urlscan.io logo urlscan.io
SecurityTrails logo

online.officerecovery.com Open in urlscan Pro
2606:4700::6811:9eb5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://online.officerecovery.com/
Effective URL: https://online.officerecovery.com/de/
Submission Tags: falconsandbox
Submission: On November 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 3 countries across 12 domains to perform 66 HTTP transactions. The main IP is 2606:4700::6811:9eb5, located in United States and belongs to CLOUDFLARENET, US. The main domain is online.officerecovery.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 12th 2020. Valid for: a year.
This is the only time online.officerecovery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

18    2606:4700::6811:9eb5 (United States)

ASN13335 (CLOUDFLARENET, US)
online.officerecovery.com
1    2a02:26f0:6c00::210:ba11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
platform.linkedin.com
2    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
assets.zendesk.com
ekr.zdassets.com
10    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
4    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
6    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
9    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
3    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:82f::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
2    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:829::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
2    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)
securedata.zendesk.com
2    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
Domain Requested by
18 online.officerecovery.com 2 redirects online.officerecovery.com
10 static.zdassets.com online.officerecovery.com
assets.zendesk.com
static.zdassets.com
9 www.youtube.com online.officerecovery.com
www.youtube.com
6 apis.google.com online.officerecovery.com
apis.google.com
accounts.google.com
4 platform.twitter.com online.officerecovery.com
platform.twitter.com
3 securedata.zendesk.com assets.zendesk.com
static.zdassets.com
3 ssl.google-analytics.com online.officerecovery.com
2 syndication.twitter.com platform.twitter.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 www.google.com apis.google.com
www.youtube.com
1 ssl.gstatic.com accounts.google.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 accounts.google.com apis.google.com
1 fonts.gstatic.com www.youtube.com
1 ekr.zdassets.com assets.zendesk.com
1 assets.zendesk.com 1 redirects
1 platform.linkedin.com online.officerecovery.com
66 20

This site contains links to these domains. Also see Links.

Domain
www.officerecovery.com
Subject Issuer Validity Valid
*.officerecovery.com
Go Daddy Secure Certificate Authority - G2		 2020-11-12 -
2021-12-14		 a year crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-07-03 -
2022-07-08		 2 years crt.sh
ssl1036557.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2021-07-08 -
2022-07-07		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
securedata.zendesk.com
Cloudflare Inc ECC CA-3		 2021-06-05 -
2022-06-04		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh

This page contains 8 frames:

Primary Page: https://online.officerecovery.com/de/
Frame ID: 36F84903F1B95F938408D8C9785171A0
Requests: 26 HTTP requests in this frame

Frame: https://static.zdassets.com/ekr/asset_composer.js
Frame ID: F9F13FE1998EEAFD3C6F41A57D4C47B3
Requests: 3 HTTP requests in this frame

Frame: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
Frame ID: C59519986A684E3C7C3290401EB9BB5E
Requests: 18 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&annotation=none&origin=https%3A%2F%2Fonline.officerecovery.com&url=https%3A%2F%2Fonline.officerecovery.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Frame ID: C0689389C05827A90A9779A33F3880DD
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fonline.officerecovery.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Frame ID: 4D48827B2BC85DC3F0B520F5775DA946
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fonline.officerecovery.com
Frame ID: 63D8377AC179781310E7692D8A1F01AB
Requests: 2 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-preload-214a58e8d5ae72a6772f.js
Frame ID: 797977B4A10F3E1C842ABDE8FDEB2D27
Requests: 11 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.a53eecb4584348a2ad32ec2ae21f6eae.en.html
Frame ID: 3375CF9083C26E43E0ADCD4BF42274B0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Beschädigte Datei reparieren (word, excel, access, powerpoint, photo). Bezahlt und kostenlos Datei online reparieren - OfficeRecovery.com

Page URL History Show full URLs

  1. https://online.officerecovery.com/ HTTP 302
    http://online.officerecovery.com/de/ HTTP 302
    https://online.officerecovery.com/de/ Page URL

Page Statistics

66
Requests

97 %
HTTPS

79 %
IPv6

12
Domains

20
Subdomains

20
IPs

3
Countries

1647 kB
Transfer

5525 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://online.officerecovery.com/ HTTP 302
    http://online.officerecovery.com/de/ HTTP 302
    https://online.officerecovery.com/de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://assets.zendesk.com/embeddable_framework/main.js HTTP 301
  • https://static.zdassets.com/ekr/asset_composer.js
Request Chain 33
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
online.officerecovery.com/de/
Redirect Chain
  • https://online.officerecovery.com/
  • http://online.officerecovery.com/de/
  • https://online.officerecovery.com/de/
39 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://online.officerecovery.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.3.29 ASP.NET
Resource Hash
a779e60bf576aab59ade544867909d68fca723314064ec8e1690977256835ad0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 03 Nov 2021 21:15:43 GMT
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
expires
Thu, 19 Nov 1981 08:52:00 GMT
vary
Accept-Encoding
x-powered-by
PHP/5.3.29 ASP.NET
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a889e91d8f43745-MXP
content-encoding
gzip

Redirect headers

Date
Wed, 03 Nov 2021 21:15:41 GMT
Content-Type
text/html; charset=iso-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://online.officerecovery.com/de/
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
6a889e905a2e0f86-MXP
jquery-1.4.4.min.js
online.officerecovery.com/oronline/Scripts/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://online.officerecovery.com/oronline/Scripts/jquery-1.4.4.min.js
Requested by
Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cd48dbf725908c4b2152a70da7610d7ff56c5f4c3aedecdacfa01cd71499d9fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:43 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 04 Mar 2021 14:50:13 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
W/"f6e39dae511d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
application/x-javascript
cache-control
no-cache
cf-ray
6a889e9a38b93745-MXP
jquery-ui.min.js
online.officerecovery.com/oronline/Scripts/ 		194 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://online.officerecovery.com/oronline/Scripts/jquery-ui.min.js
Requested by
Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c98517e69c8e625e76d3f7e9d8cb64dd11ebbb0e4bfef31fd0f1bbdad0e3a942

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:43 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 04 Mar 2021 14:50:13 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
W/"5f439fae511d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
application/x-javascript
cache-control
no-cache
cf-ray
6a889e9a38bb3745-MXP
jquery.hint.js
online.officerecovery.com/oronline/Scripts/ 		1 KB
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://online.officerecovery.com/oronline/Scripts/jquery.hint.js
Requested by
Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
327d29643789f218395ff095d67b961952db48dc01dde148a556c810c1d49b35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:43 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 04 Mar 2021 14:50:13 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
W/"f0909fae511d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
application/x-javascript
cache-control
no-cache
cf-ray
6a889e9a38bf3745-MXP
orutils.min.js
online.officerecovery.com/oronline/Scripts/ 		26 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://online.officerecovery.com/oronline/Scripts/orutils.min.js
Requested by
Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a1eea811108ad228907c95c23624658c51bf3aee91647864117dd390fa44bd40

