urlscan.io logo urlscan.io
SecurityTrails logo

germandesk-stage.betterandmore.usermd.net Open in urlscan Pro
31.186.83.240  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.germandesk-stage.betterandmore.usermd.net/
Effective URL: https://germandesk-stage.betterandmore.usermd.net/
Submission: On August 22 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 49 HTTP transactions. The main IP is 31.186.83.240, located in Częstochowa, Poland and belongs to ECO-ATMAN-PL ECO-ATMAN-, PL. The main domain is germandesk-stage.betterandmore.usermd.net.
TLS certificate: Issued by R3 on June 23rd 2021. Valid for: 3 months.
This is the only time germandesk-stage.betterandmore.usermd.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 31.186.83.240 57367 (ECO-ATMAN...)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:303... 13335 (CLOUDFLAR...)
17 212.85.110.149 12824 (HOMEPL-AS)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
49 8
9    31.186.83.240 (Częstochowa, Poland)

ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL)
PTR: web35.mydevil.net
www.germandesk-stage.betterandmore.usermd.net
germandesk-stage.betterandmore.usermd.net
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
17    212.85.110.149 (Poland)

ASN12824 (HOMEPL-AS, PL)
PTR: cloudserver003705.home.pl
germandesk.ssw.solutions
6    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
17 germandesk.ssw.solutions germandesk-stage.betterandmore.usermd.net
9 www.gstatic.com germandesk-stage.betterandmore.usermd.net
www.google.com
www.gstatic.com
8 germandesk-stage.betterandmore.usermd.net germandesk-stage.betterandmore.usermd.net
6 www.google.com germandesk-stage.betterandmore.usermd.net
www.gstatic.com
www.google.com
4 use.fontawesome.com germandesk-stage.betterandmore.usermd.net
use.fontawesome.com
2 fonts.gstatic.com www.google.com
2 www.google-analytics.com germandesk-stage.betterandmore.usermd.net
www.google-analytics.com
1 www.googletagmanager.com germandesk-stage.betterandmore.usermd.net
1 www.germandesk-stage.betterandmore.usermd.net 1 redirects
49 9

This site contains links to these domains. Also see Links.

Domain
ssw.solutions
www.linkedin.com
www.facebook.com
twitter.com
www.youtube.com
Subject Issuer Validity Valid
germandesk-stage.betterandmore.usermd.net
R3		 2021-06-23 -
2021-09-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
*.ssw.solutions
Certyfikat SSL		 2020-12-08 -
2021-12-08		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://germandesk-stage.betterandmore.usermd.net/
Frame ID: 585B60AFC90640E42E246A4E73D2ADF8
Requests: 35 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI&co=aHR0cDovL2xvY2FsaG9zdDo4MDAw&hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&size=invisible&cb=ah8ay9hh094b
Frame ID: 11096D8D76D156A2E85B0C9BDF53EEC5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI&co=aHR0cHM6Ly9nZXJtYW5kZXNrLXN0YWdlLmJldHRlcmFuZG1vcmUudXNlcm1kLm5ldDo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=e9adru3yk6bp
Frame ID: 9BEA3C2771355FCBD8F63C39A6F4E7F8
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI&cb=q6hjk3yb5wkr
Frame ID: 7FEE43C3F4F98716AC172C800AEA86EF
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

German Desk

Page URL History Show full URLs

  1. https://www.germandesk-stage.betterandmore.usermd.net/ HTTP 301
    https://germandesk-stage.betterandmore.usermd.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-v(?:ue)-/i
Overall confidence: 100%
Detected patterns
  • html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

49
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

4100 kB
Transfer

5035 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.germandesk-stage.betterandmore.usermd.net/ HTTP 301
    https://germandesk-stage.betterandmore.usermd.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
germandesk-stage.betterandmore.usermd.net/
Redirect Chain
  • https://www.germandesk-stage.betterandmore.usermd.net/
  • https://germandesk-stage.betterandmore.usermd.net/
18 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://germandesk-stage.betterandmore.usermd.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.186.83.240 Częstochowa, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
web35.mydevil.net
Software
nginx /
Resource Hash
a5cdd09703cf3b8facd438f6ed9952f4f756fb4c5d7b3b860e86b3bd03e006a1

Request headers

:method
GET
:authority
germandesk-stage.betterandmore.usermd.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Sun, 22 Aug 2021 21:03:19 GMT
content-type
text/html
content-length
18603
accept-ranges
bytes bytes
last-modified
Thu, 21 Nov 2019 11:14:00 GMT
etag
"5dd67178-48ab"

