074c7e
145da2f97a4e3efe0e2c44d956760d91f34bf967d01872bb06292d086a30e7c2
1522f5c0f14d035c42540d84ad4d00d92b72240e91784c15c59e12921a1f0d79
1649ecf36f462942fd217553d73feedd25ab8824af7b2219ad4d947a2913778f
1794807fd115917bc39549ecf3b5bf5d72d2989275e28bb85dfedfae90621104
1d8cb55fdcca003c04dd491dfc92a6314672281ccd0568c0826060a0390f7905
1d9579b38a442f25fea006d3ef8c712ce0e024d7800013a7368c37d47943de09
20f7c83ab9dfdc1e88f4c3fafc0712492200ab738fb30660526bad9dcb7282dc
21bbe419fb274f00ec3e37cdcd8f11b45f9fc8757d20a9624730793bc1d4bae4
23a5f4741cf666e540ff561dd971038bb48c2853d039c47990062f9d6f2259d2
28d2ea830419c1113b472abdb05ea9379d3e46893cb8335055e2afb3e1f6b725
2bbc1c9e7eb1713cfd939dfdf4148c02c7aa093088452ca0bd25ff2c76c17a60
2db897ac8eca59e7bdd59769bc3d66e344e874be7c331e9554931f6aa09d597e
2f95cddc41d79343acd4194569538eb07ae5bdd1ec90469253f41ee5db530b67
2fd29732fe09cf1b9ece18cce04e47509bf66ebbb9e9b2e9ef27a97b5e682f76
3373040c892aede5173d0ff79f656b840a88c3ff98d5ae2d3cb86d002b124f1c
36da7c3931e03ae21506b0e7a9a26573e414d4ca7bb659c7c6c8a421a79efb6c
3750f5d563d062ed8c4e2a0516da3374b8fbcdedee0608e107efd97ded80bcae
37d1ac1ee62c8e139b955a2f55325d173b7507001d00050454abc0ecbdf67077
3a836610fb63660d033694ca940795a15a1c245429b1ed59cdb8e38fb40113a5
3d8504ac195b0d06441b5063b842cec45e895ef594773a187783cf4290d55658
3e75dbc7dc8464e4c3d80f69282ee80de12c62c7b0d320d07900a75e3f1b1d9c
3f0015967cfdc00b10ed549580bcfcd6e1ab5aaf057df55855e891ea237fd255
426cd95df4577dd867ece754474b1de96ce020b734f27ce35c47cac7165d0b7d
43760bb114c3f99b6e82f37a12b9d89c4903b53bde6b1c04e158bb6e7c2b8603
46689198526f176cb3bb2881be2e8f1273be7293fea0625f2c3bfa2058c9b422
47d2b72e7abffa3440f4cb7dd32119b0a7e2c19d31c068fcddf23e30ccc3a2f1
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4d54a5f9a58647882e3ecda9c1c0ef87af16911d42ad51b4e8b718f84443c553
52d49bc1c4f2e0defe116c0a2d0c35883b7f2f919f3e72afdbbb5b8d3193d980
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56b45911e051c1646d4d3142025c2bde7ce98db38259c207959ac2413db542b5
58d91cc5353cb12183005a33800fd096c2d59338c8a0962317189547029c8359
5b40665a9c6eda7ee5b01320fae0bc3bda499e8df67c518193f944683dc70c79
5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6
5c15c38a2b7554cab332dfb9e87398220fcb9a285e18905a20a50b439cba7ccb
5d640ea5000f6b536946952f2c6336b4bf01d8704ea337f5f3c81d4f4aaf527c
62e7c9968d382fa4b9dadad3c9e3647d9515ea09329a72f66708d0ff239a48e2
647c9c68e9bf25514196b610062d407928a9c57a63813b7ac93c7d892c98921f
66b453a1fea4fb3c6f1b13f60325aa57e16a5a2efeda67d25ee049fd87883873
66c6b19e56a3a283448cfa65e8c47dbc8ac0a83050bb9029f82ed18c4409e1b2
675ef8c6058f95362d85e617ed010feb16858eb80faf6c9f7fb595d9f9a10ed7
6918d6d791d6c1d9daa7aee4e27ac93d0c33db07aa07fe06ab31ae2c065c2400
6aeced2043d9a095ca4580efeef8af09e7942353fbadfa3191f5c4dbf53120b4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e5166f7fb9c25605d1f0739ca9e239f9165f78c473c6c60727f780ab1dd453d
73993229808b7d2113c10a235adc50b966b2dbc3c97dd2f0fd57ca1bef809ba4
74e5e7ad189ed8c14231da0263924c7db19f272098f01ca82f6160d95970735f
7569981ecda6509f584115c42a822700dcd3f700db0dff68447b1500bae8f402
7d6005938058587c5cf0c20e3362eb34d8e74822fdc521e114adab287cfa98f0
7f1e515f5b5de6cf9e095e97e7f91bde29716cb4bb496d69f53a228e651751ac
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8b7e6e9bc542f9d526d4363ce316df91e1eb78e777a104241125dd1cea127a77
8c8b3c65c98d4826cb0965190543579aa451f4ee1e099a23c4e51f05fe5e4d43
986dec93dfc0e86b96e2744e9205242f5de711af9de9695b1a8b804aa7507625
9944b1fc99c14f0afe75e6911eedea63cfa4b9e361e4ef85cd1e16ad08dd8d00