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:43 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 04 Mar 2021 14:50:13 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
W/"8817a1ae511d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
application/x-javascript
cache-control
no-cache
cf-ray
6a889e9a38c03745-MXP
tabber.min.js
online.officerecovery.com/oronline/Scripts/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://online.officerecovery.com/oronline/Scripts/tabber.min.js
Requested by
Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a72c24fd1b83ea4764c4d99c5c0df3d74eaec988d0ce4620b4dba760ec968ad9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:43 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 04 Mar 2021 14:50:13 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
W/"ad65a1ae511d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
application/x-javascript
cache-control
no-cache
cf-ray
6a889e9a38c23745-MXP
langswitcher.css
online.officerecovery.com/oronline/Content/ 		2 KB
739 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://online.officerecovery.com/oronline/Content/langswitcher.css
Requested by
Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a064c2db2689dbec285086e980f72e04aede8bbf85a6b9e8006415277d920c4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:43 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 04 Mar 2021 14:50:13 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
W/"15aa93ae511d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/css
cache-control
no-cache
cf-ray
6a889e9a38c63745-MXP
langswitcher.min.js
online.officerecovery.com/oronline/Scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://online.officerecovery.com/oronline/Scripts/langswitcher.min.js
Requested by
Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5f84816efbaa93e36648dca51e5c42736b6f109bb9c96b43e19a077acc06aa41

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:43 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 04 Mar 2021 14:50:13 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
W/"73c9a0ae511d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
application/x-javascript
cache-control
no-cache
cf-ray
6a889e9a38ca3745-MXP
navi_or.gif
online.officerecovery.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://online.officerecovery.com/images/navi_or.gif
Requested by
Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d59dc78f8955429cc22c38090561b3570f4424debc90fc8650880256561b7efc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:44 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 24 Jan 2017 11:46:21 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"a0bc647b3776d21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-cache
accept-ranges
bytes
cf-ray
6a889e9ff9613745-MXP
content-length
1497
navi_officerecovery.gif
online.officerecovery.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://online.officerecovery.com/images/navi_officerecovery.gif
Requested by
Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
53e7c88853c2bd59d8a04e209c4085515c4fdab68a71000c41904a2f2c382720

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:44 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 24 Jan 2017 11:46:21 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"e0b2567b3776d21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-cache
accept-ranges
bytes
cf-ray
6a889e9ff9653745-MXP
content-length
1493
orcss.css
online.officerecovery.com/oronline/Content/ 		1 KB
485 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://online.officerecovery.com/oronline/Content/orcss.css
Requested by
Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
56721ee2f48e9fcff20ff7b945d8a29669a40873f3271e034c105d2c707c80d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:44 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 04 Mar 2021 14:50:13 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
W/"42d193ae511d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/css
cache-control
no-cache
cf-ray
6a889e9eadb33745-MXP
ortab.css
online.officerecovery.com/oronline/Content/ 		2 KB
793 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://online.officerecovery.com/oronline/Content/ortab.css
Requested by
Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cc6ab2698fdfcebeeee0493803c3bc1d31e2be10d6f6afd73d48faf0fa33a449

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:44 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 04 Mar 2021 14:50:13 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
W/"36f893ae511d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/css
cache-control
no-cache
cf-ray
6a889e9fd9203745-MXP
jquery-ui.css
online.officerecovery.com/oronline/Content/themes/base/ 		34 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://online.officerecovery.com/oronline/Content/themes/base/jquery-ui.css
Requested by
Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8f7c8adcfbdd8352c8f60d012c71a25c76326374c3f726b511e8ef12c02dc991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:44 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 04 Mar 2021 14:50:13 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
W/"1a1b96ae511d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/css
cache-control
no-cache
cf-ray
6a889e9ff95b3745-MXP
in.js
platform.linkedin.com/ 		201 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.linkedin.com/in.js
Requested by
Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Play /
Resource Hash
88b20e2d508a004ddfa5278a62614d89f948b07d7e5d8a95af96d181cd8dd4c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 21:15:44 GMT
Content-Encoding
gzip
NEL
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-CDN
AKAM
Connection
keep-alive
Content-Length
62393
X-LI-UUID
2SLsyfYktBYQCAl2fCsAAA==
Server
Play
X-Li-Pop
prod-edc2
X-CDN-CLIENT-IP-VERSION
IPV6
Vary
Accept-Encoding
Report-To
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
Content-Type
text/javascript; charset=UTF-8
Cache-Control
public, max-age=3600
X-LI-Proto
http/1.1
X-Li-Fabric
prod-lva1
Expires
Wed, 3 Nov 2021 22:00:07 GMT
asset_composer.js
static.zdassets.com/ekr/ Frame F9F1
Redirect Chain
  • https://assets.zendesk.com/embeddable_framework/main.js
  • https://static.zdassets.com/ekr/asset_composer.js
20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/asset_composer.js
Requested by
Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol
H2
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:44 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
58
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
KTKBKBZR5GXPTD9Q
x-amz-id-2
h2/J6Vyk9jfjE7MotqeHitlG2uoUw+r6c2BRhKhkHGWrYji2I9HHKvu3pHWpQOQq55Qz+6mrM28=
last-modified
Wed, 09 Jun 2021 00:08:58 GMT
server
cloudflare
etag
W/"cc904f41324148b571599b3b02fdec0b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mutz3RGDe14ImCtp2GD3lw3HLtWaM918mAJNRCT5QcQnzY2xam7SZJjGPgoG0Pmu3xpNdQUhO7k8iI9NNHkC8dP9ecqXgKikjI8A91BXp4SitmOuITCucQYwCoTx9HSMNm0pMO0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
x-amz-version-id
K3SnbkxF6hLvuoHLDwjJyrnNVVhjkbLm
cf-ray
6a889ea189c408a3-CDG

Redirect headers

date
Wed, 03 Nov 2021 21:15:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yB4%2B4DFpCdcvt0HZTpMBpwHXPJZyOJKfFy%2FS8AkJW3Hpcy3OWP844l%2BjMHuc3W4SU%2BNp3En7anC30HY16t440xpgfiKbuuEw9yXloPexPBCOf108LUxCI56zO7e3EszFqvdkg%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://static.zdassets.com/ekr/asset_composer.js
cache-control
max-age=3600
strict-transport-security
max-age=0
cf-ray
6a889ea1087fe593-MAN
expires
Wed, 03 Nov 2021 22:15:44 GMT
securedata.zendesk.com
ekr.zdassets.com/compose/web_widget/ Frame F9F1 		530 B
1014 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/web_widget/securedata.zendesk.com
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3633ef7bc4c1d897dfaf5b507cb6e5170ee50eb7ece99da1e0f0fc720f6dd2a1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:45 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
status
200 OK
access-control-allow-methods
GET, POST, OPTIONS
strict-transport-security
max-age=0
x-request-id
c1b9afff-797e-40a5-92a1-a510c024740e
x-runtime
0.003739
server
cloudflare
etag
W/"3633ef7bc4c1d897dfaf5b507cb6e517"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KEFmqWVKZNVgfUUv4RAUBRlTU9p34ieoQnmvA5yQIDCGeo7ndCyQz1kz7JWAt6pwNwhKwpPz0iB5ezvR881%2B78N2kwXquZj6Z7deXDLbZNUjAP%2B62PqejzQmzbl7jHWFqfI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
6a889ea2187b089f-CDG
GetTabsData
online.officerecovery.com/oronline/Or/ 		417 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://online.officerecovery.com/oronline/Or/GetTabsData?pr=/de/&_=1635974144439
Requested by
Host: online.officerecovery.com
URL: https://online.officerecovery.com/oronline/Scripts/jquery-1.4.4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bc2f7e60f467c96ea572373949a32c362f98240ec207dd77ba99fd15ca5c4204