Redirect headers

server
nginx
date
Sun, 22 Aug 2021 21:03:18 GMT
content-type
text/html; charset=iso-8859-1
content-length
258
location
https://germandesk-stage.betterandmore.usermd.net/
app.d2227b8f.css
germandesk-stage.betterandmore.usermd.net/css/ 		210 KB
211 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://germandesk-stage.betterandmore.usermd.net/css/app.d2227b8f.css
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.186.83.240 Częstochowa, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
web35.mydevil.net
Software
nginx /
Resource Hash
898d616cb805a82bc8a97d90ff5c5a253e561020d7d4d5ef7bcf654cb16862ba

Request headers

:path
/css/app.d2227b8f.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
germandesk-stage.betterandmore.usermd.net
referer
https://germandesk-stage.betterandmore.usermd.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:19 GMT
last-modified
Thu, 21 Nov 2019 11:14:03 GMT
server
nginx
accept-ranges
bytes bytes
etag
"5dd6717b-34980"
content-length
215424
content-type
text/css
app.c415369e.js
germandesk-stage.betterandmore.usermd.net/js/ 		43 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://germandesk-stage.betterandmore.usermd.net/js/app.c415369e.js
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.186.83.240 Częstochowa, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
web35.mydevil.net
Software
nginx /
Resource Hash
2db3c0fae132ffc345ee38147dbf4a040623cda9532c79e3d5a7cb6dc28cecee

Request headers

:path
/js/app.c415369e.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
germandesk-stage.betterandmore.usermd.net
referer
https://germandesk-stage.betterandmore.usermd.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:19 GMT
last-modified
Thu, 21 Nov 2019 11:14:01 GMT
server
nginx
accept-ranges
bytes bytes
etag
"5dd67179-ade8"
content-length
44520
content-type
application/javascript
chunk-vendors.b4e274a6.js
germandesk-stage.betterandmore.usermd.net/js/ 		212 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://germandesk-stage.betterandmore.usermd.net/js/chunk-vendors.b4e274a6.js
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.186.83.240 Częstochowa, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
web35.mydevil.net
Software
nginx /
Resource Hash
2aeae3c08e1fcf08eabcdef5815e3e140a227f367ba1381a02d32e9774d4e113

Request headers

:path
/js/chunk-vendors.b4e274a6.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
germandesk-stage.betterandmore.usermd.net
referer
https://germandesk-stage.betterandmore.usermd.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:19 GMT
last-modified
Thu, 21 Nov 2019 11:14:01 GMT
server
nginx
accept-ranges
bytes bytes
etag
"5dd67179-34f65"
content-length
216933
content-type
application/javascript
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
5205
date
Sun, 22 Aug 2021 19:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Sun, 22 Aug 2021 21:36:34 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/recaptcha__en.js
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
js
www.googletagmanager.com/gtag/ 		101 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-149144381-1
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1ad3b6067756b27c2313727c519d5ffbc5343c5f02f2b01838160f7de20ffa3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:19 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41044
x-xss-protection
0
expires
Sun, 22 Aug 2021 21:03:19 GMT
83dd579dd9.js
use.fontawesome.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/83dd579dd9.js
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e4cc5e3ab53af3f3b60b4512d47d58a1aa2c3d1f7d900c24574e07e5a850bf0

Request headers

Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:19 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
RFNRHX6X6XD22XT0
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2
2QUEApt4H84/70ma2/MNJIczGKTCL4/oCD+J9vGhcqCke1E5PJFbNvWohDNhO0XH7hwmwH9He+g=
last-modified
Wed, 30 Jun 2021 21:25:17 GMT
server
cloudflare
etag
W/"2a7aaf8282d2953f3fecd9c1117b6df2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uwHEHyJcNG9%2BiLibaSCOmdMU0C%2BtjleurncaBcDoc2YZEATgxBjL3ZYEo4wu%2FBmefyOsJVkA3qqglK1egblde9xfXQ08gkzMFHaFXEzeS%2FkHe7lFFep0gU90E%2FKUGrjcE%2FpzUcSswC1Ay9tvE2Y%2BHPbo"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
682f0c0f5c5dc2c7-FRA
83dd579dd9.css
use.fontawesome.com/ 		1 KB
768 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/83dd579dd9.css
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaf26fd060fb1a9d070291457b63a8857c7f515a74d8bc91fb13264457815f97

