online.officerecovery.com Open in urlscan Pro
2606:4700::6811:9eb5 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://online.officerecovery.com/fr/
Submission: On March 01 via api (March 1st 2023, 12:49:37 pm UTC) from CZ — Scanned from DE

Summary HTTP 69 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 13 domains to perform 69 HTTP transactions. The main IP is 2606:4700::6811:9eb5, located in United States and belongs to CLOUDFLARENET, US. The main domain is online.officerecovery.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 12th 2022. Valid for: a year.

This is the only time online.officerecovery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700::68... 2606:4700::6811:9eb5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:1ec:4e:1... 2620:1ec:4e:1::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
5	2a00:1450:400... 2a00:1450:400d:807::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
2	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:804::200d	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:802::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:803::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80d::2003	15169 (GOOGLE) (GOOGLE)
69	21

16 2606:4700::6811:9eb5 (United States)

ASN13335 (CLOUDFLARENET, US)

online.officerecovery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:4e:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.70.113 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

assets.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

securedata.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:804::200d (Ireland)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::2002 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::2006 (Ireland)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	officerecovery.com online.officerecovery.com	109 KB
10	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 1803 ekr.zdassets.com — Cisco Umbrella Rank: 2092	439 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 87	839 KB
8	google.com apis.google.com — Cisco Umbrella Rank: 111 accounts.google.com — Cisco Umbrella Rank: 76 www.google.com — Cisco Umbrella Rank: 2	151 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 778 syndication.twitter.com — Cisco Umbrella Rank: 1135	149 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com ssl.gstatic.com	53 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 239	30 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 static.doubleclick.net — Cisco Umbrella Rank: 262	1 KB
3	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 352	17 KB
3	zendesk.com 1 redirects assets.zendesk.com — Cisco Umbrella Rank: 7582 securedata.zendesk.com	2 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 228	1 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 109	30 KB
1	linkedin.com platform.linkedin.com — Cisco Umbrella Rank: 3065	160 KB
69	13

	Domain	Requested by
16	online.officerecovery.com	online.officerecovery.com
9	www.youtube.com	online.officerecovery.com www.youtube.com
9	static.zdassets.com	online.officerecovery.com assets.zendesk.com static.zdassets.com
5	apis.google.com	online.officerecovery.com apis.google.com accounts.google.com
4	jnn-pa.googleapis.com	www.youtube.com
4	platform.twitter.com	online.officerecovery.com platform.twitter.com
3	ssl.google-analytics.com	online.officerecovery.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	accounts.google.com	apis.google.com online.officerecovery.com
2	securedata.zendesk.com	static.zdassets.com
2	syndication.twitter.com	platform.twitter.com online.officerecovery.com
2	fonts.gstatic.com	www.youtube.com
1	ssl.gstatic.com	accounts.google.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	ekr.zdassets.com	assets.zendesk.com
1	assets.zendesk.com	1 redirects
1	platform.linkedin.com	online.officerecovery.com
69	21

This site contains links to these domains. Also see Links.

Domain
www.officerecovery.com

Subject Issuer	Validity	Valid
*.officerecovery.com Go Daddy Secure Certificate Authority - G2	`2022-11-12` - `2023-12-14`	a year	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2023-02-27` - `2023-08-27`	6 months	crt.sh
zdassets.com Cloudflare Inc ECC CA-3	`2022-11-10` - `2023-11-09`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
securedata.zendesk.com Cloudflare Inc ECC CA-3	`2022-05-05` - `2023-05-05`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://online.officerecovery.com/fr/
Frame ID: 918FF7AB9AE4FB8F98EBE222ABB9CD76
Requests: 26 HTTP requests in this frame

Frame: https://static.zdassets.com/ekr/asset_composer.js
Frame ID: 9601B88DF44D95F5C82A523380D74E10
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
Frame ID: 951BC4626F911741056FA970809E90BE
Requests: 21 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fonline.officerecovery.com
Frame ID: 33F0EBA67DD37D70AB56EFD56BB3C619
Requests: 2 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-c51f107a0ca3e84336b0.js
Frame ID: 79DE0D7A38F16D596F56011658179680
Requests: 10 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&annotation=none&origin=https%3A%2F%2Fonline.officerecovery.com&url=https%3A%2F%2Fonline.officerecovery.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Kkp5jCVP1mE.O%2Fd%3D1%2Frs%3DAHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw%2Fm%3D__features__
Frame ID: 558B73A9B51DBEBEFBE2473CFBF5A320
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fonline.officerecovery.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Kkp5jCVP1mE.O%2Fd%3D1%2Frs%3DAHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw%2Fm%3D__features__
Frame ID: 2BF6534E02C9D931E0BBDA967BF41988
Requests: 5 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: B4236A3C80B347F9C0D9372B0DD5ACCB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Réparer un fichier endommagé (word, excel, access, powerpoint, photo). Gratuits et payants en ligne de réparation de fichiers - OfficeRecovery.com

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

69
Requests

96 %
HTTPS

80 %
IPv6

13
Domains

21
Subdomains

21
IPs

4
Countries

1982 kB
Transfer

6737 kB
Size

19
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: http://www.officerecovery.com/fr/office/
Title: OfficeRecovery 2012 Suites

Search URL Search Domain Scan URL

URL: http://www.officerecovery.com/fr/
Title: OfficeRecovery site principal

Search URL Search Domain Scan URL

URL: http://www.officerecovery.com/fr/exchange/
Title: Exchange Server

Search URL Search Domain Scan URL

URL: http://www.officerecovery.com/fr/recovery-for-exchange-ost/
Title: Exchange OST

Search URL Search Domain Scan URL

URL: http://www.officerecovery.com/fr/outlookundelete/
Title: Undelete for Outlook

Search URL Search Domain Scan URL

URL: http://www.officerecovery.com/fr/registry/
Title: Windows Registry

Search URL Search Domain Scan URL

URL: http://www.officerecovery.com/fr/activedirectory/
Title: Active Directory

Search URL Search Domain Scan URL

URL: http://www.officerecovery.com/fr/sharepoint/
Title: SharePoint

Search URL Search Domain Scan URL

URL: http://www.officerecovery.com/fr/mediaheal_for_flash/
Title: Flash Drive

Search URL Search Domain Scan URL

URL: http://www.officerecovery.com/fr/mediaheal_for_hard_drives/
Title: Hard Drive

Search URL Search Domain Scan URL

URL: http://www.officerecovery.com/fr/mediaheal_for_cd_and_dvd/
Title: CD and DVD

Search URL Search Domain Scan URL

URL: http://www.officerecovery.com/fr/photorecovery/
Title: Photo File

Search URL Search Domain Scan URL

URL: http://www.officerecovery.com/fr/mediaheal_for_diskettes/
Title: Diskette

Search URL Search Domain Scan URL

URL: http://www.officerecovery.com/fr/mediaheal_for_removable_disks/
Title: Removable Disk

