online.officerecovery.com Open in urlscan Pro
104.17.158.181 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://online.officerecovery.com/
Effective URL:
https://online.officerecovery.com/de/
Submission: On April 12 via api (April 12th 2024, 3:15:58 pm UTC) from US — Scanned from DE

Summary HTTP 40 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 9 domains to perform 40 HTTP transactions. The main IP is 104.17.158.181, located in and belongs to CLOUDFLARENET, US. The main domain is online.officerecovery.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 12th 2023. Valid for: a year.

This is the only time online.officerecovery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	104.17.158.181 104.17.158.181	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2800:233... 2606:2800:233:66b5:799a:7cd3:f74d:7071	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1 8	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c09::54	15169 (GOOGLE) (GOOGLE)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
40	12

18 104.17.158.181 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

online.officerecovery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:66b5:799a:7cd3:f74d:7071 (United States)

ASN15133 (EDGECAST, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.70.113 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

assets.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

securedata.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	officerecovery.com 1 redirects online.officerecovery.com	113 KB
7	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2270 ekr.zdassets.com — Cisco Umbrella Rank: 2600	361 KB
5	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1349 syndication.twitter.com — Cisco Umbrella Rank: 1755	31 KB
4	google.com apis.google.com — Cisco Umbrella Rank: 100 accounts.google.com — Cisco Umbrella Rank: 21	111 KB
2	zendesk.com 1 redirects assets.zendesk.com — Cisco Umbrella Rank: 9542 securedata.zendesk.com	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	152 KB
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 73
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2548	261 B
1	linkedin.com platform.linkedin.com — Cisco Umbrella Rank: 3559	160 KB
40	9

	Domain	Requested by
18	online.officerecovery.com	1 redirects online.officerecovery.com
6	static.zdassets.com	online.officerecovery.com assets.zendesk.com static.zdassets.com
4	platform.twitter.com	online.officerecovery.com platform.twitter.com
3	apis.google.com	online.officerecovery.com apis.google.com
2	www.googletagmanager.com	online.officerecovery.com www.googletagmanager.com
1	syndication.twitter.com
1	accounts.google.com	apis.google.com
1	securedata.zendesk.com	static.zdassets.com
1	www.youtube.com	online.officerecovery.com
1	ekr.zdassets.com	assets.zendesk.com
1	region1.google-analytics.com	www.googletagmanager.com
1	assets.zendesk.com	1 redirects
1	platform.linkedin.com	online.officerecovery.com
40	13

This site contains links to these domains. Also see Links.

Domain
www.officerecovery.com

Subject Issuer	Validity	Valid
*.officerecovery.com Go Daddy Secure Certificate Authority - G2	`2023-11-12` - `2024-12-13`	a year	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2023-07-11` - `2024-07-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
zdassets.com E1	`2024-03-03` - `2024-06-01`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
securedata.zendesk.com Cloudflare Inc ECC CA-3	`2024-03-05` - `2024-12-31`	10 months	crt.sh
accounts.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
syndication.twitter.com R3	`2024-04-06` - `2024-07-05`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://online.officerecovery.com/de/
Frame ID: 0C7D19D136FBC6650E6EC46C9D1688C1
Requests: 27 HTTP requests in this frame

Frame: https://static.zdassets.com/ekr/asset_composer.js
Frame ID: 17C14E1267104026EFEAD517AF89C3F5
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0
Frame ID: E83CF159F596740FB3239BD8F7CEBAAE
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js
Frame ID: 7E53846CFD64F14960076554F38F4169
Requests: 6 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&annotation=none&origin=https%3A%2F%2Fonline.officerecovery.com&url=https%3A%2F%2Fonline.officerecovery.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.-N67K4ZqcbY.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo_gtfHin_QEh95VEMb_GlSMKA87MQ%2Fm%3D__features__
Frame ID: 2269F3C844D31F8CD8F724A326F9C6A9
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fonline.officerecovery.com
Frame ID: A3CF4A986B3CCA34AF2BE4D5B9BD5D7F
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fonline.officerecovery.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.-N67K4ZqcbY.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo_gtfHin_QEh95VEMb_GlSMKA87MQ%2Fm%3D__features__
Frame ID: 2E9D1A9211E8A59F2FEF08DFA9D7AE9D
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Frame ID: BEB7351C30416592AA573CFD65490402
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Beschädigte Datei reparieren (word, excel, access, powerpoint, photo). Bezahlt und kostenlos Datei online reparieren - OfficeRecovery.com

Page URL History Show full URLs

http://online.officerecovery.com/ HTTP 307
https://online.officerecovery.com/ HTTP 302
http://online.officerecovery.com/de/ HTTP 307
https://online.officerecovery.com/de/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

40
Requests

95 %
HTTPS

64 %
IPv6

9
Domains

13
Subdomains

12
IPs

4
Countries

929 kB
Transfer

2975 kB
Size

13
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: http://www.officerecovery.com/de/office/
Title: Das Paket der Dienstprogramme OfficeRecovery 2012