Request headers

Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:19 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
RFNT2EWSD17489Z1
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2
wCPViTOb+rz/vg4I/kTYp/4BNqa2mxRFFFh+lUTlrT/cW1mqlVXgQbohJ/aTPBFhmXih+VMHk88=
last-modified
Wed, 30 Jun 2021 21:25:17 GMT
server
cloudflare
etag
W/"8e79b8ed51b7b735bab4082d45e090af"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMJYYkB0sqGPwriNvE3wQTduTsu53vzAzrfhJYV5NtCy%2FCBspH3RbPN6UBwmxW8tjqXtwpTWPza3vXkJkZB1B9BavfSpPmGiQX0BYbo3%2Fm3QG1bRmqE%2BVA2WhtRKPGol7mk9E%2FAQlyl96vUdODoZ%2B8%2FH"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
682f0c0f5c5cc2c7-FRA
SSW_LOGO.19aca0eb.png
germandesk-stage.betterandmore.usermd.net/img/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://germandesk-stage.betterandmore.usermd.net/img/SSW_LOGO.19aca0eb.png
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.186.83.240 Częstochowa, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
web35.mydevil.net
Software
nginx /
Resource Hash
d5b5f66d154d5d6ca599756847df6272d35626e12336b453cf9e45e7f07a1c06

Request headers

:path
/img/SSW_LOGO.19aca0eb.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
germandesk-stage.betterandmore.usermd.net
referer
https://germandesk-stage.betterandmore.usermd.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:19 GMT
last-modified
Thu, 21 Nov 2019 11:14:03 GMT
server
nginx
accept-ranges
bytes bytes
etag
"5dd6717b-640b"
content-length
25611
content-type
image/png
DSC_6128-3-1.jpg
germandesk.ssw.solutions/cms/app/uploads/2019/10/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://germandesk.ssw.solutions/cms/app/uploads/2019/10/DSC_6128-3-1.jpg
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.85.110.149 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver003705.home.pl
Software
IdeaWebServer/3.0.0 /
Resource Hash
22e2c9acf88843b258fedb48dc6296e1781561261f2546d441e225db4a166286

Request headers

Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:19 GMT
last-modified
Wed, 09 Oct 2019 13:22:32 GMT
server
IdeaWebServer/3.0.0
content-length
111192
content-type
image/jpeg
DSC_53751.jpg
germandesk.ssw.solutions/cms/app/uploads/2019/10/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://germandesk.ssw.solutions/cms/app/uploads/2019/10/DSC_53751.jpg
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.85.110.149 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver003705.home.pl
Software
IdeaWebServer/3.0.0 /
Resource Hash
59620dd4e9d463f7cc3bb7f5e7bbeb556557ccc63ff505f7a78cbcf5dbf541c4

Request headers

Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:19 GMT
last-modified
Wed, 09 Oct 2019 13:22:31 GMT
server
IdeaWebServer/3.0.0
content-length
22745
content-type
image/jpeg
law-tax-min.png
germandesk.ssw.solutions/cms/app/uploads/2019/10/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://germandesk.ssw.solutions/cms/app/uploads/2019/10/law-tax-min.png
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.85.110.149 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver003705.home.pl
Software
IdeaWebServer/3.0.0 /
Resource Hash
b3d212f7198d9c4ca8425a0c4221bcf2974f10ad071699a03e66c43959725df3

Request headers

Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:19 GMT
last-modified
Wed, 09 Oct 2019 13:22:38 GMT
server
IdeaWebServer/3.0.0
content-length
38470
content-type
image/png
NIERUCHOMOSCI-min.png
germandesk.ssw.solutions/cms/app/uploads/2019/10/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://germandesk.ssw.solutions/cms/app/uploads/2019/10/NIERUCHOMOSCI-min.png
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.85.110.149 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver003705.home.pl
Software
IdeaWebServer/3.0.0 /
Resource Hash
1fcf0cc6fd64cc0ed650a8106606ca3aebd5a128f92618d168c12361b38ffe63

Request headers

Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:19 GMT
last-modified
Wed, 09 Oct 2019 13:22:39 GMT
server
IdeaWebServer/3.0.0
content-length
30645
content-type
image/png
ENERGETYKA_SUROWCE-min.png
germandesk.ssw.solutions/cms/app/uploads/2019/10/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://germandesk.ssw.solutions/cms/app/uploads/2019/10/ENERGETYKA_SUROWCE-min.png
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.85.110.149 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver003705.home.pl
Software
IdeaWebServer/3.0.0 /
Resource Hash
488ff827bc8c95f2cdf35560eaff4bdf3873add49c91dc248c7d53a4fac97e61