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://assets.zendesk.com/embeddable_framework/main.js HTTP 301
https://static.zdassets.com/ekr/asset_composer.js

Request Chain 37

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

69 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
online.officerecovery.com/fr/ 35 KB
9 KB 1755ms
1315ms Document
text/html 2606:4700::6811:9eb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/fr/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.29 ASP.NET
Resource Hash: 1b7380d3a005c31de4fbb30ab0a35150461371253e551a78656ab863e0b344fd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7a118527891e9b31-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 01 Mar 2023 12:49:29 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/5.3.29 ASP.NET

GET
H2 200 jquery-1.4.4.min.js Show response
online.officerecovery.com/oronline/Scripts/ 77 KB
27 KB 411ms
409ms Script
application/x-javascript 2606:4700::6811:9eb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/oronline/Scripts/jquery-1.4.4.min.js
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/fr/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cd48dbf725908c4b2152a70da7610d7ff56c5f4c3aedecdacfa01cd71499d9fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.officerecovery.com/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:29 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 04 Mar 2021 14:50:13 GMT
server: cloudflare
etag: W/"f6e39dae511d71:0"
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: application/x-javascript
cache-control: no-cache
cf-ray: 7a11852fce069b31-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-ui.min.js Show response
online.officerecovery.com/oronline/Scripts/ 194 KB
50 KB 425ms
423ms Script
application/x-javascript 2606:4700::6811:9eb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/oronline/Scripts/jquery-ui.min.js
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/fr/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c98517e69c8e625e76d3f7e9d8cb64dd11ebbb0e4bfef31fd0f1bbdad0e3a942

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.officerecovery.com/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:29 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 04 Mar 2021 14:50:13 GMT
server: cloudflare
etag: W/"5f439fae511d71:0"
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: application/x-javascript
cache-control: no-cache
cf-ray: 7a11852fce079b31-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.hint.js Show response
online.officerecovery.com/oronline/Scripts/ 1 KB
648 B 440ms
438ms Script
application/x-javascript 2606:4700::6811:9eb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/oronline/Scripts/jquery.hint.js
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/fr/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 327d29643789f218395ff095d67b961952db48dc01dde148a556c810c1d49b35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.officerecovery.com/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:29 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 04 Mar 2021 14:50:13 GMT
server: cloudflare
etag: W/"f0909fae511d71:0"
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: application/x-javascript
cache-control: no-cache
cf-ray: 7a11852fce089b31-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 orutils.min.js Show response
online.officerecovery.com/oronline/Scripts/ 26 KB
5 KB 439ms
437ms Script
application/x-javascript 2606:4700::6811:9eb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/oronline/Scripts/orutils.min.js
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/fr/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a1eea811108ad228907c95c23624658c51bf3aee91647864117dd390fa44bd40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.officerecovery.com/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:29 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 04 Mar 2021 14:50:13 GMT
server: cloudflare
etag: W/"8817a1ae511d71:0"
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: application/x-javascript
cache-control: no-cache
cf-ray: 7a11852fce099b31-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 tabber.min.js Show response
online.officerecovery.com/oronline/Scripts/ 5 KB
2 KB 418ms
416ms Script
application/x-javascript 2606:4700::6811:9eb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/oronline/Scripts/tabber.min.js
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/fr/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a72c24fd1b83ea4764c4d99c5c0df3d74eaec988d0ce4620b4dba760ec968ad9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.officerecovery.com/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:29 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 04 Mar 2021 14:50:13 GMT
server: cloudflare
etag: W/"ad65a1ae511d71:0"
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: application/x-javascript
cache-control: no-cache
cf-ray: 7a11852fce0b9b31-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 langswitcher.css
online.officerecovery.com/oronline/Content/ 2 KB
834 B 406ms
404ms Stylesheet
text/css 2606:4700::6811:9eb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/oronline/Content/langswitcher.css
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/fr/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a064c2db2689dbec285086e980f72e04aede8bbf85a6b9e8006415277d920c4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.officerecovery.com/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:29 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 04 Mar 2021 14:50:13 GMT
server: cloudflare
etag: "80073ae511d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
accept-ranges: bytes
cf-ray: 7a11852fce059b31-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 651

GET
H2 200 langswitcher.min.js Show response
online.officerecovery.com/oronline/Scripts/ 3 KB
1 KB 420ms
418ms Script
application/x-javascript 2606:4700::6811:9eb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/oronline/Scripts/langswitcher.min.js
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/fr/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5f84816efbaa93e36648dca51e5c42736b6f109bb9c96b43e19a077acc06aa41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.officerecovery.com/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:29 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 04 Mar 2021 14:50:13 GMT
server: cloudflare
etag: W/"73c9a0ae511d71:0"
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: application/x-javascript
cache-control: no-cache
cf-ray: 7a11852fde0c9b31-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 navi_or.gif
online.officerecovery.com/images/ 1 KB
2 KB 420ms
419ms Image
image/gif 2606:4700::6811:9eb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online.officerecovery.com/images/navi_or.gif
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d59dc78f8955429cc22c38090561b3570f4424debc90fc8650880256561b7efc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.officerecovery.com/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:30 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 24 Jan 2017 11:46:21 GMT
server: cloudflare
etag: "a0bc647b3776d21:0"
x-powered-by: ASP.NET
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
cf-ray: 7a118535ed919042-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1497

GET
H3 200 navi_officerecovery.gif
online.officerecovery.com/images/ 1 KB
2 KB 417ms
417ms Image
image/gif 2606:4700::6811:9eb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online.officerecovery.com/images/navi_officerecovery.gif
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 53e7c88853c2bd59d8a04e209c4085515c4fdab68a71000c41904a2f2c382720

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.officerecovery.com/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:30 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 24 Jan 2017 11:46:21 GMT
server: cloudflare
etag: "e0b2567b3776d21:0"
x-powered-by: ASP.NET
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
cf-ray: 7a118535ed929042-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1493

GET
H3 200 orcss.css
online.officerecovery.com/oronline/Content/ 1 KB
676 B 411ms
410ms Stylesheet
text/css 2606:4700::6811:9eb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/oronline/Content/orcss.css
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 56721ee2f48e9fcff20ff7b945d8a29669a40873f3271e034c105d2c707c80d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.officerecovery.com/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:30 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 04 Mar 2021 14:50:13 GMT
server: cloudflare
etag: W/"42d193ae511d71:0"
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/css
cache-control: no-cache
cf-ray: 7a1185344b239042-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ortab.css
online.officerecovery.com/oronline/Content/ 2 KB
971 B 415ms
414ms Stylesheet
text/css 2606:4700::6811:9eb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/oronline/Content/ortab.css
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cc6ab2698fdfcebeeee0493803c3bc1d31e2be10d6f6afd73d48faf0fa33a449