9db43e4a687084df93038c3d02cc4c149dff1210727059b82a7aac112a486eda
9ed66e74a05cf54e421306ac1c05ea1b915c37088dfa0b8cfc6e4e8a400f2c30
a40d6bd1a35a0120958f37a470fcff4088c7c3276a2b3fb2d2936c8bbe4c17e3
a7b0b397679c4c48b0e39459e834c5bc04cb95b52e015cc92a32c6001ae47596
b0fc8a4f81d13b1f3bc1843a6f2d43f46e5c9128837096b8d53f2360b8daec18
b240d68de7c3795c87771f510527c201d7d67f0e065d973b16bf86855932f9a2
b2d37ecc3ec60d4253dffbf672275fa7b75abf99f814864d35fd61830a69306f
b48e382065d532f01ba73a01418d138eefe8a3ce4ebfffec9a37142b40b9f458
b6d280f2940f76e888cec97c0ba6071751c043612910fe93e1a3b19e34c930ce
b78a3d922099ceb15cf0682457ba90b960322482b42d167dab98b0a066671062
b7ab99f404e84cb71d274c9dca01c0b4a68b7adb20309c5f04387cb809cc0547
bb7222cfcf4a5744967c74263a7ae6eb54c4035999ced3fa4551d49f9d717409
bd88d1e741693ab877b020059b46be7cf4ef62b46017b2489a8cd1bf9ce5b9fc
c0153afba2ee2258329d951763cc14531c98cdecfc22d55be2597cfad0cc6e54
c1ecbf0ca8021604154fdc23f84332a7832d401d133adafe5f656cdd60d9b699
c3642dd2460cdc44889718cbea99907186a5b56fb0624972cfeff639dd77dbfb
c5f5ad6cdef87c780ecfd3794c0d5acd000dbd4815ab80b2f72f3265bdc4e9fa
c6ea91234604edce04f8efab9617320d340ec8834efcafc74d2cae74ce5102aa
c7af168fbc0724193588c71424cff5083e61c94616cbcb825e9cb9ac5743cfe3
cce35310cf823ef643101f39cf524646e2173be0da703e8ea1c4ccdcff1c8fa1
ce17dc2640366f576bae917f0273df37e1ab66074f6dbc1caa587089e38516b2
d4c9bd86a5465d8414b7a10438d28110836126b387990d492fe545a5e701904a
d50b9852ce176350c41f3a8b9bc01132659f8b18b9ccec1cdea6e98d28176daf
d6c15974b6181a68e9b74e4f38fbac81d640569ef0fbbaa3381cc59683a9763f
dabec47e513002d5683b223cb53c49012cf9efe5d11a3e257f69841af134ff5a
def6f7343b3fa79427426a51dbf484dc713fb9cc6d2813316303c73f05f29b3a
df527c66599dd5d18d9e10452e5f25639ed8a865d41567ec4e3cd86756038186
dfc299d01fcf919cecf9a6595437751327d29e5523e51058affd20e5bec8b891
e12e254db4137e7499b0d434cee3e96ec398c953581a3930d7d6bb927fc43eac
e2820061acdbde09cbfbd98b6a84a4fde4e17b96ef6962d822dd43a4f4084ea2
e295962fc14484bba2b922665176096ce99fadced1abb18a9f53d78338017a5c
e332e97ad7ff9ecb8f7af90b76e8cebea41cc39f198f3a51ff9f24e30ee6c3c4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6badc2a49867d2223c9a45d6cbcdfd79f9d8f3b2e8520e517eea76a8b8c44aa
eb6ce0925319afff5bf85c55d4dee6f1239e851b4264ffa14e951aee2bbeab26
ec934a05f4e8931d018e2779ccdf397960a3ddd95ffd771abaa538ba12933ea7
ee43222bc3a3d6c1cab5dc4115bd2a3c2b348f4b4e448283e0eaca84de6763d6
f4c26d44b5f27a564b1980e1a8d51857f2fa4e274aa67f641b8d4e5b91c2ef4b
f81bfb51a17b2f99da960378bf877ad620cf5b36556dad069896fd19e30c5baf
f9386fa35fc60f08c38d340a811492596679978277a65ece123505e27ffd23ba
f987e2d9828ead776cb236e3efa082920c6605fd4bc3676bc93447ef677657c2
f9ecc6f5b65610fbb9031e5506ee566d4d7fb74136770bb7e1d0260e52f38f12
fd01339351e5e649fb01b61f12400759c192039c702b53195dfafb6c161f5f9f
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd713610c137abc82bbf5f5301cb8c3568c54d661b010b78b193bb8919d8ffa0
fd755fdf6f0b8c28a8790a7e8b4fdc8ffba8f73bd6ea05b61e7566c09afa8086

support.grunwald.ru Open in urlscan Pro 188.225.18.85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

132 Requests

97 %HTTPS

0 %IPv6

12 Domains

19 Subdomains

15 IPs

3 Countries

6957 kBTransfer

23177 kBSize

24 Cookies

3 Outgoing links

Page URL History

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

support.grunwald.ru Open in urlscan Pro
188.225.18.85 Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

97 %
HTTPS

0 %
IPv6

12
Domains

19
Subdomains

15
IPs

3
Countries

6957 kB
Transfer

23177 kB
Size

24
Cookies

132 HTTP transactions
1 data transactions