Request headers

Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:19 GMT
last-modified
Wed, 09 Oct 2019 13:22:32 GMT
server
IdeaWebServer/3.0.0
content-length
35999
content-type
image/png
api.js
www.google.com/recaptcha/ 		916 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
54585b3c269c10e8d4420a790229c5223cb6797580dce5e2decf22385c4b0538
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
583
x-xss-protection
1; mode=block
expires
Sun, 22 Aug 2021 21:03:19 GMT
anchor
www.google.com/recaptcha/api2/ Frame 1109 		40 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI&co=aHR0cDovL2xvY2FsaG9zdDo4MDAw&hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&size=invisible&cb=ah8ay9hh094b
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b71c6ca7f0195b71b3c8e62345fc1285cb3dfec4af5053f5d3a06aee6003cb5e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rMf+2sOLYMlY2sYucdHhDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI&co=aHR0cDovL2xvY2FsaG9zdDo4MDAw&hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&size=invisible&cb=ah8ay9hh094b
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://germandesk-stage.betterandmore.usermd.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://germandesk-stage.betterandmore.usermd.net/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 22 Aug 2021 21:03:19 GMT
content-security-policy
script-src 'report-sample' 'nonce-rMf+2sOLYMlY2sYucdHhDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
21023
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GERMAN-DESK.mp4
germandesk.ssw.solutions/cms/app/uploads/2019/10/ 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://germandesk.ssw.solutions/cms/app/uploads/2019/10/GERMAN-DESK.mp4
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.85.110.149 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver003705.home.pl
Software
IdeaWebServer/3.0.0 /
Resource Hash
8cbeb78cd2c06384cb6918ce049270c140abd51a21e20bea252a6f6f58f572b7

Request headers

Referer
https://germandesk-stage.betterandmore.usermd.net/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1942709/1942710
date
Sun, 22 Aug 2021 21:03:19 GMT
last-modified
Wed, 09 Oct 2019 13:22:41 GMT
server
IdeaWebServer/3.0.0
Content-Length
1942710
content-type
video/mp4
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/83dd579dd9.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Referer
https://use.fontawesome.com/83dd579dd9.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4064156
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
BVYNR017DZMX3ZD5
x-amz-id-2
QGjj4hxJUhuaeVUZXRjN85iZvcJa67QWP4rmwsnDS8rLQDMUxrDVFqF/Bir2ZYZv+FIyO3nBxiU=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
W/"36082410df2ef7f83932219089dc1443"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCcRy%2FCvtDQxEo2dlO4gUn7i3pv1bNsWdx24DHQtehYW%2Byukb6fI9oF4ImP3uJNV5ryrA4Lwp8FuvZOvrfhMYE5%2Fkis9MUC%2Bt21jll%2BhlA%2BSn8Pspd3BM6ZINi%2BJR9Ajrv6tn8pPSJ3xDxBaidf%2FA7hv"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
682f0c10ff7a1f15-FRA
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ 		340 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=vueRecaptchaApiLoaded&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b168b017f9db602024341f3e4fce6b102b26e59a60f2ee8f6083b86f83e58c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://germandesk-stage.betterandmore.usermd.net
Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 15:59:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18251
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135293
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 04:14:16 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 Aug 2022 15:59:08 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/ Frame 1109 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI&co=aHR0cDovL2xvY2FsaG9zdDo4MDAw&hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&size=invisible&cb=ah8ay9hh094b
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
recaptcha__en.js
www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/ Frame 1109 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI&co=aHR0cDovL2xvY2FsaG9zdDo4MDAw&hl=en&v=75nbHAdFrusJCwoMVGTXoHoM&size=invisible&cb=ah8ay9hh094b
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
GD_1.jpg
germandesk.ssw.solutions/cms/app/uploads/2019/10/ 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://germandesk.ssw.solutions/cms/app/uploads/2019/10/GD_1.jpg
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.85.110.149 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver003705.home.pl
Software
IdeaWebServer/3.0.0 /
Resource Hash
904a751f7dcc2ef28eeeed0b47f91bdc0662382b793360269daa5340e8de240e

Request headers

Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:19 GMT
last-modified
Wed, 09 Oct 2019 13:22:34 GMT
server
IdeaWebServer/3.0.0
content-length
110216
content-type
image/jpeg
GD_2-2.jpg
germandesk.ssw.solutions/cms/app/uploads/2019/10/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://germandesk.ssw.solutions/cms/app/uploads/2019/10/GD_2-2.jpg
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.85.110.149 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver003705.home.pl
Software
IdeaWebServer/3.0.0 /
Resource Hash
c9b1e72374575097ad9b61b91f0e6db4e377873d6c9b000d9f417599f746eac6

Request headers

Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:19 GMT
last-modified
Fri, 11 Oct 2019 07:56:37 GMT
server
IdeaWebServer/3.0.0
content-length
90271
content-type
image/jpeg
Gilroy-Light.c62aded7.otf
germandesk-stage.betterandmore.usermd.net/fonts/ 		53 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://germandesk-stage.betterandmore.usermd.net/fonts/Gilroy-Light.c62aded7.otf
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/css/app.d2227b8f.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.186.83.240 Częstochowa, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
web35.mydevil.net
Software
nginx /
Resource Hash
de1f8bbfdc696bb3144eff382064122aaadf21924f366d88db1106012efeaee1