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.officerecovery.com/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:30 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 04 Mar 2021 14:50:13 GMT
server: cloudflare
etag: W/"36f893ae511d71:0"
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/css
cache-control: no-cache
cf-ray: 7a118535dd7f9042-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery-ui.css
online.officerecovery.com/oronline/Content/themes/base/ 34 KB
6 KB 410ms
409ms Stylesheet
text/css 2606:4700::6811:9eb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/oronline/Content/themes/base/jquery-ui.css
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8f7c8adcfbdd8352c8f60d012c71a25c76326374c3f726b511e8ef12c02dc991

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.officerecovery.com/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:30 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 04 Mar 2021 14:50:13 GMT
server: cloudflare
etag: W/"1a1b96ae511d71:0"
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/css
cache-control: no-cache
cf-ray: 7a118535ed8e9042-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 in.js Show response
platform.linkedin.com/ 509 KB
160 KB 222ms
44ms Script
text/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/in.js
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/fr/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Play /
Resource Hash: 8bb3490881871a000008d6a4cb3c4d56f3870440e1dae9c50f7579f131034ede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.officerecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:29 GMT
content-encoding: gzip
x-cdn-client-ip-version: IPV6
x-azure-ref-originshield: 03z3/YwAAAAB0fz7udn/6ToKJoPuG4gqwRlJBMjMxMDUwNDE3MDIxADIyMjZhM2ViLTAxZTAtNDdiZi1hY2EyLTJiMDU4ZGZlYWQ3NQ==
x-cdn: AZUR
x-cache: TCP_HIT
x-cdn-proto: HTTP2
content-length: 163383
x-li-uuid: AAX11WrvaFOElQdZCdUkRA==
server: Play
x-li-pop: prod-ltx1-x
vary: Accept-Encoding
x-azure-ref: 02kn/YwAAAACGiJRuRj3gRIgMZhN8X/5XRlJBMzFFREdFMDMxMAAyMjI2YTNlYi0wMWUwLTQ3YmYtYWNhMi0yYjA1OGRmZWFkNzU=
content-type: text/javascript; charset=UTF-8
x-li-fabric: prod-ltx1
cache-control: public, max-age=3600
x-li-proto: http/1.1
expires: Wed, 1 Mar 2023 12:57:34 GMT

GET
H2

200

asset_composer.js Show response
static.zdassets.com/ekr/ Frame 9601
Redirect Chain

https://assets.zendesk.com/embeddable_framework/main.js
https://static.zdassets.com/ekr/asset_composer.js

23 KB
7 KB

150ms
52ms

Script
application/javascript

104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/asset_composer.js

Requested by

Host: online.officerecovery.com
URL: https://online.officerecovery.com/fr/

Protocol

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.officerecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:30 GMT
x-amz-version-id: 57KHzv0Z81imwMa0XxScJAmcLiHhq1Ku
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: KXD0Q38HQ9B8HZ6T
age: 2
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: uDy3kEFdQIOdTXYEc+nfT1ZtqpFsXAQ18Hu9c/1P/vGgVXtZg/maWal5FIy4oGV3KFetNXD1GM/ffZY7NXY5uw==
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
server: cloudflare
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqYInCjzXeWp5R4TbaojxSCZpMC5OqecpoXYjxZ%2F8BzWJlBpgnGpIOVPXVxRr09U8tO5G2xyETTahr0FooEopIaARwR0NRC4J6chjA%2Fia6Vt7GopqHSzpb6tEhhjiLTbGL5sEVI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 7a1185379e6d372e-FRA

Redirect headers

date: Wed, 01 Mar 2023 12:49:30 GMT
strict-transport-security: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7eu3g4OtWPEK4Hz%2Fu2fcQycYBFpt2O1cxGtWD91dM%2FawmsnAqs6cHCG6vOA%2BVAK4vCjnMhV3fvqnzNJq1qVHDdD7ySEXGS8Lqn%2BFEQeFySLB79J%2Fpmi2QfV7hDDCcxJhKc9WMw%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://static.zdassets.com/ekr/asset_composer.js
cache-control: max-age=3600
cf-ray: 7a118536ba0e5c38-FRA
expires: Wed, 01 Mar 2023 13:49:30 GMT

GET
H2 200 securedata.zendesk.com Show response
ekr.zdassets.com/compose/web_widget/ Frame 9601 330 B
1 KB 336ms
234ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/web_widget/securedata.zendesk.com

Requested by

Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6911288c3bd88e87d476d4fa49f6bf02fa2909eeaa52d1398aeeb8e1cf965b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.officerecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:31 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 79de52d55fe76919-SEA, 79de52d55fe76919-SEA
x-runtime: 0.003064
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"6911288c3bd88e87d476d4fa49f6bf02"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=diUoHtcW3UsIGN4De2hUGqyTpf6%2B0oe28j4Lq0rPgaqguB5RfO3BXrxwD9ECu1hjlyy%2B5KhPiefvJRYtadNriHMkzl5aRxb5B%2B3UBatILFU50Fdm7TIj5NVsecBqjovUte0%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
cf-ray: 7a1185389ff85c7a-FRA

GET
H3 200 GetTabsData Show response
online.officerecovery.com/oronline/Or/ 456 B
508 B 482ms
480ms XHR
text/html 2606:4700::6811:9eb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/oronline/Or/GetTabsData?pr=/fr/&_=1677674970938
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/oronline/Scripts/jquery-1.4.4.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 94c2a060bb1a4bc5e2fa9ee3a2e2409e638b669655a5e129d055bdf5800c6ca2

Request headers

Accept: */*
Referer: https://online.officerecovery.com/fr/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:31 GMT
content-encoding: gzip
x-aspnetmvc-version: 3.0
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: private
cf-ray: 7a11853879579042-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 / Show response
online.officerecovery.com/oronline/ 5 KB
2 KB 540ms
540ms XHR
text/html 2606:4700::6811:9eb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/oronline/?pr=/fr/&_=1677674971111
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/oronline/Scripts/jquery-1.4.4.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 490e4ba3faec95837d3e87099d28a784356aebee7e974480729d3c8c2473d077

Request headers

Accept: */*
Referer: https://online.officerecovery.com/fr/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:31 GMT
content-encoding: gzip
x-aspnetmvc-version: 3.0
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: private
cf-ray: 7a1185398acd9042-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 160ms
40ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/fr/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D3) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.officerecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 01 Mar 2023 12:49:31 GMT
Content-Encoding: gzip
Age: 965
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
x-amzn-internal-status: 304
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (frb/67D3)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 242ms
117ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: online.officerecovery.com
URL: https://online.officerecovery.com/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c41179dbf1f74b08e7fc7a53b07b77e545cb077450debb17635c39ceebca411

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.officerecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 Mar 2023 12:49:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21025
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "c47fe3be899f7376"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Mar 2023 12:49:31 GMT