Search URL Search Domain Scan URL

URL: http://www.officerecovery.com/de/
Title: OfficeRecovery

Search URL Search Domain Scan URL

URL: http://www.officerecovery.com/de/exchange/
Title: Exchange Server

Search URL Search Domain Scan URL

URL: http://www.officerecovery.com/de/recovery-for-exchange-ost/
Title: Exchange OST

Search URL Search Domain Scan URL

URL: http://www.officerecovery.com/de/outlookundelete/
Title: Undelete for Outlook

Search URL Search Domain Scan URL

URL: http://www.officerecovery.com/de/registry/
Title: Windows Registry

Search URL Search Domain Scan URL

URL: http://www.officerecovery.com/de/activedirectory/
Title: Active Directory

Search URL Search Domain Scan URL

URL: http://www.officerecovery.com/de/sharepoint/
Title: SharePoint

Search URL Search Domain Scan URL

URL: http://www.officerecovery.com/de/mediaheal_for_flash/
Title: Flash Drive

Search URL Search Domain Scan URL

URL: http://www.officerecovery.com/de/mediaheal_for_hard_drives/
Title: Hard Drive

Search URL Search Domain Scan URL

URL: http://www.officerecovery.com/de/mediaheal_for_cd_and_dvd/
Title: CD and DVD

Search URL Search Domain Scan URL

URL: http://www.officerecovery.com/de/photorecovery/
Title: Photo File

Search URL Search Domain Scan URL

URL: http://www.officerecovery.com/de/mediaheal_for_diskettes/
Title: Diskette

Search URL Search Domain Scan URL

URL: http://www.officerecovery.com/de/mediaheal_for_removable_disks/
Title: Removable Disk

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://online.officerecovery.com/ HTTP 307
https://online.officerecovery.com/ HTTP 302
http://online.officerecovery.com/de/ HTTP 307
https://online.officerecovery.com/de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://assets.zendesk.com/embeddable_framework/main.js HTTP 301
https://static.zdassets.com/ekr/asset_composer.js

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
online.officerecovery.com/de/
Redirect Chain

http://online.officerecovery.com/
https://online.officerecovery.com/
http://online.officerecovery.com/de/
https://online.officerecovery.com/de/

39 KB
10 KB

1058ms
1057ms

Document
text/html

104.17.158.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.158.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.29 ASP.NET
Resource Hash: 92bb90fd2362485c9c9e83f35a9b5244fd6c5293f90fe19faa7860acdd38dfeb

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 87342c954b963bc3-WAW
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 12 Apr 2024 15:15:52 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/5.3.29 ASP.NET

Redirect headers

Location: https://online.officerecovery.com/de/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 jquery-1.4.4.min.js Show response
online.officerecovery.com/oronline/Scripts/ 77 KB
27 KB 503ms
502ms Script
application/x-javascript 104.17.158.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/oronline/Scripts/jquery-1.4.4.min.js
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.158.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cd48dbf725908c4b2152a70da7610d7ff56c5f4c3aedecdacfa01cd71499d9fd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://online.officerecovery.com/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:15:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 04 Mar 2021 14:50:13 GMT
server: cloudflare
etag: "80073ae511d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
accept-ranges: bytes
cf-ray: 87342c9bedb83bc3-WAW
alt-svc: h3=":443"; ma=86400
content-length: 27388

GET
H3 200 jquery-ui.min.js Show response
online.officerecovery.com/oronline/Scripts/ 194 KB
50 KB 501ms
500ms Script
application/x-javascript 104.17.158.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/oronline/Scripts/jquery-ui.min.js
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.158.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c98517e69c8e625e76d3f7e9d8cb64dd11ebbb0e4bfef31fd0f1bbdad0e3a942

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://online.officerecovery.com/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:15:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 04 Mar 2021 14:50:13 GMT
server: cloudflare
etag: "80073ae511d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
accept-ranges: bytes
cf-ray: 87342c9bedbb3bc3-WAW
alt-svc: h3=":443"; ma=86400
content-length: 51207

GET
H3 200 jquery.hint.js Show response
online.officerecovery.com/oronline/Scripts/ 1 KB
837 B 526ms
525ms Script
application/x-javascript 104.17.158.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/oronline/Scripts/jquery.hint.js
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.158.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 327d29643789f218395ff095d67b961952db48dc01dde148a556c810c1d49b35

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://online.officerecovery.com/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:15:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 04 Mar 2021 14:50:13 GMT
server: cloudflare
etag: "80073ae511d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
accept-ranges: bytes
cf-ray: 87342c9bedbd3bc3-WAW
alt-svc: h3=":443"; ma=86400
content-length: 570

GET
H3 200 orutils.min.js Show response
online.officerecovery.com/oronline/Scripts/ 26 KB
5 KB 479ms
479ms Script
application/x-javascript 104.17.158.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/oronline/Scripts/orutils.min.js
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.158.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a1eea811108ad228907c95c23624658c51bf3aee91647864117dd390fa44bd40