Request headers

:path
/fonts/Gilroy-Light.c62aded7.otf
pragma
no-cache
origin
https://germandesk-stage.betterandmore.usermd.net
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
germandesk-stage.betterandmore.usermd.net
referer
https://germandesk-stage.betterandmore.usermd.net/css/app.d2227b8f.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://germandesk-stage.betterandmore.usermd.net
Referer
https://germandesk-stage.betterandmore.usermd.net/css/app.d2227b8f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:19 GMT
last-modified
Thu, 21 Nov 2019 11:14:04 GMT
server
nginx
accept-ranges
bytes bytes
etag
"5dd6717c-d5b0"
content-length
54704
content-type
font/otf
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/83dd579dd9.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin
https://germandesk-stage.betterandmore.usermd.net
Referer
https://use.fontawesome.com/83dd579dd9.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:19 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
RFNGD0X7W4SE00BX
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
77160
x-amz-id-2
3Jy3MlEXFoujhByURU3e7DVWoTmbFGWZ72TB/MhmWswspz4A6LqAtP82T3+2XrPBQUF+8yhCIV8=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKaFSp%2Fc77BxqgjEBYbpkgCu9f3o4A9aK347mJDn8tjjerfAJgRlDciBSfPae5YU0V9yC4pE1A38tG6%2FxSAQjLjJzcgzqs9%2BWHE0yMXQ%2BfenmksVcd1U1KHfCL2DeLqzoK2AsU3Frpj3IjKfw6d%2B4XB%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
682f0c113bb00629-FRA
Gilroy-ExtraBold.0f6e082f.otf
germandesk-stage.betterandmore.usermd.net/fonts/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://germandesk-stage.betterandmore.usermd.net/fonts/Gilroy-ExtraBold.0f6e082f.otf
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/css/app.d2227b8f.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.186.83.240 Częstochowa, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
web35.mydevil.net
Software
nginx /
Resource Hash
78c530ab1837ec31c93f8b0c8060a103dcae39b7f2c15ad44a860e495064d363

Request headers

:path
/fonts/Gilroy-ExtraBold.0f6e082f.otf
pragma
no-cache
origin
https://germandesk-stage.betterandmore.usermd.net
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
germandesk-stage.betterandmore.usermd.net
referer
https://germandesk-stage.betterandmore.usermd.net/css/app.d2227b8f.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://germandesk-stage.betterandmore.usermd.net
Referer
https://germandesk-stage.betterandmore.usermd.net/css/app.d2227b8f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:19 GMT
last-modified
Thu, 21 Nov 2019 11:14:04 GMT
server
nginx
accept-ranges
bytes bytes
etag
"5dd6717c-d6ac"
content-length
54956
content-type
font/otf
content
germandesk.ssw.solutions/cms/wp-json/better-api/v1/ 		33 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://germandesk.ssw.solutions/cms/wp-json/better-api/v1/content
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/js/chunk-vendors.b4e274a6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.85.110.149 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver003705.home.pl
Software
IdeaWebServer/3.0.0 /
Resource Hash
864d572ae928872098ace5a26fd2e019beda046094d00e9c91a73b220f501ed5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:26 GMT
content-encoding
gzip
allow
GET
server
IdeaWebServer/3.0.0
access-control-allow-headers
Authorization, Content-Type
vary
Origin
access-control-allow-methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://germandesk-stage.betterandmore.usermd.net
access-control-expose-headers
X-WP-Total, X-WP-TotalPages
access-control-allow-credentials
true
x-robots-tag
noindex
link
<https://germandesk.ssw.solutions/cms/wp-json/>; rel="https://api.w.org/"
x-content-type-options
nosniff
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1345474289&t=pageview&_s=1&dl=https%3A%2F%2Fgermandesk-stage.betterandmore.usermd.net%2F&ul=en-us&de=UTF-8&dt=German%20Desk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAUABEAAAAC~&jid=1320939111&gjid=1505990030&cid=242831309.1629666199&tid=UA-149144381-1&_gid=648959501.1629666199&_r=1&gtm=2ou8i0&z=2130202998
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 Aug 2021 21:03:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://germandesk-stage.betterandmore.usermd.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
SSW_LOGO.19aca0eb.png
germandesk-stage.betterandmore.usermd.net/img/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://germandesk-stage.betterandmore.usermd.net/img/SSW_LOGO.19aca0eb.png
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/js/chunk-vendors.b4e274a6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.186.83.240 Częstochowa, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
web35.mydevil.net
Software
nginx /
Resource Hash
d5b5f66d154d5d6ca599756847df6272d35626e12336b453cf9e45e7f07a1c06