GET
H2 200 mWdz4JV_RsA Show response
www.youtube.com/embed/ Frame 951B 68 KB
29 KB 193ms
104ms Document
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0

Requested by

Host: online.officerecovery.com
URL: https://online.officerecovery.com/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f7621691aa690a3e37a2a1525afd3a6bdabb6a5a57f9b5bc3568e37098b78eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://online.officerecovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 12:49:31 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 155ms
39ms Script
text/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: online.officerecovery.com
URL: https://online.officerecovery.com/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://online.officerecovery.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 Mar 2023 11:15:48 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5623
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Wed, 01 Mar 2023 13:15:48 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
122 B 50ms
49ms Image
image/gif 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=271440830&utmhn=online.officerecovery.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=R%C3%A9parer%20un%20fichier%20endommag%C3%A9%20(word%2C%20excel%2C%20access%2C%20powerpoint%2C%20photo).%20Gratuits%20et%20payants%20en%20ligne%20de%20r%C3%A9paration%20de%20fichiers%20-%20OfficeRecovery.com&utmhid=1475019384&utmr=-&utmp=%2Ffr%2F&utmht=1677674971327&utmac=UA-3032477-2&utmcc=__utma%3D1.468393.1677674971.1677674971.1677674971.1%3B%2B__utmz%3D1.1677674971.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=423324549&utmredir=1&utmu=HhAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: online.officerecovery.com
URL: https://online.officerecovery.com/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.officerecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 12:49:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/ 35 B
193 B 40ms
39ms Image
image/gif 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=273475635&utmhn=online.officerecovery.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=R%C3%A9parer%20un%20fichier%20endommag%C3%A9%20(word%2C%20excel%2C%20access%2C%20powerpoint%2C%20photo).%20Gratuits%20et%20payants%20en%20ligne%20de%20r%C3%A9paration%20de%20fichiers%20-%20OfficeRecovery.com&utmhid=1475019384&utmr=-&utmp=%2Ffr%2F&utmht=1677674971334&utmac=UA-30655381-1&utmcc=__utma%3D1.468393.1677674971.1677674971.1677674971.1%3B%2B__utmz%3D1.1677674971.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=vlAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: online.officerecovery.com
URL: https://online.officerecovery.com/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.officerecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 10:08:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 9685
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/a897053d/ Frame 951B 397 KB
51 KB 41ms
40ms Stylesheet
text/css 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a897053d/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3be7c3809e0b66487afae38a253e3f6016ac16a99fdb233e1ab9029e33082243

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:10:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2357
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52149
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 01:19:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 29 Feb 2024 12:10:14 GMT

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 33F0 320 KB
104 KB 40ms
39ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fonline.officerecovery.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://online.officerecovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 3078376
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Wed, 01 Mar 2023 12:49:31 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/674C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 951B 15 KB
16 KB 132ms
40ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 15:27:04 GMT
x-content-type-options: nosniff
age: 508947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 15:27:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 951B 15 KB
15 KB 142ms
50ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:28:44 GMT
x-content-type-options: nosniff
age: 584447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Feb 2024 18:28:44 GMT

GET
H2 200 web-widget-framework-c51f107a0ca3e84336b0.js Show response
static.zdassets.com/web_widget/latest/ Frame 79DE 158 KB
50 KB 61ms
60ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-c51f107a0ca3e84336b0.js

Requested by

Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b3c9ccd33ff64fbf704d153cba13092fbe17ecde0678a3d53cfa337e49a1786

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:31 GMT
x-amz-version-id: nsG.1b0looRW8Au6Kh.wWMVQtQJ4Vh1s
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: BYP6A53AG4K2RVJX
age: 570880
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 4ez0zi/ogdM7MRTCdJUA+o0TVGTgS57FW1nllHW615dkTSxTVEjmVZW8O9F7R/y7ronjNTkkQFM=
last-modified: Wed, 22 Feb 2023 06:38:58 GMT
server: cloudflare
etag: W/"0932241a2c253c61368888cafa81b69a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HV8oO1VMA4lVM1iAQUnnTxnSsUeYRIDjCmFDXTAcvN2pht%2FkcAXod3nnlIcucAy0V0Se%2FqGWDAqJ9NquX6kNb0dsfmT82Tu1Ab6AfE4VWi3ygCIike%2BWDOEfBQcc5s2h%2Fj0jIw8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a11853b2cf9372e-FRA
expires: Thu, 22 Feb 2024 06:38:56 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/a897053d/www-embed-player.vflset/ Frame 951B 347 KB
109 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a897053d/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c2ffa7cde5fb6433d510b320af3514aa6999e0f65d50bc090ff0160f0c19513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:32:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1039
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111126
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 01:19:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 29 Feb 2024 12:32:12 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/a897053d/player_ias.vflset/de_DE/ Frame 951B 2 MB
603 KB 107ms
106ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a897053d/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc81edfe8acc82248089be3e170a31826a727b91e55c8c7679336e86d30acc43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 161802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 617121
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 01:19:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 27 Feb 2024 15:52:49 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/a897053d/fetch-polyfill.vflset/ Frame 951B 9 KB
3 KB 113ms
113ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a897053d/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:47:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 112
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 01:19:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 29 Feb 2024 12:47:39 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Kkp5jCVP1mE.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw/ 150 KB
52 KB 53ms
53ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Kkp5jCVP1mE.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cc97bae038e7c0e3d529a676369d9a0dbada1b0dfec5a32f0d444fb09015762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.officerecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 10:41:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52777
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 16:56:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 10:41:17 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Kkp5jCVP1mE.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw/ 103 KB
36 KB 106ms
106ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Kkp5jCVP1mE.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21bc00124c577ea9d745c5b2df19ecaae077dcb0018a293760d8337fa40a3e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.officerecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 19:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36709
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 16:56:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 19:57:44 GMT

GET fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame 558B 0
0

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 33F0 663 B
606 B 245ms
146ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=275718b989af818a5eaf59397cc880ba9bd8cf1a

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fonline.officerecovery.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-response-time: 106
date: Wed, 01 Mar 2023 12:49:31 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Wed, 01 Mar 2023 12:49:31 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: ca9144091e636b7d
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 7817421e4faa648be737bfa64d3459eaf27c03780dfb25d2442aa4b6fe9bb223
content-length: 284

GET
H2 200 config Show response
securedata.zendesk.com/embeddable/ Frame 79DE 806 B
1 KB 311ms
182ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securedata.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-c51f107a0ca3e84336b0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0f79fc571b37143e98109e31192fd5fb85efc8b9f4cab0ef91fbbcb05cba5e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:31 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-fffbbf9df-7fshc
x-cached: MISS
x-request-id: 7a11853ccb8f9094-IAD
x-runtime: 0.002310
last-modified: Wed, 01 Mar 2023 10:24:37 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDYwwXWmqnihpH%2FW52g%2Fx5kXQkjz26bfJmSltZLjSMB%2BEVbwhc7Te%2F0LGyAfajxy597Rr3joMTCa%2B%2B9GKK714vfN9E3Kbb3lUOevDU5ldS0ajyTHu5tXrG591mxqJAr90tF6aenKeTM%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 7a11853ccb8f9094-FRA