Request headers

Accept
*/*
Referer
https://online.officerecovery.com/de/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:44 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnetmvc-version
3.0
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6a889ea2c94e3745-MXP
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
private
content-type
text/html; charset=utf-8
x-aspnet-version
4.0.30319
/
online.officerecovery.com/oronline/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://online.officerecovery.com/oronline/?pr=/de/&_=1635974144600
Requested by
Host: online.officerecovery.com
URL: https://online.officerecovery.com/oronline/Scripts/jquery-1.4.4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3f394866bfbacd4b818447aef46ba59977289aa67e88533b8c62128e736c6a7a

Request headers

Accept
*/*
Referer
https://online.officerecovery.com/de/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:45 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnetmvc-version
3.0
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6a889ea3cc4a3745-MXP
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
private
content-type
text/html; charset=utf-8
x-aspnet-version
4.0.30319
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE9) /
Resource Hash
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 21:15:44 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Oct 2021 18:33:56 GMT
Server
ECS (mil/6CE9)
Age
842
Etag
"a709ab1b2c0d5d5e7c19895f6e1dcbfd+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
29104
plusone.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4ea2e619c99231908d6923f542c82afde953ae0680a61af7b4cfc27d93232b6a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-+6xvtpCt2TcE7LkI50uOvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"4e89e82f0eeb0512bfb2d7642aaf4840"
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-+6xvtpCt2TcE7LkI50uOvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"
expires
Wed, 03 Nov 2021 21:15:44 GMT
mWdz4JV_RsA
www.youtube.com/embed/ Frame C595 		59 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
Requested by
Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
349bd5ec5abf947de8898ffcca556888d52ba192b141e995b06885c7f809ba19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 03 Nov 2021 21:15:44 GMT
strict-transport-security
max-age=31536000
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://online.officerecovery.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
1202
date
Wed, 03 Nov 2021 20:55:42 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Wed, 03 Nov 2021 22:55:42 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1876277999&utmhn=online.officerecovery.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Besch%C3%A4digte%20Datei%20reparieren%20(word%2C%20excel%2C%20access%2C%20powerpoint%2C%20photo).%20Bezahlt%20und%20kostenlos%20Datei%20online%20reparieren%20-%20OfficeRecovery.com&utmhid=1266975565&utmr=-&utmp=%2Fde%2F&utmht=1635974144686&utmac=UA-3032477-2&utmcc=__utma%3D1.1469527964.1635974145.1635974145.1635974145.1%3B%2B__utmz%3D1.1635974145.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1402545806&utmredir=1&utmu=HhAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:15:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
__utm.gif
ssl.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=655998006&utmhn=online.officerecovery.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Besch%C3%A4digte%20Datei%20reparieren%20(word%2C%20excel%2C%20access%2C%20powerpoint%2C%20photo).%20Bezahlt%20und%20kostenlos%20Datei%20online%20reparieren%20-%20OfficeRecovery.com&utmhid=1266975565&utmr=-&utmp=%2Fde%2F&utmht=1635974144692&utmac=UA-30655381-1&utmcc=__utma%3D1.1469527964.1635974145.1635974145.1635974145.1%3B%2B__utmz%3D1.1635974145.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=vlAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 10:57:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
37070
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2225afd62ab21bba128c4f5ab05706d90d1ad070ca23a4c967025fab62d97293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 09:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
562347
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51558
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 17:21:04 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Fri, 28 Oct 2022 09:03:17 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ 		96 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e55db8c8216170be34f4055ae640d88e27ece72c5483453bcfe05cc31dccc6d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 03:04:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
497459
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33943
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 17:21:04 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Sat, 29 Oct 2022 03:04:45 GMT
fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame C068 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&annotation=none&origin=https%3A%2F%2Fonline.officerecovery.com&url=https%3A%2F%2Fonline.officerecovery.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ac15d1868a55adcea61641c78efbb86feda3a65882f21bfe9fedd7348fb54be8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/