Request headers

:path
/img/SSW_LOGO.19aca0eb.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
germandesk-stage.betterandmore.usermd.net
referer
https://germandesk-stage.betterandmore.usermd.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:26 GMT
last-modified
Thu, 21 Nov 2019 11:14:03 GMT
server
nginx
accept-ranges
bytes bytes
etag
"5dd6717b-640b"
content-length
25611
content-type
image/png
DSC_6128-3-1.jpg
germandesk.ssw.solutions/cms/app/uploads/2019/10/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://germandesk.ssw.solutions/cms/app/uploads/2019/10/DSC_6128-3-1.jpg
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/js/chunk-vendors.b4e274a6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.85.110.149 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver003705.home.pl
Software
IdeaWebServer/3.0.0 /
Resource Hash
22e2c9acf88843b258fedb48dc6296e1781561261f2546d441e225db4a166286

Request headers

Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:26 GMT
last-modified
Wed, 09 Oct 2019 13:22:32 GMT
server
IdeaWebServer/3.0.0
content-length
111192
content-type
image/jpeg
DSC_53751.jpg
germandesk.ssw.solutions/cms/app/uploads/2019/10/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://germandesk.ssw.solutions/cms/app/uploads/2019/10/DSC_53751.jpg
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/js/chunk-vendors.b4e274a6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.85.110.149 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver003705.home.pl
Software
IdeaWebServer/3.0.0 /
Resource Hash
59620dd4e9d463f7cc3bb7f5e7bbeb556557ccc63ff505f7a78cbcf5dbf541c4

Request headers

Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:26 GMT
last-modified
Wed, 09 Oct 2019 13:22:31 GMT
server
IdeaWebServer/3.0.0
content-length
22745
content-type
image/jpeg
law-tax-min.png
germandesk.ssw.solutions/cms/app/uploads/2019/10/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://germandesk.ssw.solutions/cms/app/uploads/2019/10/law-tax-min.png
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/js/chunk-vendors.b4e274a6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.85.110.149 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver003705.home.pl
Software
IdeaWebServer/3.0.0 /
Resource Hash
b3d212f7198d9c4ca8425a0c4221bcf2974f10ad071699a03e66c43959725df3

Request headers

Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:26 GMT
last-modified
Wed, 09 Oct 2019 13:22:38 GMT
server
IdeaWebServer/3.0.0
content-length
38470
content-type
image/png
NIERUCHOMOSCI-min.png
germandesk.ssw.solutions/cms/app/uploads/2019/10/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://germandesk.ssw.solutions/cms/app/uploads/2019/10/NIERUCHOMOSCI-min.png
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/js/chunk-vendors.b4e274a6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.85.110.149 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver003705.home.pl
Software
IdeaWebServer/3.0.0 /
Resource Hash
1fcf0cc6fd64cc0ed650a8106606ca3aebd5a128f92618d168c12361b38ffe63

Request headers

Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:26 GMT
last-modified
Wed, 09 Oct 2019 13:22:39 GMT
server
IdeaWebServer/3.0.0
content-length
30645
content-type
image/png
ENERGETYKA_SUROWCE-min.png
germandesk.ssw.solutions/cms/app/uploads/2019/10/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://germandesk.ssw.solutions/cms/app/uploads/2019/10/ENERGETYKA_SUROWCE-min.png
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/js/chunk-vendors.b4e274a6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.85.110.149 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver003705.home.pl
Software
IdeaWebServer/3.0.0 /
Resource Hash
488ff827bc8c95f2cdf35560eaff4bdf3873add49c91dc248c7d53a4fac97e61

Request headers

Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:26 GMT
last-modified
Wed, 09 Oct 2019 13:22:32 GMT
server
IdeaWebServer/3.0.0
content-length
35999
content-type
image/png
GD_1.jpg
germandesk.ssw.solutions/cms/app/uploads/2019/10/ 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://germandesk.ssw.solutions/cms/app/uploads/2019/10/GD_1.jpg
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.85.110.149 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver003705.home.pl
Software
IdeaWebServer/3.0.0 /
Resource Hash
904a751f7dcc2ef28eeeed0b47f91bdc0662382b793360269daa5340e8de240e

Request headers

Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:26 GMT
last-modified
Wed, 09 Oct 2019 13:22:34 GMT
server
IdeaWebServer/3.0.0
content-length
110216
content-type
image/jpeg
GD_2-2.jpg
germandesk.ssw.solutions/cms/app/uploads/2019/10/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://germandesk.ssw.solutions/cms/app/uploads/2019/10/GD_2-2.jpg
Requested by
Host: germandesk-stage.betterandmore.usermd.net
URL: https://germandesk-stage.betterandmore.usermd.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.85.110.149 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver003705.home.pl
Software
IdeaWebServer/3.0.0 /
Resource Hash
c9b1e72374575097ad9b61b91f0e6db4e377873d6c9b000d9f417599f746eac6