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 2BF6 565 B
807 B 208ms
77ms Document
text/html 2a00:1450:400d:804::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fonline.officerecovery.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Kkp5jCVP1mE.O%2Fd%3D1%2Frs%3DAHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Kkp5jCVP1mE.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::200d , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f89af9430915fce3064e739eda3b1a802639006a08d7b573388a7684df2c1c81

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-P_zaOJoyXvaoa4ru1wzujg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://online.officerecovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-P_zaOJoyXvaoa4ru1wzujg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
content-type: text/html; charset=utf-8
date: Wed, 01 Mar 2023 12:49:31 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 951B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

86ms
84ms

XHR
application/json

2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0

Protocol

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5241a9ca2e2d8d361494f912527bff82ef31c515323a8c6f69e43a0cb84e0bf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 01 Mar 2023 12:49:31 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 951B 29 B
494 B 298ms
57ms Script
text/javascript 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a897053d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:04 GMT
x-content-type-options: nosniff
age: 27
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Mar 2023 13:04:04 GMT

POST
H3 200 IsJavaScriptSupported Show response
online.officerecovery.com/oronline/Or/ 0
273 B 424ms
423ms XHR
text/plain 2606:4700::6811:9eb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/oronline/Or/IsJavaScriptSupported
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/oronline/Scripts/jquery-1.4.4.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://online.officerecovery.com/fr/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:32 GMT
x-aspnetmvc-version: 3.0
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/plain; charset=UTF-8
cache-control: private
cf-ray: 7a11853d1fcb9042-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 255ms
57ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 01 Mar 2023 12:49:31 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 951B 65 KB
30 KB 67ms
61ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a897053d/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

22adc41eeb057baa6648f85e7b27c882f7315181f297930f115c87cf064bc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 01 Mar 2023 12:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30643
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/a897053d/player_ias.vflset/de_DE/ Frame 951B 116 KB
36 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a897053d/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a897053d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b3695ebb2d58f5e371127868c83c0352f8602d4c2df0c6ae97a98bd5c0cc84a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:52:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 161800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36486
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 01:19:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 27 Feb 2024 15:52:51 GMT

GET
H2 200 mxY7LFv-oYqXTQV_TLzc42ucxNLoJrxhGNcZhTJusLc.js Show response
www.google.com/js/th/ Frame 951B 36 KB
14 KB 217ms
40ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/mxY7LFv-oYqXTQV_TLzc42ucxNLoJrxhGNcZhTJusLc.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a897053d/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b163b2c5bfea18a974d057f4cbcdce36b9cc4d2e826bc6118d71985326eb0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:57:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14113
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 07:57:24 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/mWdz4JV_RsA/ Frame 951B 30 KB
30 KB 214ms
51ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/mWdz4JV_RsA/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

368f6297f9525542fc4a30e81afab53c6ab4bb96749746f7a568e8529802a310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:38:34 GMT
x-content-type-options: nosniff
age: 657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30608
x-xss-protection: 0
server: sffe
etag: "1403088715"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 01 Mar 2023 14:38:34 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/a897053d/player_ias.vflset/de_DE/ Frame 951B 27 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a897053d/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a897053d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25f074b0da01c4b486b93b8c3aedbb05cb7835e1cad15bbf98fe032660c39e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 15:55:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 161632
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8534
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 01:19:35 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 27 Feb 2024 15:55:39 GMT

GET
DATA 200
OK truncated
/ Frame 951B 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AL5GRJV2EjKQw3aDe5I46-BPw1MBMW0_AmEabuMmpw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 951B 743 B
1 KB 189ms
48ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AL5GRJV2EjKQw3aDe5I46-BPw1MBMW0_AmEabuMmpw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fcda79e65d5d91f89582ebbf48eaf65b9714b346a3594dd789ea3b1c9facf4be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 11:58:30 GMT
x-content-type-options: nosniff
server: fife
age: 3061
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 743
x-xss-protection: 0
expires: Thu, 02 Mar 2023 11:58:30 GMT

GET
H/1.1 200
OK button.e7f9415a2e000feaab02c86dd5802747.js Show response
platform.twitter.com/js/ 8 KB
3 KB 40ms
39ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D3) /
Resource Hash: ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.officerecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 01 Mar 2023 12:49:31 GMT
Content-Encoding: gzip
Age: 3078375
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2618
Last-Modified: Tue, 24 Jan 2023 21:41:06 GMT
Server: ECS (frb/67D3)
Etag: "506673dbdb9085e7201e137e893cc152+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 951B 4 KB
2 KB 271ms
141ms Script
text/javascript 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a897053d/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Mar 2023 12:49:32 GMT

GET
H2 200 web-widget-classic-a719207.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 79DE 13 KB
4 KB 58ms
57ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-a719207.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-c51f107a0ca3e84336b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fd14c1ea4801775a92ae3ebdfc8a6c22ee6228979c9dec68e92bca7b4d4e6f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:31 GMT
x-amz-version-id: B5dROmyMJaqeLm5FeqMMhKMkJpwBweTs
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: BYP6HCZ1K1ZE91JA
age: 570880
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: WaWocGMU1I1uDYCQtZNVoURDv4RUPpSywkUFnNmxwJJTaH7ZOi4w4pitVh9iFQL7iTypK7BlJww=
last-modified: Wed, 22 Feb 2023 06:41:40 GMT
server: cloudflare
etag: W/"bf5b41b8693dab5ef3fdcfed07d3ce85"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylFuAkWKLAmXHT96QqvaKSHEA84tRJas62VG34L3z8ufr%2FEn6PV54KysJhayPx%2F9U%2F5AHwGQE7ECJnxqd4TATT837wpjOVbhoyqeIvOqkYMEDUD2EMw2C03JGQnKvKjB7Ldluww%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a11853dea38372e-FRA
expires: Thu, 22 Feb 2024 06:41:39 GMT

POST
H2 204 cspreport
accounts.google.com/o/ Frame 2BF6 0
250 B 80ms
78ms Other
text/html 2a00:1450:400d:804::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: online.officerecovery.com
URL: https://online.officerecovery.com/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::200d , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-NxBQQaLSZ7D-opYPJe0YwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fonline.officerecovery.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Kkp5jCVP1mE.O%2Fd%3D1%2Frs%3DAHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw%2Fm%3D__features__
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 12:49:31 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-NxBQQaLSZ7D-opYPJe0YwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 611095756-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 2BF6 10 KB
5 KB 222ms
55ms Script
text/javascript 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/611095756-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fonline.officerecovery.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Kkp5jCVP1mE.O%2Fd%3D1%2Frs%3DAHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f173bffef77f251b9bea649b2ac1ce118c9b1daf0fc812bf22cba42a3a7bc293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 21:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4526
x-xss-protection: 0
last-modified: Sun, 26 Feb 2023 21:09:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Feb 2024 21:13:21 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 2BF6 17 KB
7 KB 115ms
115ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98206a8bf18bed3b29230c781b1b7c4a3794ad881e3a0c0923a0fd8e5ae6914a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 Mar 2023 12:49:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6902
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "41b44f2adbd065c2"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Mar 2023 12:49:31 GMT

GET
H2 200 web-widget-8165-a719207.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 79DE 663 KB
190 KB 65ms
63ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-8165-a719207.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-a719207.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:31 GMT
x-amz-version-id: 6cv66ewKsy0_Wyo0Y7AMRuNgjqtREi5Y
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: QZV7P9CV1NP5G1MK
age: 570879
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 9lQh+Ezlx6QpIBdNi7TQq7zdh1MKm68S7P3m4AHJQiSwKa78DR2f18skZ2K9DUI01kgdB3vG5vE=
last-modified: Wed, 22 Feb 2023 06:41:40 GMT
server: cloudflare
etag: W/"d519ea27f763cb6ec80aeec5b45213a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68kfiXY9aPLh%2FFfyk0T6RxeWoHWqLNOqY7BkwQqp1be2vNADlJJWAWkOrWlL00%2BiJVowDyysZwYrKE%2Br7%2BpHywNFceneDtog7eFOzBvk301LJ07pDS%2F83ESQRMIBf9pKudmON7A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a11853e8b89372e-FRA
expires: Thu, 22 Feb 2024 06:41:39 GMT

GET
H2 200 web-widget-5324-a719207.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 79DE 494 KB
109 KB 84ms
81ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-5324-a719207.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-a719207.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6bfcb77f210afc2ccd2ead94b88e62b1b8218efa8faa2bf5bbac47e11c7c37c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:31 GMT
x-amz-version-id: mUutSwAilni1i_BPM25lu1WYU9Y7cG0X
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: QZVDPQV8K3SVWAS3
age: 570879
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 1AZ9c72IcVXZ/NgknbmJuXc8V+NUiraAdqMVwgFInTP1SbQtok3y7NxNaeRBKHpwbBxcJn00qME=
last-modified: Wed, 22 Feb 2023 06:41:40 GMT
server: cloudflare
etag: W/"05e84e4a63d9690b606a5a70e87ad3d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2B3rQkCBpC3XQROtPuIM%2BDxoX%2BgBB5JCbaNMKYM50U3FhNTpIyOgGRzBeSstDFg4YRo59L2ysI3eMyiganVLRKudLY9mp5T49HKfG0FhmwuPy9Ypy5hgUJI1rA4fsT95Nz8ofR8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a11853e8b8b372e-FRA
expires: Thu, 22 Feb 2024 06:41:39 GMT

GET
H/1.1 200
OK tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html Show response
platform.twitter.com/widgets/ Frame B423 37 KB
14 KB 44ms
42ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D3) /
Resource Hash: a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b

Request headers

Referer: https://online.officerecovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 3078372
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 13592
Content-Type: text/html; charset=utf-8
Date: Wed, 01 Mar 2023 12:49:31 GMT
Etag: "28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:10 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67D3)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
127 B 155ms
154ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fonline.officerecovery.com%2Ffr%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1677674971925%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=275718b989af818a5eaf59397cc880ba9bd8cf1a

Requested by

Host: online.officerecovery.com
URL: https://online.officerecovery.com/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.officerecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-response-time: 108
date: Wed, 01 Mar 2023 12:49:31 GMT
strict-transport-security: max-age=631138519
last-modified: Wed, 01 Mar 2023 12:49:32 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: 9460cc4f5484d8c7
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: 7817421e4faa648be737bfa64d3459eaf27c03780dfb25d2442aa4b6fe9bb223
content-length: 43

GET
DATA 200
OK truncated
/ Frame B423 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 204 generate_204
www.youtube.com/ Frame 951B 0
10 B 46ms
41ms Image
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?1whEug
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/110/ Frame 951B 50 KB
15 KB 56ms
50ms Script
text/javascript 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/110/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:55:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14851
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 16:13:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 02 Mar 2023 07:55:59 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 951B 94 B
138 B 51ms
50ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a897053d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ca0562c57513395f1fcd187e2cf8eae96150bd65f09bc609f53d37caa6ee211

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 01 Mar 2023 12:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 59ms
58ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 01 Mar 2023 12:49:32 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 embeddable_blip Show response
securedata.zendesk.com/ Frame 79DE 0
453 B 336ms
335ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securedata.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEwLjAuNTQ4MS4xNzcgU2FmYXJpLzUzNy4zNiIsImlzTW9iaWxlIjpmYWxzZX0sImFjdGlvbiI6ImxvY2FsZU1pc21hdGNoIiwiY2F0ZWdvcnkiOiJsb2NhbGUifSwiYnVpZCI6IjBhODY1ZDM3Yzc2ODQ0OGNiZDNhOGM2MmY0NTYxYzJkIiwic3VpZCI6ImI0ZTM3ZDAwYjc4MTQ3NjliMjE2NmI1MGE2NzQ1MThjIiwidmVyc2lvbiI6ImE3MTkyMDciLCJ0aW1lc3RhbXAiOiIyMDIzLTAzLTAxVDEyOjQ5OjMyLjI4NFoiLCJ1cmwiOiJodHRwczovL29ubGluZS5vZmZpY2VyZWNvdmVyeS5jb20vZnIvIn0%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-c51f107a0ca3e84336b0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:32 GMT
cf-cache-status: MISS
last-modified: Wed, 01 Mar 2023 12:49:32 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pt9rMzIEG923AuRGPEnO3YKALeE9AJmuamSOrHMBp9NDoHdNfq5uEye%2Bv1zKQ3T%2BfcMKuJ2te5%2F%2FlFe0uZu%2B8S7FCOjlrFuR1uldESpyZe%2B3S7o9VXdiSqlfma4wn02Ld9w%2B%2FOlItcY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 7a118540e8529094-FRA
content-length: 0
x-request-id: 7a118540e8529094-FRA

GET
H2 200 de-de-json-a719207.js Show response
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame 79DE 27 KB
7 KB 78ms
64ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/de-de-json-a719207.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-a719207.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fef4c190d8296649859de74e1cc0c1f75d535f85fe2fc91c94d21991ae629c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:32 GMT
x-amz-version-id: cO51PurDYjEXoyliuxmIT4E7zuFJsPAF
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: QZVAZ7KVWMAM79J8
age: 570880
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: a7AA4HOvwV1VNg/s9rDwQWf+mSzRp9fWxnpRfIqEVbXEmk4X139AWzmXnUbS4TbG2j+Eg/om7iI=
last-modified: Wed, 22 Feb 2023 06:41:41 GMT
server: cloudflare
etag: W/"899ac1a429cb8c6ab010f1aad08f8b61"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=up7T43wcnaxRIOWO8Wj%2FlR6weN3qJ8bJaZj8QlWm9H0zABJHrgwbmxzRelgRXPorwusVcnAdSGGWRD7IJv4FBPaM8RncrtnZb2oug%2BRt3vjF08xli4IBUgNbCU4KNvpftesRiP4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a1185411869372e-FRA
expires: Thu, 22 Feb 2024 06:41:40 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Kkp5jCVP1mE.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw/ Frame 2BF6 57 KB
20 KB 129ms
123ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Kkp5jCVP1mE.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e2286d46e63be3f55a8a71ad0c532ae5cf9b0a540cdbfca319773a9f6ee7542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 00:03:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20750
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 16:56:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 00:03:10 GMT

GET
H2 200 web-widget-chat-sdk-a719207.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 79DE 202 KB
51 KB 62ms
62ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-a719207.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-a719207.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0dd9e6f31221b8432522601d43794879960167232e35bfd035187e12fbbdb89

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:32 GMT
x-amz-version-id: pclkomRoJBuhehEBLv8MI9Di7f4.ein.
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: QZV2ZHXT3YB8DKM3
age: 570880
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 9wq/ZUP/JYdlr0ukZ2qAKtbYNOBnZAZc7e32aPcUny6MqbqJeBhjcGdxyIe3g7wydoswKxOT4GU=
last-modified: Wed, 22 Feb 2023 06:41:40 GMT
server: cloudflare
etag: W/"d366c0776c2bacba354d40e564c3d3e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5NtbF%2FUFkv6kprNzX0x3F2ggk%2FWfWGeYorr29192I6OhnksgAmtZ0cnoexfpoxd%2F%2FljB4gffaCSJtGqerXpAeouuehR3NtmR42EkVX44RM%2BVqxUdglwfyDL46%2F8lk%2Fk8AsI5gpY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a1185434cc6372e-FRA
expires: Thu, 22 Feb 2024 06:41:39 GMT

GET
H2 200 web-widget-chat-incoming-message-notification-a719207.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 79DE 208 B
624 B 50ms
49ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-a719207.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-a719207.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:49:33 GMT
x-amz-version-id: R5QiueJZShLKBvkUnFR5xiEj8Ij0pl9q
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 0FP6KEE22177ZZV4
age: 570880
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: Ihq0OYTeC9jWDROM4w7jw0UT1i4sOOsf2y0OqPQ5XSsNXxrO+twvFBWYDUM2sNE1Ek382kYvyIo=
last-modified: Wed, 22 Feb 2023 06:41:40 GMT
server: cloudflare
etag: W/"659635f5ad1b6653645380f46aa42236"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Ba7ucQuaLtqgkVsfdIG32p29HqviGtNQRpal2yIThWeEk6MfvUZyYUTBtkRe47e%2FeOjkJc5gkKJ52sXc6fja9ZinFWx7yRK1pywCjXJLxqpCfDn8mxZoMC8HqmKSIePf%2FsOshc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a118546cb07372e-FRA
expires: Thu, 22 Feb 2024 06:41:39 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/latest/classic/ Frame 79DE 19 KB
20 KB 52ms
52ms Media
audio/mpeg 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 01 Mar 2023 12:49:33 GMT
x-amz-version-id: lEbeljIbyqQWeGPb7h6AJ1jxqRMGZ6D5
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DP2JA2MYR5HJM902
age: 2209308
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: Q6YYjmuaGVUts0pb1BLHlzxlb6Ytw1ZOTgQc9/XVypKjB8hj5jZLjX6Ekn6A+t570eSUmN/XlV8=
last-modified: Fri, 03 Feb 2023 05:22:49 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Lf%2BStEtTPDy4AUbwOmaTph0Jw5V5NWuesHvOsIOur0P2Ok%2FCSTNe3syUKtcZMlCAy3QiH0%2Fp8vRoZO5caHZXdXxaqLyulS38QUeA57sg9axR%2BFq8EneirP%2Bv53U4s5dIVVY8vI%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7a1185472b7d372e-FRA
expires: Sat, 03 Feb 2024 05:22:48 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 951B 28 B
54 B 56ms
54ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a897053d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
X-Goog-Request-Time: 1677674974342
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
X-YouTube-Client-Version: 1.20230226.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtBMk1pTVRadEVSTSjbk_2fBg%3D%3D
X-YouTube-Ad-Signals: dt=1677674971497&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C360%2C200&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 01 Mar 2023 12:49:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Wed, 01 Mar 2023 12:49:34 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&annotation=none&origin=https%3A%2F%2Fonline.officerecovery.com&url=https%3A%2F%2Fonline.officerecovery.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Kkp5jCVP1mE.O%2Fd%3D1%2Frs%3DAHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw%2Fm%3D__features__

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
online.officerecovery.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 809off15db1obsllo7blhgg8r5
online.officerecovery.com/	1970-01-20 10:02:41	Name: orlangpr Value: %2F
online.officerecovery.com/	1970-01-20 10:02:41	Name: orlang Value: fr
online.officerecovery.com/	1970-01-20 10:02:41	Name: fblang Value: fr_FR
online.officerecovery.com/	1969-12-31 23:59:59	Name: orcurtab Value: 0
online.officerecovery.com/	1970-01-20 19:37:14	Name: __utma Value: 1.468393.1677674971.1677674971.1677674971.1
online.officerecovery.com/	1969-12-31 23:59:59	Name: __utmc Value: 1
online.officerecovery.com/	1970-01-20 14:24:02	Name: __utmz Value: 1.1677674971.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
online.officerecovery.com/	1970-01-20 10:01:15	Name: __utmt Value: 1
online.officerecovery.com/	1970-01-20 10:01:16	Name: __utmb Value: 1.1.10.1677674971
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: aUrD6VJod1U
.youtube.com/	1970-01-20 14:20:26	Name: VISITOR_INFO1_LIVE Value: A2MiMTZtERM
.officerecovery.com/	1970-01-20 19:37:14	Name: __utma Value: 1.468393.1677674971.1677674971.1677674971.1
.officerecovery.com/	1969-12-31 23:59:59	Name: __utmc Value: 1
.officerecovery.com/	1970-01-20 14:24:02	Name: __utmz Value: 1.1677674971.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.officerecovery.com/	1970-01-20 10:01:16	Name: __utmb Value: 1.2.10.1677674971
online.officerecovery.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 1eoykygnzlegjofb1bzpj4ox
widget-mediator.zopim.com/	1970-01-20 10:11:19	Name: AWSALBCORS Value: Tbhl1kmMDVksod0yqQWkOZ3tYEthbTfmaODEWSi7LHzXiffTcY9KzxBhR0SOZ0DCKYiv7NyiWlf0pcwDgGaZ8mA8qdFSvk72MgmaAMfF4dRdm1a1dDuS9gBfm2Wr
.officerecovery.com/	1970-01-20 18:46:50	Name: __zlcmid Value: 1EflddjVX08ne7x

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://online.officerecovery.com/fr/(Line 642) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://online.officerecovery.com/fr/(Line 642) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://apis.google.com/js/plusone.js(Line 64) Message: Mixed Content: The page at 'https://online.officerecovery.com/fr/' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I0_1677674971391&_gfid=I0_1677674971391&parent=https%3A%2F%2Fonline.officerecovery.com&pfname=&rpctoken=13219910'. This request has been blocked; the content must be served over HTTPS.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
assets.zendesk.com
ekr.zdassets.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
online.officerecovery.com
platform.linkedin.com
platform.twitter.com
securedata.zendesk.com
ssl.google-analytics.com
ssl.gstatic.com
static.doubleclick.net
static.zdassets.com
syndication.twitter.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
apis.google.com
104.16.51.111
104.18.70.113
104.18.72.113
104.244.42.72
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700::6811:9eb5
2620:1ec:4e:1::44
2a00:1450:4001:800::200e
2a00:1450:4001:809::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2016
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2004
2a00:1450:400d:802::2006
2a00:1450:400d:803::2002
2a00:1450:400d:803::2003
2a00:1450:400d:804::200d
2a00:1450:400d:807::200e
2a00:1450:400d:80d::2003
0b3695ebb2d58f5e371127868c83c0352f8602d4c2df0c6ae97a98bd5c0cc84a
0c2ffa7cde5fb6433d510b320af3514aa6999e0f65d50bc090ff0160f0c19513
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1b7380d3a005c31de4fbb30ab0a35150461371253e551a78656ab863e0b344fd
1e2286d46e63be3f55a8a71ad0c532ae5cf9b0a540cdbfca319773a9f6ee7542
21bc00124c577ea9d745c5b2df19ecaae077dcb0018a293760d8337fa40a3e46
22adc41eeb057baa6648f85e7b27c882f7315181f297930f115c87cf064bc29a
25f074b0da01c4b486b93b8c3aedbb05cb7835e1cad15bbf98fe032660c39e87
2b3c9ccd33ff64fbf704d153cba13092fbe17ecde0678a3d53cfa337e49a1786
2cc97bae038e7c0e3d529a676369d9a0dbada1b0dfec5a32f0d444fb09015762
327d29643789f218395ff095d67b961952db48dc01dde148a556c810c1d49b35
368f6297f9525542fc4a30e81afab53c6ab4bb96749746f7a568e8529802a310
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3be7c3809e0b66487afae38a253e3f6016ac16a99fdb233e1ab9029e33082243
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fef4c190d8296649859de74e1cc0c1f75d535f85fe2fc91c94d21991ae629c8
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
490e4ba3faec95837d3e87099d28a784356aebee7e974480729d3c8c2473d077
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
5241a9ca2e2d8d361494f912527bff82ef31c515323a8c6f69e43a0cb84e0bf7
53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407
53e7c88853c2bd59d8a04e209c4085515c4fdab68a71000c41904a2f2c382720
56721ee2f48e9fcff20ff7b945d8a29669a40873f3271e034c105d2c707c80d9
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c41179dbf1f74b08e7fc7a53b07b77e545cb077450debb17635c39ceebca411
5f84816efbaa93e36648dca51e5c42736b6f109bb9c96b43e19a077acc06aa41
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6911288c3bd88e87d476d4fa49f6bf02fa2909eeaa52d1398aeeb8e1cf965b05
6ca0562c57513395f1fcd187e2cf8eae96150bd65f09bc609f53d37caa6ee211
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8bb3490881871a000008d6a4cb3c4d56f3870440e1dae9c50f7579f131034ede
8f7c8adcfbdd8352c8f60d012c71a25c76326374c3f726b511e8ef12c02dc991
8fd14c1ea4801775a92ae3ebdfc8a6c22ee6228979c9dec68e92bca7b4d4e6f9
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
94c2a060bb1a4bc5e2fa9ee3a2e2409e638b669655a5e129d055bdf5800c6ca2
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
98206a8bf18bed3b29230c781b1b7c4a3794ad881e3a0c0923a0fd8e5ae6914a
9b163b2c5bfea18a974d057f4cbcdce36b9cc4d2e826bc6118d71985326eb0b7
9f7621691aa690a3e37a2a1525afd3a6bdabb6a5a57f9b5bc3568e37098b78eb
a064c2db2689dbec285086e980f72e04aede8bbf85a6b9e8006415277d920c4b
a0f79fc571b37143e98109e31192fd5fb85efc8b9f4cab0ef91fbbcb05cba5e7
a1eea811108ad228907c95c23624658c51bf3aee91647864117dd390fa44bd40
a72c24fd1b83ea4764c4d99c5c0df3d74eaec988d0ce4620b4dba760ec968ad9
a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c0dd9e6f31221b8432522601d43794879960167232e35bfd035187e12fbbdb89
c6bfcb77f210afc2ccd2ead94b88e62b1b8218efa8faa2bf5bbac47e11c7c37c
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
c98517e69c8e625e76d3f7e9d8cb64dd11ebbb0e4bfef31fd0f1bbdad0e3a942
cc6ab2698fdfcebeeee0493803c3bc1d31e2be10d6f6afd73d48faf0fa33a449
cd48dbf725908c4b2152a70da7610d7ff56c5f4c3aedecdacfa01cd71499d9fd
d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b
d59dc78f8955429cc22c38090561b3570f4424debc90fc8650880256561b7efc
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56
f173bffef77f251b9bea649b2ac1ce118c9b1daf0fc812bf22cba42a3a7bc293
f89af9430915fce3064e739eda3b1a802639006a08d7b573388a7684df2c1c81
fc81edfe8acc82248089be3e170a31826a727b91e55c8c7679336e86d30acc43
fcda79e65d5d91f89582ebbf48eaf65b9714b346a3594dd789ea3b1c9facf4be

online.officerecovery.com Open in urlscan Pro 2606:4700::6811:9eb5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

69 Requests

96 %HTTPS

80 %IPv6

13 Domains

21 Subdomains

21 IPs

4 Countries

1982 kBTransfer

6737 kBSize

19 Cookies

14 Outgoing links

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

online.officerecovery.com Open in urlscan Pro
2606:4700::6811:9eb5 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

96 %
HTTPS

80 %
IPv6

13
Domains

21
Subdomains

21
IPs

4
Countries

1982 kB
Transfer

6737 kB
Size

19
Cookies

69 HTTP transactions
2 data transactions