Response headers

content-type
text/html; charset=UTF-8
referrer-policy
no-referrer
content-length
1585
date
Wed, 03 Nov 2021 21:15:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
www-player-webp.css
www.youtube.com/s/player/f8cb7a3b/ Frame C595 		334 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/f8cb7a3b/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1252449fb32f8262c1457b85876d7b838639d01c9edd3b190d54652114fa226
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 22:09:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
83190
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46960
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 00:13:08 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 02 Nov 2022 22:09:14 GMT
www-embed-player.js
www.youtube.com/s/player/f8cb7a3b/www-embed-player.vflset/ Frame C595 		208 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/f8cb7a3b/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7444d6b0b9c65ec27bd4070d0b7fec2265370556d24d6581d8d459294bcc0406
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 22:10:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
83141
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69698
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 00:13:08 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 02 Nov 2022 22:10:03 GMT
base.js
www.youtube.com/s/player/f8cb7a3b/player_ias.vflset/de_DE/ Frame C595 		2 MB
514 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/f8cb7a3b/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8571defc865cd73667741086bbb4d2ead9c26568559b9c1c485ab8674e2e5723
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 22:09:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
83190
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
526153
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 00:13:08 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 02 Nov 2022 22:09:14 GMT
fetch-polyfill.js
www.youtube.com/s/player/f8cb7a3b/fetch-polyfill.vflset/ Frame C595 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/f8cb7a3b/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 22:10:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
83141
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 00:13:08 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 02 Nov 2022 22:10:03 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C595 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 06:41:55 GMT
x-content-type-options
nosniff
age
570829
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 28 Oct 2022 06:41:55 GMT
postmessageRelay
accounts.google.com/o/oauth2/ Frame 4D48 		566 B
857 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fonline.officerecovery.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
14ece49dfb353f45523c666d84e950dfda8ad8f6c0ec243f3d27f32a4cda6cb2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Au5x5VPFQrQadPhpNUqfnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 03 Nov 2021 21:15:44 GMT
content-security-policy
script-src 'report-sample' 'nonce-Au5x5VPFQrQadPhpNUqfnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame C068 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png
Requested by
Host: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&annotation=none&origin=https%3A%2F%2Fonline.officerecovery.com&url=https%3A%2F%2Fonline.officerecovery.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://apis.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 03 Nov 2021 21:15:44 GMT
id
googleads.g.doubleclick.net/pagead/ Frame C595
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
Protocol
H2
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68ee1740d69e5f9a72fc4e8fdc38f76cd3203d3cde1829d2c0471e5aa254c3a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 03 Nov 2021 21:15:44 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame C595 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f8cb7a3b/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:13:00 GMT
x-content-type-options
nosniff
age
164
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 03 Nov 2021 21:28:00 GMT
remote.js
www.youtube.com/s/player/f8cb7a3b/player_ias.vflset/de_DE/ Frame C595 		94 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/f8cb7a3b/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f8cb7a3b/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3b5373aeac6922dc3cc984e9667e7726ca93bb029ea4f6d738e66ae2e575200
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 22:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
83189
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29769
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 00:13:08 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 02 Nov 2022 22:09:15 GMT
0fz_hjX5PGRSr6X-gxyBsqW57HXzO6bXOCx9h1LIOSY.js
www.google.com/js/th/ Frame C595 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/0fz_hjX5PGRSr6X-gxyBsqW57HXzO6bXOCx9h1LIOSY.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f8cb7a3b/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1fcff8635f93c6452afa5fe831c81b2a5b9ec75f33ba6d7382c7d8752c83926
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 21:12:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
173020
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13280
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 19:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 01 Nov 2022 21:12:04 GMT
embed.js
www.youtube.com/s/player/f8cb7a3b/player_ias.vflset/de_DE/ Frame C595 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/f8cb7a3b/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f8cb7a3b/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b329caf323afa9e508342448f8c4426d503086074dd164058449d3e9aecbc81f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 22:14:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
82853
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7359
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 00:13:08 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 02 Nov 2022 22:14:51 GMT
truncated
/ Frame C595 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
AKedOLRRQNei6kd5OwHhK_h0zWnpybF9rGRQ6CLFQQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame C595 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLRRQNei6kd5OwHhK_h0zWnpybF9rGRQ6CLFQQ=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6bd5bb2b337a3094c4334e75b33f4ff3d9a6e2c1d636ce08ba81b06656d6f382
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 17:57:59 GMT
x-content-type-options
nosniff
server
fife
age
11865
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1163
x-xss-protection
0
expires
Thu, 04 Nov 2021 17:57:59 GMT
sddefault.jpg
i.ytimg.com/vi/mWdz4JV_RsA/ Frame C595 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/mWdz4JV_RsA/sddefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
368f6297f9525542fc4a30e81afab53c6ab4bb96749746f7a568e8529802a310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 19:53:58 GMT
x-content-type-options
nosniff
age
4906
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30608
x-xss-protection
0
server
sffe
etag
"1403088715"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 03 Nov 2021 21:53:58 GMT
widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html
platform.twitter.com/widgets/ Frame 63D8 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fonline.officerecovery.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE7) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1120429
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 03 Nov 2021 21:15:44 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Mon, 18 Oct 2021 18:32:00 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (mil/6CE7)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
2759057950-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame 4D48 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/2759057950-postmessagerelay.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fonline.officerecovery.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
897211354bbbae29c006fc3a2eada1ce96279b4b0f50c87eca72764f3276c9ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 18:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95123
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4293
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 22:08:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="federated-signon-mpm-access"
expires
Wed, 02 Nov 2022 18:50:22 GMT
rpc:shindig_random.js
apis.google.com/js/ Frame 4D48 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fonline.officerecovery.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7072c25798bd9320d7fc373f555a8b0a231edea5d7ea7e816245468ec5e005f8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QQbE7BCnsmYXOKOwGx06AQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"998951b1d5405dad0418a425bf80cab9"
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-QQbE7BCnsmYXOKOwGx06AQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"
expires
Wed, 03 Nov 2021 21:15:44 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame C595 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f8cb7a3b/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 03 Nov 2021 21:15:45 GMT
generate_204
www.youtube.com/ Frame C595 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?rvSehA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ Frame 4D48 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47c2a064595a04eef284052f1c0e2a6eb32c61f04a5238d09ebca7ad16a7c617
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 03:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
581780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18151
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 17:21:04 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Fri, 28 Oct 2022 03:39:25 GMT
cast_sender.js
www.gstatic.com/eureka/clank/95/ Frame C595 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/95/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 14:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24685
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15249
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 23:31:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 04 Nov 2021 14:24:20 GMT
web-widget-preload-214a58e8d5ae72a6772f.js
static.zdassets.com/web_widget/latest/ Frame 7979 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-preload-214a58e8d5ae72a6772f.js
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf91f99321ec92229b16f723ed7abc9e4ad09cdd91a9d431aa4e3e82d12c3e08
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:45 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1703780
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
MAEY5SRVG9VHDW6T
x-amz-id-2
YwFyAUjfhSRmfG7bR1m43GC2Bwz4rCPsPSnKGsY+87q7EBipdrgl6kgImbJOq4DXoAhhWWPItlg=
last-modified
Fri, 15 Oct 2021 02:14:02 GMT
server
cloudflare
etag
W/"c27021111a7e1d9984a0b01d738d031d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNDq4lwo8M7aQIDlrVdeb6u31j9cRYLbMrwzYL39rLmTGLYCou4UP4Mg17f7%2BVYySHJaYRM%2FnDeZEeV8PSvHx1Svs9rPvcydf%2FyqfZDKp4MhpIdL9FniRFmSkcdZPy2GXWFOiCY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
BUO6fyD2vBqw_W7evY_Q3R6IAjQfVLK6
cf-ray
6a889ea6dcb808a3-CDG
expires
Sat, 15 Oct 2022 02:14:01 GMT
web-widget-framework-d85a06002b6d9f732360.js
static.zdassets.com/web_widget/latest/ Frame 7979 		185 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-framework-d85a06002b6d9f732360.js
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ebc2c57e26982aa598d14d05679e6545a27a5af5bbabc42009865b1d0f6b76c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:45 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1703780
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
MAEPZB9SWZG4RFW3
x-amz-id-2
jGusQJow1UJW1eNLHZLKNFNgv8YXlNrCwY3eSD/b6CbMdgoOBJLuxsCuNbH8iuM3abYDPYQo5xI=
last-modified
Fri, 15 Oct 2021 02:14:02 GMT
server
cloudflare
etag
W/"20c603721579a69695ea29538856aa35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WdNSF49Rze865ckcVM5vNE%2Bs%2FFkLzGzXLCeEFBWk2Ray7q5IIxCt1Wt%2B2nGE%2BWRvEzaAcMf3sW4JSRxPphNdkKDmdYlIVt8UdCvhOVYFtz9JRPSXZjQn%2BJYOTjloQrDFMJinGps%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
yQdfO.wd7Y7GLGuSA_2pdGiXJkwzY.5D
cf-ray
6a889ea6dcbb08a3-CDG
expires
Sat, 15 Oct 2022 02:14:01 GMT
web-widget-chat-sdk-ad0bca0cd862985f164f.js
static.zdassets.com/web_widget/latest/ Frame 7979 		203 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-chat-sdk-ad0bca0cd862985f164f.js
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a77ebced88a45b7146f3e8b0359f37d658f0f6e0eb481583ee9319cb601d893
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:45 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9232299
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
AFCSZWW99A7WQ0G8
x-amz-id-2
rSUa3q7UCzR27JGJtSjs+Vr+DqiI27RkawWfu5bk9elpdJrpMc5LFnkm+rXCQd7Wix4DXsRRThw=
last-modified
Mon, 19 Jul 2021 02:04:04 GMT
server
cloudflare
etag
W/"093f405bc41723c43486a657a0e1a173"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=La7BqJEcaP9S5b%2BQE87AJP%2FIYwPwcReaShUtUUld7EsIvw5TTsqD6aR7XMvqL0Eq67tbvnaxRGEadbxdvnv67vc3tqrHLgoxr3kM7aiG%2F0rFac3diU11Go0s%2BQooD13%2FPdf%2F5JU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
6nLy1oZDiI0GDEsA2cGfRKjp8Mm1fRS8
cf-ray
6a889ea6dcbd08a3-CDG
expires
Tue, 19 Jul 2022 02:04:03 GMT
config
securedata.zendesk.com/embeddable/ Frame F9F1 		574 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securedata.zendesk.com/embeddable/config
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcd15c59ee30518735e35715f359135dacb8ddd80b954487e7c56f27a36bedd4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-zorg
yes
x-zendesk-origin-server
embeddable-app-server-799997884d-xljwg
access-control-allow-methods
GET
vary
Origin, Accept-Encoding
x-cached
MISS
x-request-id
6a889ea7ac17e59b-IAD, 6a889ea7ac17e59b-IAD
x-runtime
0.001954
last-modified
Wed, 03 Nov 2021 21:15:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyxGQiQ2rUeIpkIcIbuIJQTAHP%2FvO4Tpcb5BYYb%2FRIfYB07VNeFyjolQOdBl7iMwSLMgLnTZVVYVeHkvwcNbcosH9zUGNIB3PkUsPBYIsSqDgtJG05jfn0jO9SzruGYt2bo4jciFKU8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
6a889ea7ac17e59b-MAN
settings
syndication.twitter.com/ Frame 63D8 		232 B
447 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=f9a4eed6845bd15ef247e301b4d37865a6364fea
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fonline.officerecovery.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-response-time
108
date
Wed, 03 Nov 2021 21:15:44 GMT
content-encoding
gzip
last-modified
Wed, 03 Nov 2021 21:15:45 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
f778f162567f84a7bcca2a3c8204f00a79a8fdebbda3d9a74150baeee4ffc68d
content-length
166
IsJavaScriptSupported
online.officerecovery.com/oronline/Or/ 		0
79 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://online.officerecovery.com/oronline/Or/IsJavaScriptSupported
Requested by
Host: online.officerecovery.com
URL: https://online.officerecovery.com/oronline/Scripts/jquery-1.4.4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:9eb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://online.officerecovery.com/de/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:45 GMT
x-aspnetmvc-version
3.0
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cf-cache-status
DYNAMIC
cache-control
private
cf-ray
6a889ea78f943745-MXP
content-type
text/plain; charset=UTF-8
content-length
0
button.0d6aa7fd095b2a9dd19cc66c7c2ed64b.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.0d6aa7fd095b2a9dd19cc66c7c2ed64b.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE9) /
Resource Hash
186ef01aca1c73789f73c2f4388a26387e38e5fd8a05f4f1c3785709cec25f66

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 21:15:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Oct 2021 18:31:51 GMT
Server
ECS (mil/6CE9)
Age
1120430
Etag
"e8090d17c9828f5a217bebb39dd3e689+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2294
tweet_button.a53eecb4584348a2ad32ec2ae21f6eae.en.html
platform.twitter.com/widgets/ Frame 3375 		32 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.a53eecb4584348a2ad32ec2ae21f6eae.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE9) /
Resource Hash
d94cce9ec0cffd5417657d26aa1741a7e3b2b0a5f4232a80d789c1a254c4e2ef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1120430
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 03 Nov 2021 21:15:45 GMT
Etag
"89e8ce4106e3294685b0af818d97b80c+gzip"
Last-Modified
Mon, 18 Oct 2021 18:31:56 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (mil/6CE9)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
12235
de-de-json-d7ee6cb4b3f57aabe16b.js
static.zdassets.com/web_widget/latest/web-widget-locales/ Frame 7979 		37 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-locales/de-de-json-d7ee6cb4b3f57aabe16b.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-214a58e8d5ae72a6772f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eec770ee4b030f00ca9d9eb8bc28d9e7c7e858e3ac315cb92a05ff9f0e6b990a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:45 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3863368
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
4FHR93392CYMY18W
x-amz-id-2
dIu5sA1n2zJzQMNSKAvRy0DiLexjdkOP8n2OzQINSO6x92gSIGZui8VZCvHxnikc4Z0QEHAKoYU=
last-modified
Mon, 20 Sep 2021 03:46:48 GMT
server
cloudflare
etag
W/"811ba5198de03eb639ced23b0c55e764"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpqA3ly5V082Vx4qtV8W6ouU4mOc0v19P4KWd6xav0VXqu6OZWfop4QnFhVorHM3jSAqAPzXjVybYqtETo16iN8A9m3gIpoQZrEqn77W%2BwRW5JyZBPaT5Fi886GKZVGrO60Q100%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
Ad26HWM94n9oSNA2XO5q9d8tXRaFBL8q
cf-ray
6a889ea8b98408a3-CDG
expires
Tue, 20 Sep 2022 03:46:47 GMT
web-widget-4722-fbf2279a5722a63e5030.js
static.zdassets.com/web_widget/latest/ Frame 7979 		336 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-4722-fbf2279a5722a63e5030.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-214a58e8d5ae72a6772f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a3728e40b6b9a4ea974f7aed3b0c66f2fc833bdaeaa5437601a445280c844e4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:45 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
KBCF04JPYD78ATCS
x-amz-id-2
Yy9ibnJFaeqHtSZuELs1X7eSVQ8fyIcBTwM2EzSe5VacvSETIq+oZ2R/v8F8gGm6kXRjRWQQfpI=
last-modified
Mon, 25 Oct 2021 23:24:48 GMT
server
cloudflare
etag
W/"f0576d35cdbb56401f7fc8f6e401f194"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WvwSw8MocCASAwv%2BemjQd9p%2BWQfKV5z%2FyMQGL2OdNz%2FgD83uvS6p%2FS%2B4Ba0ue8h0s7dRM%2FLQDQrXwYWHBwlHOxruVy1NcB%2FKSzHCm9a0ZmNrgUAH32Mx0rgrT2z4z4jvu9hfhz8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
cjzWqygwBsk_wO8NuOhgBFd_hOHTJmEu
cf-ray
6a889ea8c99508a3-CDG
expires
Thu, 13 Oct 2022 06:02:52 GMT
web-widget-1349-6753b424d659a7d95210.js
static.zdassets.com/web_widget/latest/ Frame 7979 		85 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-1349-6753b424d659a7d95210.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-214a58e8d5ae72a6772f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33d7ecf4d06933b8d08fe24da17d3bee4d12d1f0ec3aa39ac92f0487962d98c8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:45 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1867641
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
5JWMP9XPD9AFJ1VW
x-amz-id-2
l5UY+Ie1m2gWUr+1YIi5Exhf+Il50N7g10Echsy7VdV97mGNrLYxR/w+IR6HifdUjE8EcBBUDBI=
last-modified
Wed, 13 Oct 2021 06:02:54 GMT
server
cloudflare
etag
W/"da94225d9d1dcada3965e2d1674dd6b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nT%2FJB55jIHnW9i9rECulcIlZrMcJ5b0U1iyRzOp5uUyirtj4An%2BioZqCypbhf0GFOMHoF1w8IO0bsuSDUSXNY3PbIX4F5iAsDl1To1CJTyRRMjpYkWRxXpyMz2XmCk%2BEcSkeqNo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
CyZF8aDSw.7jk.cErPKtygjAM98iztdK
cf-ray
6a889ea8c99808a3-CDG
expires
Thu, 13 Oct 2022 06:02:53 GMT
web_widget-eb520c8f7863359d9904.js
static.zdassets.com/web_widget/latest/web-widget-lazy/ Frame 7979 		420 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-lazy/web_widget-eb520c8f7863359d9904.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-214a58e8d5ae72a6772f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f71216549fddcaa31cb30c2c4efbda889daaf24a0024b2a0ca8d29e32d22d48
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:45 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
9KSRVD0WC3CK9JZ1
x-amz-id-2
q8UzzQilVXu2xDancl8jZKrA+LIQ84IhkzMhIpVuLJdj4Vl/WcWMbrPwG/wrIvBfCP6VfPIXgso=
last-modified
Mon, 25 Oct 2021 23:23:06 GMT
server
cloudflare
etag
W/"e48e26c1e08ca033ccdb35f60a57c62c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFLJa%2BvovYG4JBZkppv%2FdqpcPBWAbUJjpMQ8iX%2FOPBJOzdIKnSixiUm0SR8PzEDh8Y9q6xqPxRntA%2BQCJIXP%2BQv6tBQKzXRFyhnULtB9RkjWjNmuanmLWwN8YqcELICLBUiGhV0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
wJD44NvwOaKaWw9.hkm_H0YPLcanI3sU
cf-ray
6a889ea8c99c08a3-CDG
expires
Fri, 14 Oct 2022 06:12:34 GMT
truncated
/ Frame 3375 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
embeddable_blip
securedata.zendesk.com/ Frame 7979 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securedata.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTUuMC40NjM4LjU0IFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2V9LCJhY3Rpb24iOiJsb2NhbGVNaXNtYXRjaCIsImNhdGVnb3J5IjoibG9jYWxlIn0sImJ1aWQiOiI3N2FjMzk0MzZhMDEwMzE2NjRlNzg2YzYyM2JiYjI1YyIsInN1aWQiOiIzYTU5OGI2YmM4YzFhZDc0OTgzNDM1ZmYzMGMxYTA0ZiIsInZlcnNpb24iOiI0NTZhMTQyNDkiLCJ0aW1lc3RhbXAiOiIyMDIxLTExLTAzVDIxOjE1OjQ1LjUxNFoiLCJ1cmwiOiJodHRwczovL29ubGluZS5vZmZpY2VyZWNvdmVyeS5jb20vZGUvIn0%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-d85a06002b6d9f732360.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:45 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Wed, 03 Nov 2021 21:15:45 GMT
server
cloudflare
x-zendesk-zorg
yes
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2FvR1y1maw2xBI1rCUfC4%2BOssXmHxUDehq4NU1nP%2B%2FMTvoutFaFhmUUuQrjUD2OBrMyWVmdn0Zxf7YXEsyoGRQ%2BxNv8ZFKiZAXNCo9%2BYDDMZdXsaUocJZmBs%2BF3d6xuKje%2BbRC3smvo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://online.officerecovery.com
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a889ea99eb4e59b-MAN
vary
Accept-Encoding
content-length
0
x-request-id
a2663921194dc08e106c8a66c3388bfb
embeddable_blip
securedata.zendesk.com/ Frame 7979 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securedata.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly9vbmxpbmUub2ZmaWNlcmVjb3ZlcnkuY29tL2RlLyIsInRpbWUiOjM2LCJsb2FkVGltZSI6bnVsbCwibmF2aWdhdG9yTGFuZ3VhZ2UiOiJlbi1VUyIsInBhZ2VUaXRsZSI6IkJlc2Now6RkaWd0ZSBEYXRlaSByZXBhcmllcmVuICh3b3JkLCBleGNlbCwgYWNjZXNzLCBwb3dlcnBvaW50LCBwaG90bykuIEJlemFobHQgdW5kIGtvc3RlbmxvcyBEYXRlaSBvbmxpbmUgcmVwYXJpZXJlbiAtIE9mZmljZVJlY292ZXJ5LmNvbSIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85NS4wLjQ2MzguNTQgU2FmYXJpLzUzNy4zNiIsImlzTW9iaWxlIjpmYWxzZSwiaXNSZXNwb25zaXZlIjpmYWxzZSwidmlld3BvcnRNZXRhIjoiIiwiaGVscENlbnRlckRlZHVwIjpmYWxzZX0sImJ1aWQiOiI3N2FjMzk0MzZhMDEwMzE2NjRlNzg2YzYyM2JiYjI1YyIsInN1aWQiOiIzYTU5OGI2YmM4YzFhZDc0OTgzNDM1ZmYzMGMxYTA0ZiIsInZlcnNpb24iOiI0NTZhMTQyNDkiLCJ0aW1lc3RhbXAiOiIyMDIxLTExLTAzVDIxOjE1OjQ1LjU0OVoiLCJ1cmwiOiJodHRwczovL29ubGluZS5vZmZpY2VyZWNvdmVyeS5jb20vZGUvIn0%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-d85a06002b6d9f732360.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:45 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Wed, 03 Nov 2021 21:15:45 GMT
server
cloudflare
x-zendesk-zorg
yes
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBUtEhIwf8IK%2BYnDsT0SAJGpI0pGpAL38%2BF49nMhckMJMb4SpAJgl6gMq4ctlAdqudLuiKjnyeu04TGnRgM%2F%2FR5sOJAITgZZXp%2FjwnRBidKkNEnTYxo0P59uIUd42LQD5ilQKlPunuo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://online.officerecovery.com
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a889ea9cf1ee59b-MAN
vary
Accept-Encoding
content-length
0
x-request-id
1b88ab2106d1bfda3e4112d9ff0a8e8e
jot
syndication.twitter.com/i/ 		43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fonline.officerecovery.com%2Fde%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1635974145685%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22f001879%3A1634581029404%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://online.officerecovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
117
pragma
no-cache
last-modified
Wed, 03 Nov 2021 21:15:45 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
f778f162567f84a7bcca2a3c8204f00a79a8fdebbda3d9a74150baeee4ffc68d
x-transaction
49a50bc6fc7ba5c1
expires
Tue, 31 Mar 1981 05:00:00 GMT
web-widget-chat-incoming-message-notification-bdfd1edd38ba2ec92175.js
static.zdassets.com/web_widget/latest/ Frame 7979 		337 B
951 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-chat-incoming-message-notification-bdfd1edd38ba2ec92175.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-214a58e8d5ae72a6772f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a3ab89bc8d4feb680748ba773ff13a07c2db610c1308ec9c12040aa9b65d46b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:15:46 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9232294
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
41XK3YVGSQWT8AMH
x-amz-id-2
LcB6Q+ID4UCougujCW3oKT38VKN9QWGKUbw3htTdQH27N7Fntc4pIyH0MWKN52opa7qEX5WuKlI=
last-modified
Mon, 19 Jul 2021 02:04:04 GMT
server
cloudflare
etag
W/"200371227ff3b0fb85badb2d2faef3b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PnoeXpKqH9m2EwDtctw937KGQgcWUb0hEX60src2KV96qpxlipzxoGQuk20AU9dIqr7I9Kd0WdEXHjMiU%2FzGB1%2BcLSSf4ZrNM%2Bz8ZH7vTj6I9hegoq3oatogsQTINqgoddc4ewQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
___O_wFiyDX4A56Xq4fDhtClHpW0qk0i
cf-ray
6a889eae5f4508a3-CDG
expires
Tue, 19 Jul 2022 02:04:03 GMT
fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/latest/ Frame 7979 		19 KB
20 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 03 Nov 2021 21:15:46 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7424198
x-amz-server-side-encryption
AES256
Content-Range
bytes 0-19697/19698
x-amz-replication-status
COMPLETED
x-amz-request-id
5ZY4VKB16Z3EBYGT
x-amz-id-2
dq0z7WzUJpdsIfPg3WElWlvqbfKTL5IvK1ggu8VWvnwS3VaX9uCGF/jyFkd4rNG/1qW8opg+BZM=
last-modified
Mon, 09 Aug 2021 15:02:07 GMT
server
cloudflare
etag
"f11ce9e8f40a392830217253fe75d6de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9W9MdDLKew9oosAsQI2UdeR6r8%2Bk1XUZcN8Anbch9WLqJFaMGi%2FUZfdt1m%2F1RGyFvM%2FhKnAbJMY7enfE2lUhi5Ct3iTauoWHYotG%2BJgXhde1QXx9OJmTSUueWbrzz3SPkdPtb0%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
wo_lCnzkgzNmTw3PEFheI9QEyCECIezA
Content-Length
19698
cf-ray
6a889eae8fe608a3-CDG
expires
Tue, 09 Aug 2022 15:02:06 GMT
log_event
www.youtube.com/youtubei/v1/ Frame C595 		28 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f8cb7a3b/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
X-YouTube-Client-Version
1.20211031.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtkUkI4WXBXMjg0SSiA-IuMBg%3D%3D
X-YouTube-Ad-Signals
dt=1635974144792&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C360%2C200&vis=1&wgl=true&ca_type=image&bid=ANyPxKobgp-MLEKZYazp87__3N_mPKPyeDF5m2OYrYHrBFeECwRzMt3gqMEGxc5e2vVHUfKQMXQfU3hYq5AeZM80cpBFOP2nWw

Response headers

date
Wed, 03 Nov 2021 21:15:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Wed, 03 Nov 2021 21:15:47 GMT

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery function| DP_jQuery_1635974143974 function| removefile function| emptyinputsexist function| orshowpass function| orshowfeedback function| SendFeedback function| SendCrossLink function| ShowSearchResult function| ResetRecoveryForm function| SendSearchMessage function| SubmitSignUp function| submitpromocode function| processcode function| validatemobilecode function| submitmobilecode function| fileexists function| preparefilename function| constructfilenamesstring function| addfile function| inputchanged function| shiftprogress function| onclicktab function| onloadtabber function| redirecttab function| GetTabs function| SubscriberLogOut function| OrLoadPartial function| gup function| init_fb function| PostSendActions function| statscounter function| updatetempformdata function| updateformdata function| GetData function| getindex function| getresults function| getmobile function| ShowCoupons function| ShowSignUp function| getCookie function| setCookie function| checkframeexist function| DeleteJobData function| FormSender function| validateEmail function| checkparams function| updatestatus function| updateform function| setjavascriptsupport function| pingserver function| updatecaptcha object| recintId number| pingintId object| progintId number| progcounter object| file_uploadintId string| error_txt string| conn_error_txt string| orrecoveryroot number| cur_input_index object| mobileInt number| mobileCnt object| glob_tabber function| tabberObj function| tabberAutomatic function| tabberAutomaticOnLoad function| zEmbed function| zE function| createDropDown function| SetToEng function| GetCookies function| GenerateLangLinks function| InitLang string| cur_lang object| __core-js_shared__ object| Sslac object| IN string| gaJsHost object| _gat object| _gaq object| pageTracker object| gaGlobal object| gapi object| ___jsl object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __twttrll object| twttr object| __twttr boolean| zEACLoaded function| $zopim

21 Cookies

Domain/Path Name / Value
online.officerecovery.com/ Name: PHPSESSID
Value: dkjb6r5e2866rj61al030jjiv3
online.officerecovery.com/ Name: orlangpr
Value: %2F
online.officerecovery.com/ Name: orlang
Value: de
online.officerecovery.com/ Name: fblang
Value: de_DE
online.officerecovery.com/ Name: orcurtab
Value: 0
online.officerecovery.com/ Name: __utma
Value: 1.1469527964.1635974145.1635974145.1635974145.1
online.officerecovery.com/ Name: __utmc
Value: 1
online.officerecovery.com/ Name: __utmz
Value: 1.1635974145.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
online.officerecovery.com/ Name: __utmt
Value: 1
online.officerecovery.com/ Name: __utmb
Value: 1.1.10.1635974145
.officerecovery.com/ Name: __utma
Value: 1.1469527964.1635974145.1635974145.1635974145.1
.officerecovery.com/ Name: __utmc
Value: 1
.officerecovery.com/ Name: __utmz
Value: 1.1635974145.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.officerecovery.com/ Name: __utmb
Value: 1.2.10.1635974145
.google.com/ Name: NID
Value: 511=Yx_Rs7MCe5dYSkRfhljnIErK4ZYrM01mRG4jh5Wncvfb4HsH8s-8zxbx3-n7FjaKIU4j966sI4uE3v-MZ4CSue0JPGsu96JFLeII1XSWU-hMz_8jHCbg8cxb5woUgbLmhBrHduYAUtUL1uj3DmGNNTe1LDijKegTIUoza6a7TTE
.youtube.com/ Name: YSC
Value: a6zZyYpWbfg
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: dRB8YpW284I
.doubleclick.net/ Name: IDE
Value: AHWqTUmi008Wr8_Fn2TqPqJG2y4VBuUBRnuETM97nKQNfEP2HwkfhLKPgFWQcJJq
online.officerecovery.com/ Name: ASP.NET_SessionId
Value: 00yeaesh0i54jk3fe1t0y435
widget-mediator.zopim.com/ Name: AWSALBCORS
Value: kJIBUqUAjZCEpAE58C+EZmuqLx6KxGKrtD256/HF2AAq4tf7Is4bGwdFRtuMt8HWNoMbby9/4oEkPi0nXNDX6slrEDmouLAEwMXZO1Po2srnOxiZQ9iVwnyPE7Zi
.officerecovery.com/ Name: __zlcmid
Value: 16skSDtvWcZBxBO

3 Console Messages

Source Level URL
Text
javascript warning URL: https://online.officerecovery.com/de/(Line 708)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://online.officerecovery.com/de/(Line 708)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&annotation=none&origin=https%3A%2F%2Fonline.officerecovery.com&url=https%3A%2F%2Fonline.officerecovery.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I0_1635974144723&_gfid=I0_1635974144723&parent=https%3A%2F%2Fonline.officerecovery.com&pfname=&rpctoken=41358823
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
assets.zendesk.com
ekr.zdassets.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
online.officerecovery.com
platform.linkedin.com
platform.twitter.com
securedata.zendesk.com
ssl.google-analytics.com
ssl.gstatic.com
static.doubleclick.net
static.zdassets.com
syndication.twitter.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.16.51.111
104.18.70.113
104.18.72.113
104.244.42.200
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700::6811:9eb5
2a00:1450:4001:801::2003
2a00:1450:4001:802::200e
2a00:1450:4001:808::2008
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2006
2a00:1450:4001:829::2016
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::200d
2a00:1450:4001:831::2004
2a02:26f0:6c00::210:ba11
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
0a77ebced88a45b7146f3e8b0359f37d658f0f6e0eb481583ee9319cb601d893
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
14ece49dfb353f45523c666d84e950dfda8ad8f6c0ec243f3d27f32a4cda6cb2
16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7
186ef01aca1c73789f73c2f4388a26387e38e5fd8a05f4f1c3785709cec25f66
1a3728e40b6b9a4ea974f7aed3b0c66f2fc833bdaeaa5437601a445280c844e4
2225afd62ab21bba128c4f5ab05706d90d1ad070ca23a4c967025fab62d97293
327d29643789f218395ff095d67b961952db48dc01dde148a556c810c1d49b35
33d7ecf4d06933b8d08fe24da17d3bee4d12d1f0ec3aa39ac92f0487962d98c8
349bd5ec5abf947de8898ffcca556888d52ba192b141e995b06885c7f809ba19
3633ef7bc4c1d897dfaf5b507cb6e5170ee50eb7ece99da1e0f0fc720f6dd2a1
368f6297f9525542fc4a30e81afab53c6ab4bb96749746f7a568e8529802a310
3a3ab89bc8d4feb680748ba773ff13a07c2db610c1308ec9c12040aa9b65d46b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f394866bfbacd4b818447aef46ba59977289aa67e88533b8c62128e736c6a7a
47c2a064595a04eef284052f1c0e2a6eb32c61f04a5238d09ebca7ad16a7c617
4ea2e619c99231908d6923f542c82afde953ae0680a61af7b4cfc27d93232b6a
53e7c88853c2bd59d8a04e209c4085515c4fdab68a71000c41904a2f2c382720
56721ee2f48e9fcff20ff7b945d8a29669a40873f3271e034c105d2c707c80d9
5f84816efbaa93e36648dca51e5c42736b6f109bb9c96b43e19a077acc06aa41
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68ee1740d69e5f9a72fc4e8fdc38f76cd3203d3cde1829d2c0471e5aa254c3a5
6bd5bb2b337a3094c4334e75b33f4ff3d9a6e2c1d636ce08ba81b06656d6f382
7072c25798bd9320d7fc373f555a8b0a231edea5d7ea7e816245468ec5e005f8
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
7444d6b0b9c65ec27bd4070d0b7fec2265370556d24d6581d8d459294bcc0406
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8571defc865cd73667741086bbb4d2ead9c26568559b9c1c485ab8674e2e5723
88b20e2d508a004ddfa5278a62614d89f948b07d7e5d8a95af96d181cd8dd4c7
897211354bbbae29c006fc3a2eada1ce96279b4b0f50c87eca72764f3276c9ff
8ebc2c57e26982aa598d14d05679e6545a27a5af5bbabc42009865b1d0f6b76c
8f7c8adcfbdd8352c8f60d012c71a25c76326374c3f726b511e8ef12c02dc991
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
9f71216549fddcaa31cb30c2c4efbda889daaf24a0024b2a0ca8d29e32d22d48
a064c2db2689dbec285086e980f72e04aede8bbf85a6b9e8006415277d920c4b
a1252449fb32f8262c1457b85876d7b838639d01c9edd3b190d54652114fa226
a1eea811108ad228907c95c23624658c51bf3aee91647864117dd390fa44bd40
a72c24fd1b83ea4764c4d99c5c0df3d74eaec988d0ce4620b4dba760ec968ad9
a779e60bf576aab59ade544867909d68fca723314064ec8e1690977256835ad0
ac15d1868a55adcea61641c78efbb86feda3a65882f21bfe9fedd7348fb54be8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b329caf323afa9e508342448f8c4426d503086074dd164058449d3e9aecbc81f
bc2f7e60f467c96ea572373949a32c362f98240ec207dd77ba99fd15ca5c4204
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c3b5373aeac6922dc3cc984e9667e7726ca93bb029ea4f6d738e66ae2e575200
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c98517e69c8e625e76d3f7e9d8cb64dd11ebbb0e4bfef31fd0f1bbdad0e3a942
c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe
cc6ab2698fdfcebeeee0493803c3bc1d31e2be10d6f6afd73d48faf0fa33a449
cd48dbf725908c4b2152a70da7610d7ff56c5f4c3aedecdacfa01cd71499d9fd
cf91f99321ec92229b16f723ed7abc9e4ad09cdd91a9d431aa4e3e82d12c3e08
d1fcff8635f93c6452afa5fe831c81b2a5b9ec75f33ba6d7382c7d8752c83926
d59dc78f8955429cc22c38090561b3570f4424debc90fc8650880256561b7efc
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d94cce9ec0cffd5417657d26aa1741a7e3b2b0a5f4232a80d789c1a254c4e2ef
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55db8c8216170be34f4055ae640d88e27ece72c5483453bcfe05cc31dccc6d5
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eec770ee4b030f00ca9d9eb8bc28d9e7c7e858e3ac315cb92a05ff9f0e6b990a
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
fcd15c59ee30518735e35715f359135dacb8ddd80b954487e7c56f27a36bedd4