Request headers

Referer
https://germandesk-stage.betterandmore.usermd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:26 GMT
last-modified
Fri, 11 Oct 2019 07:56:37 GMT
server
IdeaWebServer/3.0.0
content-length
90271
content-type
image/jpeg
anchor
www.google.com/recaptcha/api2/ Frame 9BEA 		40 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI&co=aHR0cHM6Ly9nZXJtYW5kZXNrLXN0YWdlLmJldHRlcmFuZG1vcmUudXNlcm1kLm5ldDo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=e9adru3yk6bp
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
17aa4e28ccd6b57e1c1c645c799625636e97b744974bbc0f3f2f06ee6e7c3cd8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZdT696Xa24RZGu2Y3C2tjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI&co=aHR0cHM6Ly9nZXJtYW5kZXNrLXN0YWdlLmJldHRlcmFuZG1vcmUudXNlcm1kLm5ldDo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=e9adru3yk6bp
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://germandesk-stage.betterandmore.usermd.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://germandesk-stage.betterandmore.usermd.net/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 22 Aug 2021 21:03:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-ZdT696Xa24RZGu2Y3C2tjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20686
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GERMAN-DESK.mp4
germandesk.ssw.solutions/cms/app/uploads/2019/10/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://germandesk.ssw.solutions/cms/app/uploads/2019/10/GERMAN-DESK.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.85.110.149 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
cloudserver003705.home.pl
Software
IdeaWebServer/3.0.0 /
Resource Hash

Request headers

Referer
https://germandesk-stage.betterandmore.usermd.net/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1942709/1942710
date
Sun, 22 Aug 2021 21:03:26 GMT
last-modified
Wed, 09 Oct 2019 13:22:41 GMT
server
IdeaWebServer/3.0.0
Content-Length
1942710
content-type
video/mp4
styles__ltr.css
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame 9BEA 		52 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI&co=aHR0cHM6Ly9nZXJtYW5kZXNrLXN0YWdlLmJldHRlcmFuZG1vcmUudXNlcm1kLm5ldDo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=e9adru3yk6bp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 19:56:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 04:14:16 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Aug 2022 19:56:19 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame 9BEA 		340 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI&co=aHR0cHM6Ly9nZXJtYW5kZXNrLXN0YWdlLmJldHRlcmFuZG1vcmUudXNlcm1kLm5ldDo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=e9adru3yk6bp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b168b017f9db602024341f3e4fce6b102b26e59a60f2ee8f6083b86f83e58c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 15:59:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18258
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135293
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 04:14:16 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 Aug 2022 15:59:08 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 9BEA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:00:30 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
507776
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Tue, 24 Aug 2021 00:00:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9BEA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI&co=aHR0cHM6Ly9nZXJtYW5kZXNrLXN0YWdlLmJldHRlcmFuZG1vcmUudXNlcm1kLm5ldDo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=e9adru3yk6bp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 21:27:21 GMT
x-content-type-options
nosniff
age
516965
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Aug 2022 21:27:21 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9BEA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI&co=aHR0cHM6Ly9nZXJtYW5kZXNrLXN0YWdlLmJldHRlcmFuZG1vcmUudXNlcm1kLm5ldDo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=e9adru3yk6bp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 14:26:18 GMT
x-content-type-options
nosniff
age
455828
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 14:26:18 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 9BEA 		102 B
132 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI&co=aHR0cHM6Ly9nZXJtYW5kZXNrLXN0YWdlLmJldHRlcmFuZG1vcmUudXNlcm1kLm5ldDo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=e9adru3yk6bp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
718c7e416390d518d57d2da05f6957956b1b2e2a829522f3bcc6fa46972da72c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI&co=aHR0cHM6Ly9nZXJtYW5kZXNrLXN0YWdlLmJldHRlcmFuZG1vcmUudXNlcm1kLm5ldDo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=e9adru3yk6bp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 21:03:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sun, 22 Aug 2021 21:03:26 GMT
bframe
www.google.com/recaptcha/api2/ Frame 7FEE 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI&cb=q6hjk3yb5wkr
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
921bc4447015960d00dc99f1d280b796171db7126437bec8bee32f20dc787eaa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-W9kP79yTv2NUoeHC17/G8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI&cb=q6hjk3yb5wkr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://germandesk-stage.betterandmore.usermd.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://germandesk-stage.betterandmore.usermd.net/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 22 Aug 2021 21:03:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-W9kP79yTv2NUoeHC17/G8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1113
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame 7FEE 		52 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI&cb=q6hjk3yb5wkr
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 19:56:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 04:14:16 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 21 Aug 2022 19:56:19 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame 7FEE 		340 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI&cb=q6hjk3yb5wkr
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b168b017f9db602024341f3e4fce6b102b26e59a60f2ee8f6083b86f83e58c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 15:59:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18258
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135293
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 04:14:16 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 Aug 2022 15:59:08 GMT
reload
www.google.com/recaptcha/api2/ Frame 7FEE 		34 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2596bc70d1e32edcf2a12199aea704de348c46c621f75a80596ba199db807cbf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI&cb=q6hjk3yb5wkr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sun, 22 Aug 2021 21:03:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20628
x-xss-protection
1; mode=block
expires
Sun, 22 Aug 2021 21:03:26 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer object| FontAwesomeCdnConfig string| cssUrl object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_data function| ga object| gaplugins object| google_tag_manager object| webpackJsonp object| __core-js_shared__ object| core function| vueRecaptchaApiLoaded string| GoogleAnalyticsObject object| gaGlobal object| gaData object| recaptcha object| closure_lm_279416