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://online.officerecovery.com/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:15:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 04 Mar 2021 14:50:13 GMT
server: cloudflare
etag: "80073ae511d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
accept-ranges: bytes
cf-ray: 87342c9bedbf3bc3-WAW
alt-svc: h3=":443"; ma=86400
content-length: 5274

GET
H3 200 tabber.min.js Show response
online.officerecovery.com/oronline/Scripts/ 5 KB
2 KB 527ms
526ms Script
application/x-javascript 104.17.158.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/oronline/Scripts/tabber.min.js
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.158.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a72c24fd1b83ea4764c4d99c5c0df3d74eaec988d0ce4620b4dba760ec968ad9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://online.officerecovery.com/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:15:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 04 Mar 2021 14:50:13 GMT
server: cloudflare
etag: W/"ad65a1ae511d71:0"
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: application/x-javascript
cache-control: no-cache
cf-ray: 87342c9bedc23bc3-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 langswitcher.css
online.officerecovery.com/oronline/Content/ 2 KB
899 B 528ms
527ms Stylesheet
text/css 104.17.158.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/oronline/Content/langswitcher.css
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.158.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a064c2db2689dbec285086e980f72e04aede8bbf85a6b9e8006415277d920c4b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://online.officerecovery.com/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:15:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 04 Mar 2021 14:50:13 GMT
server: cloudflare
etag: "80073ae511d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
accept-ranges: bytes
cf-ray: 87342c9bedc43bc3-WAW
alt-svc: h3=":443"; ma=86400
content-length: 651

GET
H3 200 langswitcher.min.js Show response
online.officerecovery.com/oronline/Scripts/ 3 KB
1 KB 535ms
534ms Script
application/x-javascript 104.17.158.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/oronline/Scripts/langswitcher.min.js
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.158.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5f84816efbaa93e36648dca51e5c42736b6f109bb9c96b43e19a077acc06aa41

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://online.officerecovery.com/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:15:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 04 Mar 2021 14:50:13 GMT
server: cloudflare
etag: W/"73c9a0ae511d71:0"
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: application/x-javascript
cache-control: no-cache
cf-ray: 87342c9bedc63bc3-WAW
alt-svc: h3=":443"; ma=86400

GET
H3 200 navi_or.gif
online.officerecovery.com/images/ 1 KB
2 KB 528ms
527ms Image
image/gif 104.17.158.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online.officerecovery.com/images/navi_or.gif
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.158.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d59dc78f8955429cc22c38090561b3570f4424debc90fc8650880256561b7efc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://online.officerecovery.com/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:15:52 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 24 Jan 2017 11:46:21 GMT
server: cloudflare
etag: "a0bc647b3776d21:0"
x-powered-by: ASP.NET
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
cf-ray: 87342c9bedc83bc3-WAW
alt-svc: h3=":443"; ma=86400
content-length: 1497

GET
H3 200 navi_officerecovery.gif
online.officerecovery.com/images/ 1 KB
2 KB 496ms
495ms Image
image/gif 104.17.158.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online.officerecovery.com/images/navi_officerecovery.gif
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.158.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 53e7c88853c2bd59d8a04e209c4085515c4fdab68a71000c41904a2f2c382720

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://online.officerecovery.com/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:15:52 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 24 Jan 2017 11:46:21 GMT
server: cloudflare
etag: "e0b2567b3776d21:0"
x-powered-by: ASP.NET
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
cf-ray: 87342c9bedc93bc3-WAW
alt-svc: h3=":443"; ma=86400
content-length: 1493

GET
H3 200 orcss.css
online.officerecovery.com/oronline/Content/ 1 KB
634 B 508ms
508ms Stylesheet
text/css 104.17.158.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/oronline/Content/orcss.css
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.158.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 56721ee2f48e9fcff20ff7b945d8a29669a40873f3271e034c105d2c707c80d9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://online.officerecovery.com/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:15:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 04 Mar 2021 14:50:13 GMT
server: cloudflare
etag: "80073ae511d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
accept-ranges: bytes
cf-ray: 87342c9f1a133bc3-WAW
alt-svc: h3=":443"; ma=86400
content-length: 386

GET
H3 200 ortab.css
online.officerecovery.com/oronline/Content/ 2 KB
964 B 507ms
507ms Stylesheet
text/css 104.17.158.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/oronline/Content/ortab.css
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.158.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cc6ab2698fdfcebeeee0493803c3bc1d31e2be10d6f6afd73d48faf0fa33a449

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://online.officerecovery.com/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:15:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 04 Mar 2021 14:50:13 GMT
server: cloudflare
etag: "80073ae511d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache
accept-ranges: bytes
cf-ray: 87342c9f3a423bc3-WAW
alt-svc: h3=":443"; ma=86400
content-length: 716

GET
H3 200 jquery-ui.css
online.officerecovery.com/oronline/Content/themes/base/ 34 KB
6 KB 476ms
475ms Stylesheet
text/css 104.17.158.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/oronline/Content/themes/base/jquery-ui.css
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.158.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8f7c8adcfbdd8352c8f60d012c71a25c76326374c3f726b511e8ef12c02dc991

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://online.officerecovery.com/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:15:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 04 Mar 2021 14:50:13 GMT
server: cloudflare
etag: W/"1a1b96ae511d71:0"
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/css
cache-control: no-cache
cf-ray: 87342ca07c1e3bc3-WAW
alt-svc: h3=":443"; ma=86400

GET
H2 200 in.js Show response
platform.linkedin.com/ 510 KB
160 KB 176ms
42ms Script
text/javascript 2606:2800:233:66b5:799a:7cd3:f74d:7071
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.linkedin.com/in.js

Requested by

Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CE6) /

Resource Hash

3296af2f1d392c963c2aba8f133acd3a9fa4177ef8cb1ec3a91e0d68e2a52e1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://online.officerecovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:15:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn-client-ip-version: IPV6
x-cdn: ECST
age: 2058
x-cache: HIT
x-cdn-proto: HTTP2
content-length: 163630
x-li-uuid: AAYV50S8zN8crcqhysRs6A==
last-modified: Fri, 12 Apr 2024 14:41:35 GMT
server: ECAcc (frc/4CE6)
x-li-pop: prod-lva1-x
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
x-li-fabric: prod-lva1
cache-control: public, max-age=3600
x-li-proto: http/1.1
accept-ranges: bytes
expires: Fri, 12 Apr 2024 15:41:35 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 182 KB
66 KB 141ms
55ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-558CRFM

Requested by

Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b3c6b845b09d32464e0b330de2b2d4100000ebdec420b66e088caac2a3c21eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://online.officerecovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:15:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66801
x-xss-protection: 0
last-modified: Fri, 12 Apr 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Apr 2024 15:15:53 GMT

GET
H2

200

asset_composer.js Show response
static.zdassets.com/ekr/ Frame 17C1
Redirect Chain

https://assets.zendesk.com/embeddable_framework/main.js
https://static.zdassets.com/ekr/asset_composer.js

10 KB
5 KB

171ms
61ms

Script
application/javascript

104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/asset_composer.js

Requested by

Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/

Protocol

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://online.officerecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Apr 2024 15:15:53 GMT
x-amz-version-id: KdUtYfTvhN3NWk63zbedRawrUoa4O1MG
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: QXYRDQMH5SBRN5TD
age: 48
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: FU+DL9L/xDzB2TG1uNTZGSiJeRlG1qucGQ22sxOAFhWLt6FQs/hl7a9z2bTe2H1UkJNjfPx3WAw=
last-modified: Mon, 15 Jan 2024 02:56:11 GMT
server: cloudflare
etag: W/"c0053b411b753138af468db1bd3b19f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ja6KCRN2iRvNONfiULI0gAoHHqtLM85%2FVTOuulF%2BILkfH3qbbpRPCdgJXrXZb0lBfKqjEFbRi2LLwg1%2B4Ur5AphfsnnUSoMidUT3qULLkRvD53YouEzL6%2FNkWArkqvoTZbXvLek%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=3600, s-maxage=60
access-control-max-age: 0
cf-ray: 87342ca22d9a8876-WAW
access-control-allow-headers: *

Redirect headers

date: Fri, 12 Apr 2024 15:15:53 GMT
strict-transport-security: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mWsLdQY4Yr%2F6tUbCTFmLdWRXGJ%2BMrDnO2Js6GCE%2Bt4Hd%2BnIi8uVgYqOOkDqwt3mzOUukIeItG%2FSpjK80Ku5DqLapZRfWXoFDNmrF2ukINsX92OxnojlyFnfRuavl9EBpVxPKBg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://static.zdassets.com/ekr/asset_composer.js
cache-control: max-age=3600
cf-ray: 87342ca1296e35be-WAW
expires: Fri, 12 Apr 2024 16:15:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
87 KB 58ms
58ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3EBVZ2DXGN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-558CRFM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6aaa2fb20772f55c1f77dcec54cb330221b3965c600afaac6019328ed659bdea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://online.officerecovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:15:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88555
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Apr 2024 15:15:53 GMT

GET
H3 200 GetTabsData Show response
online.officerecovery.com/oronline/Or/ 417 B
488 B 547ms
547ms XHR
text/html 104.17.158.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/oronline/Or/GetTabsData?pr=/de/&_=1712934953328
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/oronline/Scripts/jquery-1.4.4.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.158.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bc2f7e60f467c96ea572373949a32c362f98240ec207dd77ba99fd15ca5c4204

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: */*
Referer: https://online.officerecovery.com/de/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:15:53 GMT
content-encoding: gzip
x-aspnetmvc-version: 3.0
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: private
cf-ray: 87342ca26ea83bc3-WAW
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
region1.google-analytics.com/g/ 0
261 B 136ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3EBVZ2DXGN&gtm=45je44a0v9126940138z89129756552za200&_p=1712934952297&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1214017525.1712934953&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712934953&sct=1&seg=0&dl=https%3A%2F%2Fonline.officerecovery.com%2Fde%2F&dt=Besch%C3%A4digte%20Datei%20reparieren%20(word%2C%20excel%2C%20access%2C%20powerpoint%2C%20photo).%20Bezahlt%20und%20kostenlos%20Datei%20online%20reparieren%20-%20OfficeRecovery.com&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3257
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3EBVZ2DXGN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://online.officerecovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 15:15:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://online.officerecovery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 securedata.zendesk.com Show response
ekr.zdassets.com/compose/web_widget/ Frame 17C1 918 B
1 KB 353ms
248ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/web_widget/securedata.zendesk.com

Requested by

Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64ac100fad6f40660da50959588212ae382893201b3a36890f2a209b42972cdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://online.officerecovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:15:53 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 872abad88dba15af-SEA, 872abad88dba15af-SEA
x-runtime: 0.020487
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"64ac100fad6f40660da50959588212ae"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BhAqDHavWPKI6PNO68pWdtZ%2F3sCweAR4%2FdUmw1t865R9hZHuE4QZQuH6cTgDvlDf0BERWYs2jgTSfl4ga9La21MLY9IA0rXhSrh8DC3bYwyavYHnIY00NSDW30qOVWikWCA%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 87342ca34b5c70b4-WAW

GET
H3 200 / Show response
online.officerecovery.com/oronline/ 5 KB
2 KB 552ms
552ms XHR
text/html 104.17.158.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/oronline/?pr=/de/&_=1712934953697
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/oronline/Scripts/jquery-1.4.4.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.158.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3f394866bfbacd4b818447aef46ba59977289aa67e88533b8c62128e736c6a7a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: */*
Referer: https://online.officerecovery.com/de/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:15:54 GMT
content-encoding: gzip
x-aspnetmvc-version: 3.0
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: private
cf-ray: 87342ca4ba2f3bc3-WAW
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 254ms
40ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D3) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://online.officerecovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 15:15:53 GMT
Content-Encoding: gzip
Age: 107
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (frb/67D3)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 plusone.js Show response
apis.google.com/js/ 55 KB
21 KB 142ms
47ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cd977105a9aec4c87856b9c9cd1088a83f53288a77172a2ac84e574ad4b3c38

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://online.officerecovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 12 Apr 2024 15:15:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21304
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "2295f03556cbf763"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Apr 2024 15:15:53 GMT

GET
H2 200 mWdz4JV_RsA
www.youtube.com/embed/ Frame E83C 0
0 183ms
99ms Document
text/html 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/mWdz4JV_RsA?rel=0&autohide=1&showinfo=0

Requested by

Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://online.officerecovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Apr 2024 15:15:53 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 web-widget-main-7bc1c0f.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 7E53 969 KB
277 KB 63ms
63ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js

Requested by

Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f4ac95d1ab40c0d78d98acf1da862b901ce896b43f738c7b1731c986a612bf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:15:53 GMT
x-amz-version-id: _IYDenNVju8wHXIpAa8FJzBqmTlghdyK
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 64S1GV9HNQKB0DVA
age: 75
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: ldH41+NY0+fYAgvbqFIJmvudIE2j/SxzaKSwKqxB3P/vSWpJ08HqoFV2mSP6KWgMbK8lgvcvTvmD4moNqUmffw==
last-modified: Mon, 08 Apr 2024 13:46:13 GMT
server: cloudflare
etag: W/"3784cf5e1ddd3a68e335f3bb4a5e2fcd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rMWSCjtMvBHr91%2BCO1PKLqpHXBUIBiWHFeRioZ0snxCHToSYv2WlbkOS%2F7dTkQw%2FB8m8bXO8BuNW5tRkhYClekngsVxuH93RfjiCX3zBTg7Gwo9NkuOiG30z9YprstM%2FrzlFcMo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 87342ca4f98a8876-WAW
access-control-allow-headers: *
expires: Tue, 08 Apr 2025 13:46:12 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.-N67K4ZqcbY.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_gtfHin_QEh95VEMb_GlSMKA87MQ/ 157 KB
55 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.-N67K4ZqcbY.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_gtfHin_QEh95VEMb_GlSMKA87MQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f39b50178049c1c98694c76d6221cd6d035f9f4902153d445e3f5698dd61c74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://online.officerecovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 17:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55825
x-xss-protection: 0
last-modified: Sun, 31 Mar 2024 15:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Apr 2025 17:08:29 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.-N67K4ZqcbY.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_gtfHin_QEh95VEMb_GlSMKA87MQ/ 100 KB
35 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.-N67K4ZqcbY.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_gtfHin_QEh95VEMb_GlSMKA87MQ/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5960ef8b6f636b3ac484de9d795d819026ca03c562bcaf6cf4d53cfa56565ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://online.officerecovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 17:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79614
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35271
x-xss-protection: 0
last-modified: Sun, 31 Mar 2024 15:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Apr 2025 17:08:59 GMT

GET fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame 2269 0
0

GET
H2 200 en-us-json-7bc1c0f.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 7E53 25 KB
6 KB 64ms
64ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-7bc1c0f.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:15:54 GMT
x-amz-version-id: LLNIVxZ_bojnmbOmqAvI_43_VNrKfel_
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DKWT4SJ3NP0VX855
age: 99041
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: W9B1SBtAeKjZ8kR3+2GgpY7yqrRwEUd74ifS+fdKkR32Prbx0bEwMeNV6dGVRlF6Cg02ybWPMLk=
last-modified: Mon, 08 Apr 2024 13:46:15 GMT
server: cloudflare
etag: W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WljqinmFmmaXEeYedqQ8wXCnbpPmOBUyK%2BLsnCo%2BjL7i7m6Rx60zUu4HuMsr4nl4hVs5MgllefIgl3xqBpiitnSESHQe4XkJxNqYnme%2FHpPdDZZZqa4rC7ZVx%2F4GYMzgoIUae9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 87342ca66ba08876-WAW
access-control-allow-headers: *
expires: Tue, 08 Apr 2025 13:46:13 GMT

GET
H2 200 config Show response
securedata.zendesk.com/embeddable/ Frame 7E53 572 B
1 KB 385ms
252ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securedata.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 801b36b05730e2c8d77451ba502479a071da62dc8c4fa1159c5ecaa83e78738d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:15:54 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-7b64b5d8-bkvjj
x-cached: MISS
x-runtime: 0.002513
last-modified: Fri, 12 Apr 2024 15:11:49 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H4wrf6syv%2B45ffsXDJ0yVpS6Pz%2Fs%2FPEZIYo%2F7H7sY9AejkwhuPxZEZc1zupwBxIDlfyvv2bNok9Yv010CMClO8FRZYrKnZzkGTFGOu3fufCCrKYCqRalIdtJOV4wBPPABI%2FbSvN0XSc%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 87342ca73ca2c008-WAW

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame A3CF 0
0 164ms
40ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fonline.officerecovery.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://online.officerecovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1592623
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Fri, 12 Apr 2024 15:15:54 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BA)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame 2E9D 0
0 153ms
51ms Document
text/html 2a00:1450:400c:c09::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fonline.officerecovery.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.-N67K4ZqcbY.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo_gtfHin_QEh95VEMb_GlSMKA87MQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.-N67K4ZqcbY.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_gtfHin_QEh95VEMb_GlSMKA87MQ/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-ji4FNuLtDu93whDS-lAcYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://online.officerecovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-ji4FNuLtDu93whDS-lAcYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-type: text/html; charset=utf-8
cross-origin-resource-policy: same-site
date: Fri, 12 Apr 2024 15:15:54 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 web-widget-chat-sdk-7bc1c0f.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 7E53 202 KB
51 KB 71ms
71ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-7bc1c0f.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:15:54 GMT
x-amz-version-id: PnwdCuJviouphoOKkGhIayUUaC4tYXWL
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 7P01XWB44YSSFFP5
age: 99044
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: XxQ8S/lBv1OtyK14Vkg8IAF2w1ME0kGwFoL/pkM7jEvNEGJZFHeFeFmAEaVODwS7Try+N51fJGM=
last-modified: Mon, 08 Apr 2024 13:46:13 GMT
server: cloudflare
etag: W/"b8284a4b45e40625c2b90a641ebe4a68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7LyX6eVPkrx929N1jVWOdRrX9G%2BwM9ajzNFoTed7ZoX4WlZ%2FMe8lSv8E%2FFrChzGsGyu92HRhtwfnW6TplsNhzYH2frZ3VK9PqccB94q7atN%2BmW5d7I3C86fvikvYbiw%2FE8a1Zvw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 87342ca6ec3e8876-WAW
access-control-allow-headers: *
expires: Tue, 08 Apr 2025 13:46:12 GMT

POST
H3 200 IsJavaScriptSupported Show response
online.officerecovery.com/oronline/Or/ 0
254 B 503ms
502ms XHR
text/plain 104.17.158.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/oronline/Or/IsJavaScriptSupported
Requested by: Host: online.officerecovery.com
URL: https://online.officerecovery.com/oronline/Scripts/jquery-1.4.4.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.158.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: */*
Referer: https://online.officerecovery.com/de/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:15:54 GMT
x-aspnetmvc-version: 3.0
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/plain; charset=UTF-8
cache-control: private
cf-ray: 87342ca82ec33bc3-WAW
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 web-widget-chat-incoming-message-notification-7bc1c0f.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 7E53 236 B
814 B 62ms
62ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-7bc1c0f.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:15:54 GMT
x-amz-version-id: Lm_gk05VN5DG3iiQELVQYeeCHNOGOA_r
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: XFADR46K4TGX035H
age: 99043
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: R3PecKyMJCGDs4JT2rQH8kobx+xe4PmFL3bhxKf2ufYIH8AcJNe/MKDfH2LJ2tMd1M/EVwVYdpk=
last-modified: Mon, 08 Apr 2024 13:46:13 GMT
server: cloudflare
etag: W/"77bb07ca171e3ff2b72a7dafa7822bc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2BTjhsRjKGjnopeUX6GgGdzrBcG0OXVAnbAGzvoGc9KcfmvIXEgx2o4a3h2i8lchVDZ6Obz4nMdWp1IzxGK2lZr1rBjmnSzc9yInqD%2BlkuV8QI7M5PiHoWCpDw9llfQWxjxoLp0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 87342ca928a48876-WAW
access-control-allow-headers: *
expires: Tue, 08 Apr 2025 13:46:12 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame 7E53 19 KB
20 KB 65ms
65ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3

Requested by

Host: online.officerecovery.com
URL: https://online.officerecovery.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:15:54 GMT
x-amz-version-id: Kl.biZfM8rz6re2aS0glnDheA8R9Dmfl
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: KH5VE2Z70ZGQ75A2
age: 3063031
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: LqweHRijvBdbgWotLxDeNcs9Lz6cG09nTN1pbS7TIlVP/kJbpnlLrkq/B74CU90UTxSTSp+E3xk=
last-modified: Wed, 29 Nov 2023 08:06:43 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b3l3ZJHj69YaVfdm59q8ySqMAnEGEA73bJ7%2B8S0jHtJsjpXdXI6vuM4kuDAF7XGAkU%2Fn6%2F4GMwAEcTI6JIQa7C6E3uyyhpTbA5oeSuPVO2jxDvSziqFZ7uwGQjJiGRlHlliwAf4%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 87342cab2ba58876-WAW
access-control-allow-headers: *
expires: Thu, 28 Nov 2024 08:06:42 GMT

GET
H/1.1 200
OK button.856debeac157d9669cf51e73a08fbc93.js Show response
platform.twitter.com/js/ 8 KB
3 KB 41ms
40ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D3) /
Resource Hash: 426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://online.officerecovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 15:15:54 GMT
Content-Encoding: gzip
Age: 1602590
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2620
Last-Modified: Mon, 11 Dec 2023 17:19:47 GMT
Server: ECS (frb/67D3)
Etag: "fdf02dd038ed38dbf3c240d56262af0c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H3 200 favicon.ico
online.officerecovery.com/images/ 11 KB
2 KB 502ms
502ms Other
image/x-icon 104.17.158.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://online.officerecovery.com/images/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.158.181 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e2513d48c0e01a982f25830a9b4f28ada57e32d17aa697e3343826ccb7edff33

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://online.officerecovery.com/de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 15:15:55 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 24 Jan 2017 11:46:20 GMT
server: cloudflare
etag: W/"c03bcb7a3776d21:0"
x-powered-by: ASP.NET
content-type: image/x-icon
cf-ray: 87342cac5cc23bc3-WAW
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
platform.twitter.com/widgets/ Frame BEB7 0
0 40ms
39ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6763) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://online.officerecovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1602579
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 12332
Content-Type: text/html; charset=utf-8
Date: Fri, 12 Apr 2024 15:15:54 GMT
Etag: "e29e65db7bf0a096587728e1faacfd9c+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:48 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6763)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
292 B 311ms
144ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fonline.officerecovery.com%2Fde%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1712934954935%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=25dee86cd5f1b7af65687e061fca226672a8c821

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://online.officerecovery.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 105
date: Fri, 12 Apr 2024 15:15:54 GMT
strict-transport-security: max-age=631138519
last-modified: Fri, 12 Apr 2024 15:15:55 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: f42940701164968f
cache-control: must-revalidate, max-age=600
perf: 7402827104
x-connection-hash: ca4dade3c736f6b32a6e029420a8c87a2aa1228b86bcb0b727bdf88163938fa1
content-length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&annotation=none&origin=https%3A%2F%2Fonline.officerecovery.com&url=https%3A%2F%2Fonline.officerecovery.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.-N67K4ZqcbY.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo_gtfHin_QEh95VEMb_GlSMKA87MQ%2Fm%3D__features__

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
online.officerecovery.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: jdstfu3hur29tetnbt9av7h684
online.officerecovery.com/	1970-01-20 19:50:21	Name: orlangpr Value: %2F
online.officerecovery.com/	1970-01-20 19:50:21	Name: orlang Value: de
online.officerecovery.com/	1970-01-20 19:50:21	Name: fblang Value: de_DE
online.officerecovery.com/	1969-12-31 23:59:59	Name: orcurtab Value: 0
.officerecovery.com/	1970-01-21 05:24:54	Name: _ga_3EBVZ2DXGN Value: GS1.1.1712934953.1.0.1712934953.0.0.0
.officerecovery.com/	1970-01-21 05:24:54	Name: _ga Value: GA1.1.1214017525.1712934953
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: --he9k0YdGY
.youtube.com/	1970-01-21 00:08:06	Name: VISITOR_INFO1_LIVE Value: _mxfnlrRVGE
.youtube.com/	1970-01-21 00:08:06	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgKA%3D%3D
online.officerecovery.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: juznhwhtv0e5w4ow5ddk220q
widget-mediator.zopim.com/	1970-01-20 19:58:59	Name: AWSALBCORS Value: /tMmBY9T3Yq42BVXkXjC3LPDhAnaavkM27sQvvRYO14dLasbdiX4kfcXinVVE2IoKvdszWmDruHFmfYXU+5+RC00G7NypeBr0hQLYXIoxSc+QuRIg8JuJLxUHsTt
.officerecovery.com/	1970-01-21 04:34:30	Name: __zlcmid Value: 1LFmdiWAK2lU7uk

25 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://online.officerecovery.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online.officerecovery.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online.officerecovery.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online.officerecovery.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online.officerecovery.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online.officerecovery.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online.officerecovery.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online.officerecovery.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online.officerecovery.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online.officerecovery.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online.officerecovery.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online.officerecovery.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://apis.google.com/js/plusone.js(Line 62) Message: Mixed Content: The page at 'https://online.officerecovery.com/de/' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I0_1712934953875&_gfid=I0_1712934953875&parent=https%3A%2F%2Fonline.officerecovery.com&pfname=&rpctoken=20256924'. This request has been blocked; the content must be served over HTTPS.
other	warning	URL: https://online.officerecovery.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online.officerecovery.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online.officerecovery.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online.officerecovery.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online.officerecovery.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online.officerecovery.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online.officerecovery.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online.officerecovery.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online.officerecovery.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online.officerecovery.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online.officerecovery.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://online.officerecovery.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
assets.zendesk.com
ekr.zdassets.com
online.officerecovery.com
platform.linkedin.com
platform.twitter.com
region1.google-analytics.com
securedata.zendesk.com
static.zdassets.com
syndication.twitter.com
www.googletagmanager.com
www.youtube.com
apis.google.com
104.16.53.111
104.17.158.181
104.18.70.113
104.244.42.8
2001:4860:4802:34::36
2606:2800:233:66b5:799a:7cd3:f74d:7071
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:81c::200e
2a00:1450:4001:829::2008
2a00:1450:4001:82b::200e
2a00:1450:400c:c09::54
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
327d29643789f218395ff095d67b961952db48dc01dde148a556c810c1d49b35
3296af2f1d392c963c2aba8f133acd3a9fa4177ef8cb1ec3a91e0d68e2a52e1a
3f394866bfbacd4b818447aef46ba59977289aa67e88533b8c62128e736c6a7a
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
53e7c88853c2bd59d8a04e209c4085515c4fdab68a71000c41904a2f2c382720
56721ee2f48e9fcff20ff7b945d8a29669a40873f3271e034c105d2c707c80d9
5f39b50178049c1c98694c76d6221cd6d035f9f4902153d445e3f5698dd61c74
5f84816efbaa93e36648dca51e5c42736b6f109bb9c96b43e19a077acc06aa41
64ac100fad6f40660da50959588212ae382893201b3a36890f2a209b42972cdd
6aaa2fb20772f55c1f77dcec54cb330221b3965c600afaac6019328ed659bdea
6cd977105a9aec4c87856b9c9cd1088a83f53288a77172a2ac84e574ad4b3c38
7f4ac95d1ab40c0d78d98acf1da862b901ce896b43f738c7b1731c986a612bf4
801b36b05730e2c8d77451ba502479a071da62dc8c4fa1159c5ecaa83e78738d
8f7c8adcfbdd8352c8f60d012c71a25c76326374c3f726b511e8ef12c02dc991
92bb90fd2362485c9c9e83f35a9b5244fd6c5293f90fe19faa7860acdd38dfeb
965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5
a064c2db2689dbec285086e980f72e04aede8bbf85a6b9e8006415277d920c4b
a1eea811108ad228907c95c23624658c51bf3aee91647864117dd390fa44bd40
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
a72c24fd1b83ea4764c4d99c5c0df3d74eaec988d0ce4620b4dba760ec968ad9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b3c6b845b09d32464e0b330de2b2d4100000ebdec420b66e088caac2a3c21eb5
bc2f7e60f467c96ea572373949a32c362f98240ec207dd77ba99fd15ca5c4204
c98517e69c8e625e76d3f7e9d8cb64dd11ebbb0e4bfef31fd0f1bbdad0e3a942
cc6ab2698fdfcebeeee0493803c3bc1d31e2be10d6f6afd73d48faf0fa33a449
cd48dbf725908c4b2152a70da7610d7ff56c5f4c3aedecdacfa01cd71499d9fd
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
d59dc78f8955429cc22c38090561b3570f4424debc90fc8650880256561b7efc
e2513d48c0e01a982f25830a9b4f28ada57e32d17aa697e3343826ccb7edff33
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5960ef8b6f636b3ac484de9d795d819026ca03c562bcaf6cf4d53cfa56565ea

online.officerecovery.com Open in urlscan Pro 104.17.158.181 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

95 %HTTPS

64 %IPv6

9 Domains

13 Subdomains

12 IPs

4 Countries

929 kBTransfer

2975 kBSize

13 Cookies

14 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

online.officerecovery.com Open in urlscan Pro
104.17.158.181 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

95 %
HTTPS

64 %
IPv6

9
Domains

13
Subdomains

12
IPs

4
Countries

929 kB
Transfer

2975 kB
Size

13
Cookies

40 HTTP transactions
0 data transactions