3 Cookies

Domain/Path Name / Value
.usermd.net/ Name: _gid
Value: GA1.2.648959501.1629666199
.usermd.net/ Name: _gat_gtag_UA_149144381_1
Value: 1
.usermd.net/ Name: _ga
Value: GA1.2.242831309.1629666199

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
germandesk-stage.betterandmore.usermd.net
germandesk.ssw.solutions
use.fontawesome.com
www.germandesk-stage.betterandmore.usermd.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
212.85.110.149
2606:4700:3037::6815:4e07
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:828::2008
2a00:1450:4001:82f::2003
31.186.83.240
17aa4e28ccd6b57e1c1c645c799625636e97b744974bbc0f3f2f06ee6e7c3cd8
1ad3b6067756b27c2313727c519d5ffbc5343c5f02f2b01838160f7de20ffa3c
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1fcf0cc6fd64cc0ed650a8106606ca3aebd5a128f92618d168c12361b38ffe63
22e2c9acf88843b258fedb48dc6296e1781561261f2546d441e225db4a166286
2596bc70d1e32edcf2a12199aea704de348c46c621f75a80596ba199db807cbf
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2aeae3c08e1fcf08eabcdef5815e3e140a227f367ba1381a02d32e9774d4e113
2db3c0fae132ffc345ee38147dbf4a040623cda9532c79e3d5a7cb6dc28cecee
3b168b017f9db602024341f3e4fce6b102b26e59a60f2ee8f6083b86f83e58c0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
488ff827bc8c95f2cdf35560eaff4bdf3873add49c91dc248c7d53a4fac97e61
54585b3c269c10e8d4420a790229c5223cb6797580dce5e2decf22385c4b0538
59620dd4e9d463f7cc3bb7f5e7bbeb556557ccc63ff505f7a78cbcf5dbf541c4
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5e4cc5e3ab53af3f3b60b4512d47d58a1aa2c3d1f7d900c24574e07e5a850bf0
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
718c7e416390d518d57d2da05f6957956b1b2e2a829522f3bcc6fa46972da72c
78c530ab1837ec31c93f8b0c8060a103dcae39b7f2c15ad44a860e495064d363
864d572ae928872098ace5a26fd2e019beda046094d00e9c91a73b220f501ed5
898d616cb805a82bc8a97d90ff5c5a253e561020d7d4d5ef7bcf654cb16862ba
8cbeb78cd2c06384cb6918ce049270c140abd51a21e20bea252a6f6f58f572b7
904a751f7dcc2ef28eeeed0b47f91bdc0662382b793360269daa5340e8de240e
921bc4447015960d00dc99f1d280b796171db7126437bec8bee32f20dc787eaa
a5cdd09703cf3b8facd438f6ed9952f4f756fb4c5d7b3b860e86b3bd03e006a1
aaf26fd060fb1a9d070291457b63a8857c7f515a74d8bc91fb13264457815f97
b3d212f7198d9c4ca8425a0c4221bcf2974f10ad071699a03e66c43959725df3
b71c6ca7f0195b71b3c8e62345fc1285cb3dfec4af5053f5d3a06aee6003cb5e
c9b1e72374575097ad9b61b91f0e6db4e377873d6c9b000d9f417599f746eac6
d5b5f66d154d5d6ca599756847df6272d35626e12336b453cf9e45e7f07a1c06
de1f8bbfdc696bb3144eff382064122aaadf21924f366d88db1106012efeaee1
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd