www.oficloud.com Open in urlscan Pro
35.187.109.125 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.oficloud.com/
Submission Tags: @phishunt_io
Submission: On October 24 via api (October 24th 2021, 1:58:14 pm UTC) from US — Scanned from DE

Summary HTTP 46 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 11 domains to perform 46 HTTP transactions. The main IP is 35.187.109.125, located in Mountain View, United States and belongs to GOOGLE, US. The main domain is www.oficloud.com.
TLS certificate: Issued by R3 on October 24th 2021. Valid for: 3 months.

This is the only time www.oficloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	35.187.109.125 35.187.109.125	15169 (GOOGLE) (GOOGLE)
2	142.250.181.234 142.250.181.234	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
20	104.26.15.45 104.26.15.45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.16.186.10 2.16.186.10	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
3	172.217.23.99 172.217.23.99	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	23.111.9.38 23.111.9.38	33438 (HIGHWINDS2) (HIGHWINDS2)
1 2	108.174.11.37 108.174.11.37	14413 (LINKEDIN) (LINKEDIN)
1 1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.251.5.157 142.251.5.157	15169 (GOOGLE) (GOOGLE)
2	172.217.23.100 172.217.23.100	15169 (GOOGLE) (GOOGLE)
2	185.17.186.162 185.17.186.162	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	188.166.82.40 188.166.82.40	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
46	14

7 35.187.109.125 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 125.109.187.35.bc.googleusercontent.com

www.oficloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.26.15.45 (United States)

ASN13335 (CLOUDFLARENET, US)

app.chaport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.10 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-10.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f99.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.38 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.174.11.37 (United States) 1 redirects

ASN14413 (LINKEDIN, US)
PTR: 108-174-11-37.fwd.linkedin.com

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.5.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.17.186.162 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

o2.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.166.82.40 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

server.chaport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	chaport.com app.chaport.com server.chaport.com	426 KB
7	oficloud.com www.oficloud.com	120 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	mouseflow.com cdn.mouseflow.com o2.mouseflow.com	68 KB
3	gstatic.com fonts.gstatic.com	53 KB
2	google.com www.google.com	626 B
2	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	2 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	licdn.com snap.licdn.com	2 KB
1	googleadservices.com www.googleadservices.com	18 KB
46	11

	Domain	Requested by
20	app.chaport.com	www.oficloud.com app.chaport.com
7	www.oficloud.com	www.oficloud.com
3	fonts.gstatic.com	fonts.googleapis.com www.oficloud.com
2	server.chaport.com	app.chaport.com
2	o2.mouseflow.com	cdn.mouseflow.com
2	www.google.com	www.oficloud.com
2	px.ads.linkedin.com	1 redirects www.oficloud.com
2	www.google-analytics.com	www.oficloud.com www.google-analytics.com
2	fonts.googleapis.com	www.oficloud.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.linkedin.com	1 redirects
1	cdn.mouseflow.com	www.oficloud.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	snap.licdn.com	www.oficloud.com
1	www.googleadservices.com	www.oficloud.com
46	15

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.instagram.com
www.linkedin.com
github.com

Subject Issuer	Validity	Valid
oficloud.com R3	`2021-10-24` - `2022-01-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-13` - `2022-07-12`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.mouseflow.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-12` - `2022-09-14`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-09-16` - `2022-03-16`	6 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
server.chaport.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-26` - `2022-05-26`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.oficloud.com/
Frame ID: 4129D3C6A3EEA3495770303CF7A9D99B
Requests: 34 HTTP requests in this frame

Frame: https://app.chaport.com/widget/show.html?appid=5b05d23f017b69329e0bc3f5&cid=e45bf15b-3fa0-4951-92c1-8be8f1884188&ctoken=udq6omSBcBsUdFJoDWTaKOyKDUN85c7Enzrq&r=0.09154892824175409&ou=https%3A%2F%2Fwww.oficloud.com
Frame ID: B6CD5117B18623D2A4173FF698505151
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Oficloud - Privacy for cloud services

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

Page Statistics

46
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

15
Subdomains

14
IPs

3
Countries

712 kB
Transfer

1993 kB
Size

15
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/OficloudSL
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/oficloud/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/oficloud/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company-beta/11057124/admin/updates/
Title: Linked In

Search URL Search Domain Scan URL

URL: https://github.com/juanjo75es/oficloud
Title: Github

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=86590&time=1635083889837&url=https%3A%2F%2Fwww.oficloud.com%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D86590%26time%3D1635083889837%26url%3Dhttps%253A%252F%252Fwww.oficloud.com%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=86590&time=1635083889837&url=https%3A%2F%2Fwww.oficloud.com%2F&liSync=true

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.oficloud.com/ 11 KB
4 KB 107ms
19ms Document
text/html 35.187.109.125
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oficloud.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.187.109.125 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 125.109.187.35.bc.googleusercontent.com
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.29
Resource Hash: 51a2bf2fc78ab9e441a330434bf8c4ef3ccfde1d5d898e246ae228526e770bc5

Request headers

Host: www.oficloud.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sun, 24 Oct 2021 13:58:09 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.29
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3463
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK bootstrap.min.css
www.oficloud.com/vendor/bootstrap/css/ 118 KB
20 KB 17ms
17ms Stylesheet
text/css 35.187.109.125
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oficloud.com/vendor/bootstrap/css/bootstrap.min.css
Requested by: Host: www.oficloud.com
URL: https://www.oficloud.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.187.109.125 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 125.109.187.35.bc.googleusercontent.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.oficloud.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.oficloud.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.oficloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 13:58:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Aug 2017 15:15:08 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "1d970-5580e1c1f9068-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 19744

GET
H/1.1 200
OK freelancer.css
www.oficloud.com/css/ 18 KB
4 KB 42ms
14ms Stylesheet
text/css 35.187.109.125
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oficloud.com/css/freelancer.css
Requested by: Host: www.oficloud.com
URL: https://www.oficloud.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.187.109.125 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 125.109.187.35.bc.googleusercontent.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 6bf4a1e2fcc1cc3fa210ee73bf1321ad0f927d3a641660296f61d39fb8a2a3b7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.oficloud.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.oficloud.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.oficloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 13:58:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Sep 2017 10:10:09 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "4831-5598810675b7a-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4096

GET
H/1.1 200
OK font-awesome.min.css
www.oficloud.com/vendor/font-awesome/css/ 28 KB
7 KB 43ms
15ms Stylesheet
text/css 35.187.109.125
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oficloud.com/vendor/font-awesome/css/font-awesome.min.css
Requested by: Host: www.oficloud.com
URL: https://www.oficloud.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.187.109.125 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 125.109.187.35.bc.googleusercontent.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.oficloud.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.oficloud.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.oficloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 13:58:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Aug 2017 15:15:10 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "7187-5580e1c3d5967-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6666

GET
H2 200 css
fonts.googleapis.com/ 6 KB
774 B 37ms
16ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600

Requested by

Host: www.oficloud.com
URL: https://www.oficloud.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

ESF /

Resource Hash

c659c1851c3f27f5a32e10b0d6881b269e3d5e4b0de5b5ff2e8ef9c0f52cd471

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.oficloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Oct 2021 12:13:44 GMT
server: ESF
date: Sun, 24 Oct 2021 13:58:09 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sun, 24 Oct 2021 13:58:09 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 37ms
15ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: www.oficloud.com
URL: https://www.oficloud.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

ESF /

Resource Hash

7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.oficloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Oct 2021 13:45:54 GMT
server: ESF
date: Sun, 24 Oct 2021 13:58:09 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sun, 24 Oct 2021 13:58:09 GMT

GET
H/1.1 200
OK logo@3x.png
www.oficloud.com/img/png/ 8 KB
8 KB 40ms
13ms Image
image/png 35.187.109.125
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.oficloud.com/img/png/logo@3x.png
Requested by: Host: www.oficloud.com
URL: https://www.oficloud.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.187.109.125 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 125.109.187.35.bc.googleusercontent.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: aa9a458081789d7ac41079cb37dfb3cf19d4ddc308caa7e16f722b8f40299abf

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.oficloud.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.oficloud.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.oficloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 13:58:09 GMT
Last-Modified: Thu, 31 Aug 2017 15:12:45 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "1eea-5580e139c2eca"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7914

GET
H/1.1 200
OK logo320iot.png
www.oficloud.com/img/ 7 KB
7 KB 42ms
13ms Image
image/png 35.187.109.125
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.oficloud.com/img/logo320iot.png
Requested by: Host: www.oficloud.com
URL: https://www.oficloud.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.187.109.125 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 125.109.187.35.bc.googleusercontent.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 786aaa212a91d20fe6d14b7121a4fb2ba6b3b302d6d181659aa7953d2d10384d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.oficloud.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.oficloud.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.oficloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 13:58:09 GMT
Last-Modified: Wed, 09 Jan 2019 15:23:42 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "1ba9-57f080c117de6"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 7081

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
18 KB 64ms
26ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.oficloud.com
URL: https://www.oficloud.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

72e6e98b1391dd750f3b44019ac52c993b93bb0fed404b5149ae5a8af9660d59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.oficloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 13:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17678
x-xss-protection: 0
server: cafe
etag: 12763723626733652640
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 24 Oct 2021 13:58:09 GMT

GET
H2 200 insert.js Show response
app.chaport.com/javascripts/ 593 B
980 B 58ms
19ms Script
application/javascript 104.26.15.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.chaport.com/javascripts/insert.js

Requested by

Host: www.oficloud.com
URL: https://www.oficloud.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

925f95751733d9674a09c7a2315fd93c6ba86d2a61b80cbdf0a5a17148cc733c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.oficloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 13:58:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8308223
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 19 Jul 2021 10:02:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60f54dbd-251"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDMfWkd0nykm1kaQFZO3RW%2B24xprRN4ahJiY6Mn6gfwB7u4D%2By43kgnD6cntfdwFuAz16Sv6feHm%2B88TWbU9uiajGCwzTVOrS1ghUI9NJ%2FS7XaAb137Nasg%2FcLhEO3XNHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: null
cache-control: public, max-age=315360000
cf-ray: 6a33b7e76b594108-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 38ms
9ms Script
application/x-javascript 2.16.186.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.oficloud.com
URL: https://www.oficloud.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.10 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-10.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.oficloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 13:58:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=35988
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
7ms Script
text/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.oficloud.com
URL: https://www.oficloud.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.oficloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 7055
date: Sun, 24 Oct 2021 12:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Sun, 24 Oct 2021 14:00:34 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 37ms
13ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f99.1e100.net

Software

sffe /

Resource Hash

f3d7092e6eb6f3aa0c572e52e061a59cc88a3e9eff581c95c4bd7456800904d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.oficloud.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 17:34:21 GMT
x-content-type-options: nosniff
age: 246228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16064
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:09:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 17:34:21 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 31ms
7ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f99.1e100.net

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.oficloud.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 17:27:37 GMT
x-content-type-options: nosniff
age: 505832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 18 Oct 2022 17:27:37 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.oficloud.com/vendor/font-awesome/fonts/ 70 KB
70 KB 14ms
13ms Font
application/octet-stream 35.187.109.125
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.oficloud.com/vendor/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.oficloud.com
URL: https://www.oficloud.com/vendor/font-awesome/css/font-awesome.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.187.109.125 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 125.109.187.35.bc.googleusercontent.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.oficloud.com
Accept-Encoding: gzip, deflate, br
Host: www.oficloud.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.oficloud.com/vendor/font-awesome/css/font-awesome.min.css
Connection: keep-alive
Referer: https://www.oficloud.com/vendor/font-awesome/css/font-awesome.min.css
Origin: https://www.oficloud.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 13:58:09 GMT
Last-Modified: Thu, 31 Aug 2017 15:15:11 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "118d8-5580e1c4cca87"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 71896

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/847308287/ 2 KB
2 KB 40ms
18ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/847308287/?random=1635083889813&cv=9&fst=1635083889813&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.oficloud.com%2F&tiba=Oficloud%20-%20Privacy%20for%20cloud%20services&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

47b4c22fcad10a715f203361ebbad61d35405a577a1fb4b46b582bb3e50db120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.oficloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 13:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 986
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 64f83a32-78c8-4c5b-9fbd-5d6fd269f400.js Show response
cdn.mouseflow.com/projects/ 211 KB
68 KB 136ms
122ms Script
application/javascript 23.111.9.38
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/64f83a32-78c8-4c5b-9fbd-5d6fd269f400.js
Requested by: Host: www.oficloud.com
URL: https://www.oficloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.38 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 379a87462abe7c94a9fac979e1f1a5b85018a07bb62889f0b82d0bc413c11e8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.oficloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 13:58:09 GMT
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 07:18:04 GMT
server: NetDNA-cache/2.2
etag: W/"365ef12170bed71:0"
x-cache: MISS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 14ms
13ms XHR
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1737399284&t=pageview&_s=1&dl=https%3A%2F%2Fwww.oficloud.com%2F&ul=en-us&de=UTF-8&dt=Oficloud%20-%20Privacy%20for%20cloud%20services&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=266085450&gjid=939999392&cid=1605174724.1635083890&tid=UA-105745376-1&_gid=1119280932.1635083890&_r=1&_slc=1&z=197873014

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oficloud.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 13:58:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.oficloud.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=86590&time=1635083889837&url=https%3A%2F%2Fwww.oficloud.com%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D86590%26time%3D1635083889837%26url%3Dhttps%253A%252F%252Fwww.oficloud.com%252F%26...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=86590&time=1635083889837&url=https%3A%2F%2Fwww.oficloud.com%2F&liSync=true

0
273 B

196ms
195ms

Image
application/javascript

108.174.11.37
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=86590&time=1635083889837&url=https%3A%2F%2Fwww.oficloud.com%2F&liSync=true
Requested by: Host: www.oficloud.com
URL: https://www.oficloud.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.11.37 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-11-37.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.oficloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 13:58:10 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-esv5
content-type: application/javascript
content-length: 0
x-li-uuid: ol7SsSL8sBYAvR7cmCsAAA==

Redirect headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAXPGaJ4hkTC24ydB/WxXw==
pragma: no-cache
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: E6CCC533E6AD4B2EAE2F22045460DC27 Ref B: PRG01EDGE1115 Ref C: 2021-10-24T13:58:10Z
date: Sun, 24 Oct 2021 13:58:09 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=86590&time=1635083889837&url=https%3A%2F%2Fwww.oficloud.com%2F&liSync=true
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?f=l
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 insert-main Show response
app.chaport.com/info/asset-name/js/ 85 B
435 B 50ms
50ms Script
text/javascript 104.26.15.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.chaport.com/info/asset-name/js/insert-main?jsonpCallback=true

Requested by

Host: app.chaport.com
URL: https://app.chaport.com/javascripts/insert.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2bf26b9d87ad578b4183074680f1887cc72a8b394c50433d85d2e066bfd74c16

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.oficloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 13:58:09 GMT
content-encoding: br
etag: W/"55-74/psyqNzeYqXTjy2P2mjFpQYu8"
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ID7ALp42AslcgGXr3tK5wzqGXuNRjxPHJ9Pumk6onReG9AQvw2EJ%2Fazlcyr7momGIXlDPEPXUnJ%2B2SVRHXVyF9I023j5%2Fw7r2s0M1eSQxttxLPxngrIWcupdd9u0jubCbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=63072000; includeSubdomains;
cf-ray: 6a33b7e78b904108-PRG
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
412 B 43ms
14ms XHR
text/plain 142.251.5.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-105745376-1&cid=1605174724.1635083890&jid=266085450&gjid=939999392&_gid=1119280932.1635083890&_u=IEBAAEAAAAAAAC~&z=675306303

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.5.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oficloud.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 24 Oct 2021 13:58:09 GMT
content-type: text/plain
access-control-allow-origin: https://www.oficloud.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/847308287/ 42 B
519 B 40ms
18ms Image
image/gif 172.217.23.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/847308287/?random=1635083889813&cv=9&fst=1635080400000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.oficloud.com%2F&tiba=Oficloud%20-%20Privacy%20for%20cloud%20services&fmt=3&is_vtc=1&random=209211163&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.oficloud.com
URL: https://www.oficloud.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.oficloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 13:58:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insert-main-17d1e2099bfce222c71225ce6f8daf5a.js Show response
app.chaport.com/assets/ 60 KB
20 KB 22ms
22ms Script
application/javascript 104.26.15.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.chaport.com/assets/insert-main-17d1e2099bfce222c71225ce6f8daf5a.js

Requested by

Host: app.chaport.com
URL: https://app.chaport.com/javascripts/insert.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f46e5123b20f741e4d5d5f85996094d8d6b1f1ab976a966a6ee856b6f1785e35

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.oficloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 13:58:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 861548
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Oct 2021 08:49:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61669db0-4cc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2OKi6Y6dMIBVrJ312wM884wWm0%2BcdtWx%2FsP9FKfd18c1bK5F7m%2FhvB1Baa3p1kG6Ie7qwUJkeUz8vp8IM%2BTsQt8T4LJ9MFeZOEnCGXJ9glXwWivAGvLW0389b4N46ezkzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: null
cache-control: max-age=315360000, public
cf-ray: 6a33b7e7dc114108-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
30ms Image
image/gif 172.217.23.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-105745376-1&cid=1605174724.1635083890&jid=266085450&_u=IEBAAEAAAAAAAC~&z=968637012

Requested by

Host: www.oficloud.com
URL: https://www.oficloud.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.oficloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 13:58:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 account-essentials
app.chaport.com/api/public/v1/ Frame 0
0 90ms
58ms Preflight
text/html 104.26.15.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.chaport.com/api/public/v1/account-essentials?language=

Protocol

Server

104.26.15.45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cp-app-id
Origin: https://www.oficloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 24 Oct 2021 13:58:10 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-credentials: true
access-control-allow-origin: https://www.oficloud.com
access-control-allow-headers: Content-Type, cp-app-id
allow: GET,HEAD
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000; includeSubdomains;
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIyDoarJxzQOW2%2F4HH30FzWw2rDT58W5OrijJ%2FlvG1OWUPNHkaW%2F8zaysKCz9d3dxbXCXWf7IZ9eUCfhAjxP66NTASfFj35s%2BdiWTNdWqf2iTjTk1VCm9AnguLXj%2BThbDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a33b7e848982798-PRG
content-encoding: br

GET
H2 200 account-essentials Show response
app.chaport.com/api/public/v1/ 934 B
963 B 70ms
69ms XHR
application/json 104.26.15.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.chaport.com/api/public/v1/account-essentials?language=

Requested by

Host: app.chaport.com
URL: https://app.chaport.com/assets/insert-main-17d1e2099bfce222c71225ce6f8daf5a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

65945ac66feca36ec43e97e96a278a7bd2a727b8f11b7c2e2e11960cb20c712c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.oficloud.com/
CP-App-Id: 5b05d23f017b69329e0bc3f5
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 13:58:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: sameorigin
etag: W/"3a6-Qva7M0K39AZNYSOZZ1Rpq9HI+Wk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q59e7dkEsu7DFxXmoOADcydb4XWmDDBDiTkLy0JH10PXEXxRycuUVXhh0X7WQxeyaHI4ysQjqPrOaPoXU40iEagbqOc3B6Y9ESLcNvezb6Ed9Jt2eErtIB9SsQmSugnJxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.oficloud.com
access-control-allow-credentials: true
cf-ray: 6a33b7e8acff4108-PRG
access-control-allow-headers: Content-Type, cp-app-id

GET
H2 200 init Show response
o2.mouseflow.com/ 0
258 B 51ms
16ms XHR
text/plain 185.17.186.162
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://o2.mouseflow.com/init?v=17.51&p=64f83a32-78c8-4c5b-9fbd-5d6fd269f400&s=e76e2fc1fa19304a5f7e338cded8c356&page=102409900b4924b2d37220abfd4b8a599a99cea9&ret=0&u=715446b35ae034e946ec6db269f3c1dd&href=https%3A%2F%2Fwww.oficloud.com%2F&url=%2F&ref=&title=Oficloud%20-%20Privacy%20for%20cloud%20services&res=1600x1200&tz=0&to=0&dnt=0&ori=&dw=1600&dh=1200&time=271&pxr=1&gdpr=1

Requested by

Host: cdn.mouseflow.com
URL: https://cdn.mouseflow.com/projects/64f83a32-78c8-4c5b-9fbd-5d6fd269f400.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.17.186.162 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

Mouseflow /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.oficloud.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 13:58:10 GMT
server: Mouseflow
x-recorder: rec-10-eu
content-type: text/plain; charset=Windows-1252
access-control-allow-origin: https://www.oficloud.com
cache-control: no-cache
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
expires: -1

GET
H3 200 s-BiyweUPV0v-yRb-cjciPk_vArhqVIZ0nv9q090hN8.woff2
fonts.gstatic.com/s/droidsans/v8/ 21 KB
21 KB 22ms
8ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v8/s-BiyweUPV0v-yRb-cjciPk_vArhqVIZ0nv9q090hN8.woff2

Requested by

Host: www.oficloud.com
URL: https://www.oficloud.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f99.1e100.net

Software

sffe /

Resource Hash

197f29a9d43e95d57c1aee32ca7b618daa3d46938c0677bc5a4c3a0b3e188bc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oficloud.com/
Origin: https://www.oficloud.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 10:23:25 GMT
x-content-type-options: nosniff
age: 185685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 21252
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 18:25:12 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Oct 2022 10:23:25 GMT

GET
H2 200 widget-6ae21f98daf485ed5b4b990772654965.css
app.chaport.com/assets/ 267 KB
26 KB 30ms
30ms Stylesheet
text/css 104.26.15.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.chaport.com/assets/widget-6ae21f98daf485ed5b4b990772654965.css

Requested by

Host: app.chaport.com
URL: https://app.chaport.com/assets/insert-main-17d1e2099bfce222c71225ce6f8daf5a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6637df115b1c1aa507da1db534bb831af9d19b49faf1c0d51bd44ffe209148c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.oficloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 13:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3958960
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Fri, 09 Jul 2021 12:46:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60e8451f-64ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCyFGuXTneMRrcjBS04j3WfnQ927FOEFw4dK%2Fx6QBd4THkGfunELVRM5EalnM9w6calYyqmIiNasbpC4oIOsRrOzDzD0jWc1IM843r7n2MVQ3ik%2B2P54heBxjG1DSSo%2Brw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: null
cache-control: max-age=315360000, public
cf-ray: 6a33b7e91dd54108-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 widget-6ae21f98daf485ed5b4b990772654965.css
app.chaport.com/assets/ 64 KB
64 KB 25ms
25ms Image
text/css 104.26.15.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.chaport.com/assets/widget-6ae21f98daf485ed5b4b990772654965.css

Requested by

Host: app.chaport.com
URL: https://app.chaport.com/assets/insert-main-17d1e2099bfce222c71225ce6f8daf5a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.oficloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 13:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3958960
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Fri, 09 Jul 2021 12:46:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60e8451f-64ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYU%2BYHBokpeRfcyZba8kmYmw0YMRNeRp6LMKZv%2FVNd8WP3Myp8nMiwynJ1rM%2FneBlt4jCjJO40AbF%2FOHCfZzii0mjmNsq2v%2BbnEU9PD%2ByzUmE%2BlxEHHoSrNCcMBYa98DfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: null
cache-control: max-age=315360000, public
cf-ray: 6a33b7e91dd94108-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 audio-player-2cd72cb6eebd6a3061aa56ff706e478f.js Show response
app.chaport.com/assets/ 26 KB
8 KB 20ms
20ms Script
application/javascript 104.26.15.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.chaport.com/assets/audio-player-2cd72cb6eebd6a3061aa56ff706e478f.js

Requested by

Host: app.chaport.com
URL: https://app.chaport.com/assets/insert-main-17d1e2099bfce222c71225ce6f8daf5a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b31382b34012123058ee44ab3b2f6abca5c5111ad92bc18b00249caa23bc488d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.oficloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 13:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8308222
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Tue, 06 Jul 2021 07:18:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60e403df-1f34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48B2%2FUy3yxnJmr1uRAFKvejteAHZOQsWChkzGSR4f5Ci2wY3%2B3aV19bTdODdKuaVP1rV6mVcWOVjRjQRPQ3hiU1O0JOJ6kE0cQSr0U2gkyEca3TMly14Uf9Rtm6FujS8og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: null
cache-control: max-age=315360000, public
cf-ray: 6a33b7e91ddc4108-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 beep.mp3 Show response
app.chaport.com/sounds/ 5 KB
6 KB 47ms
46ms XHR
audio/mpeg 104.26.15.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.chaport.com/sounds/beep.mp3

Requested by

Host: app.chaport.com
URL: https://app.chaport.com/assets/audio-player-2cd72cb6eebd6a3061aa56ff706e478f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55f34e2987da2f0c358a95a191908c281f1755b6507c149dba284f0509694586

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.oficloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 13:58:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-length: 5466
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Oct 2021 09:51:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "615ec32c-155a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGF4dlpadEMUPT0K%2BsRKrWpuhQ5pvXZaCfLdGkVF0FmntvrhWaN626epYBfiBgswWIeZP28Cl6hB1596nGhlzZr2yp3mHcynoICSoqQnClqm7M9ktq13bCTSuLRj9%2F6Rhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 6a33b7e94aae2798-PRG
expires: Tue, 23 Nov 2021 07:25:04 GMT

GET
H2 200 chaport-launcher-chat-icon-new.png
app.chaport.com/images/ 476 B
891 B 20ms
19ms Image
image/png 104.26.15.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.chaport.com/images/chaport-launcher-chat-icon-new.png

Requested by

Host: app.chaport.com
URL: https://app.chaport.com/assets/widget-6ae21f98daf485ed5b4b990772654965.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d052aaa1ea1ab5c149c656fbd3a9e162336ef22561e61f979c187387d3a3454f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.chaport.com/assets/widget-6ae21f98daf485ed5b4b990772654965.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 13:58:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 531877
cf-polished: origSize=762
vary: Accept-Encoding
content-length: 476
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Oct 2021 09:51:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "615ec32c-2fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2BlwFHiE9%2BbwYqaBGujoKux50da2TfXVDS82PGD%2FcS3bAF1jyHjUK%2Bzn9CCCpmGHiyMhj9tvKFmce%2B20kI4y6stpJeKYiYnOthXFfdshaLEJ6WO54oGKrR%2F1pcG9VxZnLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: null
expires: Wed, 17 Nov 2021 10:07:32 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 6a33b7e95e4a4108-PRG
cf-bgj: imgq:100,h2pri

OPTIONS
H/1.1 200
OK visitor-essentials
server.chaport.com/5b05d23f017b69329e0bc3f5/api/public/v1/ Frame 0
0 85ms
19ms Preflight
text/html 188.166.82.40
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://server.chaport.com/5b05d23f017b69329e0bc3f5/api/public/v1/visitor-essentials?id=e45bf15b-3fa0-4951-92c1-8be8f1884188&token=udq6omSBcBsUdFJoDWTaKOyKDUN85c7Enzrq

Protocol

HTTP/1.1

Server

188.166.82.40 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.12.2 / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cp-app-id
Origin: https://www.oficloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.12.2
Date: Sun, 24 Oct 2021 13:58:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 8
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.oficloud.com
Access-Control-Allow-Headers: Content-Type, cp-app-id
Allow: GET,HEAD
ETag: W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000; includeSubdomains;

GET
H/1.1 200
OK visitor-essentials Show response
server.chaport.com/5b05d23f017b69329e0bc3f5/api/public/v1/ 62 B
853 B 80ms
25ms XHR
application/json 188.166.82.40
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://server.chaport.com/5b05d23f017b69329e0bc3f5/api/public/v1/visitor-essentials?id=e45bf15b-3fa0-4951-92c1-8be8f1884188&token=udq6omSBcBsUdFJoDWTaKOyKDUN85c7Enzrq

Requested by

Host: app.chaport.com
URL: https://app.chaport.com/assets/insert-main-17d1e2099bfce222c71225ce6f8daf5a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.166.82.40 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.12.2 / Express

Resource Hash

402683fbeed42d05bce96ad300cccbf715bd0a9a2a7ad391ae190dba4cd9fb3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.oficloud.com/
CP-App-Id: 5b05d23f017b69329e0bc3f5
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 13:58:10 GMT
X-Frame-Options: SAMEORIGIN
Server: nginx/1.12.2
X-Powered-By: Express
ETag: W/"3e-IgTE1B9m3A+oJwIV3c4plUCCqSY"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.oficloud.com
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, cp-app-id
Content-Length: 62
X-XSS-Protection: 1; mode=block

GET
H2 200 show.html Show response
app.chaport.com/widget/ Frame B6CD 2 KB
1 KB 64ms
64ms Document
text/html 104.26.15.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.chaport.com/widget/show.html?appid=5b05d23f017b69329e0bc3f5&cid=e45bf15b-3fa0-4951-92c1-8be8f1884188&ctoken=udq6omSBcBsUdFJoDWTaKOyKDUN85c7Enzrq&r=0.09154892824175409&ou=https%3A%2F%2Fwww.oficloud.com

Requested by

Host: app.chaport.com
URL: https://app.chaport.com/assets/insert-main-17d1e2099bfce222c71225ce6f8daf5a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

08f6eb9dff42378fa2c6d8b145e16d745a5ced7c5c027d9112b26479d335066e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: app.chaport.com
:scheme: https
:path: /widget/show.html?appid=5b05d23f017b69329e0bc3f5&cid=e45bf15b-3fa0-4951-92c1-8be8f1884188&ctoken=udq6omSBcBsUdFJoDWTaKOyKDUN85c7Enzrq&r=0.09154892824175409&ou=https%3A%2F%2Fwww.oficloud.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.oficloud.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.oficloud.com/

Response headers

date: Sun, 24 Oct 2021 13:58:10 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000; includeSubdomains;
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3fDfkWsXyGY15N%2B2ownCl5TyjXFwBhoJg7MPRIFMtLGCh9TVSXQyr6x9mID7ABlbMBVvqE2xm8SCFQ41yRx5%2BMKckpSjElH6Kz%2F7CoXHySyt5UPjlio8aMxDlE1fC501Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a33b7ec3b524108-PRG
content-encoding: br

GET
H2 200 widget-6ae21f98daf485ed5b4b990772654965.css
app.chaport.com/assets/ Frame B6CD 267 KB
26 KB 22ms
22ms Stylesheet
text/css 104.26.15.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.chaport.com/assets/widget-6ae21f98daf485ed5b4b990772654965.css

Requested by

Host: app.chaport.com
URL: https://app.chaport.com/widget/show.html?appid=5b05d23f017b69329e0bc3f5&cid=e45bf15b-3fa0-4951-92c1-8be8f1884188&ctoken=udq6omSBcBsUdFJoDWTaKOyKDUN85c7Enzrq&r=0.09154892824175409&ou=https%3A%2F%2Fwww.oficloud.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6637df115b1c1aa507da1db534bb831af9d19b49faf1c0d51bd44ffe209148c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 13:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3958960
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Fri, 09 Jul 2021 12:46:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60e8451f-64ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZdkX%2Bl6K9c%2FzykVnNTDJID%2FxhFBZ7Zo0vnpqKpQAu7rbAdRl6fGWHm%2BAnHB%2BeKTrP163Wmguz6L6iPmZhCZciDkaSmEkfoCLuTN2DGNQU3t38OckkagOdgIle2LzTO1ZuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: null
cache-control: max-age=315360000, public
cf-ray: 6a33b7eccc044108-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 i18n-de-b08ff4aadca98dd8b121bec144b826ff.js Show response
app.chaport.com/assets/ Frame B6CD 117 KB
27 KB 24ms
24ms Script
application/javascript 104.26.15.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.chaport.com/assets/i18n-de-b08ff4aadca98dd8b121bec144b826ff.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cb5d89c1f418ba301e0f25edfbd2dbb67a95f5d5bc74bf066db9fdea530b97d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 13:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 362879
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Oct 2021 07:38:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"616fc77f-6b51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JoJ4PCfzh19Xv%2FQ4MrvDdXlB3YeFbwTVyaIZNS2M%2FOW5Ibh5aC%2Bb8LpBTodIBWQfxCs0owlFvl8ECb5IdT9wwY6QY7I2GKu7S%2BWfKKTNCyE0IBVolrp1lC9zYScA5n%2BloA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: null
cache-control: max-age=315360000, public
cf-ray: 6a33b7eccc064108-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 widget-49f0aa75f783802aadb1ed8817c9d8ef.js Show response
app.chaport.com/assets/ Frame B6CD 431 KB
122 KB 30ms
30ms Script
application/javascript 104.26.15.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.chaport.com/assets/widget-49f0aa75f783802aadb1ed8817c9d8ef.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88eb3ed55564364e1e9d620234ac15fe104e093c94672bcb14264d8d510b75ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 13:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5706162
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 19 Aug 2021 12:54:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"611e546a-1e822"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0mB4u7qQCYapsPdeu34j5MsXoJaaKSO%2F9KWe43EOefOJyME5ZNw5hzyVUadybPmSX6G8wJ0iX5Ni1MI1piVRz1m1sB7ejJW9NVYu1DwN5RIepGvxSY39dviBdBZFfhtiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: null
cache-control: max-age=315360000, public
cf-ray: 6a33b7eccc084108-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 emoji-icon.png
app.chaport.com/images/ Frame B6CD 436 B
803 B 48ms
48ms Image
image/png 104.26.15.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.chaport.com/images/emoji-icon.png

Requested by

Host: app.chaport.com
URL: https://app.chaport.com/assets/widget-6ae21f98daf485ed5b4b990772654965.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a966349e876cdfb8cb9e99128d7d953afe173e1aa645c0989d424f9002dfd5b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.chaport.com/assets/widget-6ae21f98daf485ed5b4b990772654965.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 13:58:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 531877
cf-polished: origSize=643
vary: Accept-Encoding
content-length: 436
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Aug 2021 07:17:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6112280e-283"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2SHTU45sUD3y9qdVtDEgdObhpFt52kV2zyjWL%2Bg9w838IlC3g3urMbbycbP1s7cLlgtBh7xAG4NXSL%2BCvavEHbR7v3JF%2BYapuziWuP2%2FkKvt7mjyFq0Ayfrrbj7rSY9AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: null
expires: Wed, 20 Oct 2021 06:00:52 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 6a33b7ed5ce94108-PRG
cf-bgj: imgq:100,h2pri

GET
H2 200 proxima_nova_regular.otf
app.chaport.com/fonts/ Frame B6CD 92 KB
93 KB 27ms
26ms Font
application/octet-stream 104.26.15.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.chaport.com/fonts/proxima_nova_regular.otf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36b59421bdc34fd9869a7541c47d5f157ff19eb183032efff759c4d5be5d9cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.chaport.com/widget/show.html?appid=5b05d23f017b69329e0bc3f5&cid=e45bf15b-3fa0-4951-92c1-8be8f1884188&ctoken=udq6omSBcBsUdFJoDWTaKOyKDUN85c7Enzrq&r=0.09154892824175409&ou=https%3A%2F%2Fwww.oficloud.com
Origin: https://app.chaport.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 13:58:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8308219
vary: Accept-Encoding
content-length: 94668
x-xss-protection: 1; mode=block
last-modified: Tue, 06 Jul 2021 07:09:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60e4019c-171cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzxM3oVDDJWFTVA4ZejzS4EWIvH684r0WNbwZuyBmL34udapFdweO6xWoXdIbdGXuBXL53fVB2L1OMwImfj7HF9KkCa3ueXp%2B7J5JrUIx4CAWFIEsbMJ5NP6siwLC69Iow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: null
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 6a33b7ed5cea4108-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7f11b663-5450-436a-a6de-96d3b25d263a.jpg
app.chaport.com/uploads/operator-images/ Frame B6CD 3 KB
4 KB 46ms
45ms Image
image/jpeg 104.26.15.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.chaport.com/uploads/operator-images/7f11b663-5450-436a-a6de-96d3b25d263a.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbfbe45447a3a64d377a9b9c3a54a2335d025dc860a8c41ded31ecafccc740d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 13:58:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=4909
vary: Accept-Encoding
content-length: 2973
x-xss-protection: 1; mode=block
last-modified: Wed, 23 May 2018 20:59:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5b05d632-132d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SXwH2V3Nn3GEL5ICV7Hxk7nai1fLI3L0s5XYnqYQqriiKt03OsGP2FlawO%2BlPE4hLLXgyLX8jR5KmQZwOOVm6UOhyu5JDofiyO%2FBW%2BsuT5cOYrSRy1QnUApo8W8xwvzYdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: null
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 6a33b7ed6cf44108-PRG
cf-bgj: imgq:100,h2pri

GET
H2 200 14a1938f-6b6f-4213-afe4-ed0de7b941a0.jpg
app.chaport.com/uploads/operator-images/ Frame B6CD 22 KB
22 KB 45ms
45ms Image
image/jpeg 104.26.15.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.chaport.com/uploads/operator-images/14a1938f-6b6f-4213-afe4-ed0de7b941a0.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

289ac1c18b1f530d5f571deb5013a05b7e6c1307be307744ac9cc9664632626d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 13:58:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=28724
vary: Accept-Encoding
content-length: 22050
x-xss-protection: 1; mode=block
last-modified: Wed, 23 May 2018 20:46:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5b05d337-7034"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Hx301GBwZSv8MHbfLw940nkUsE9r4lKgC%2BNlYdZ5q2fax6kAB7QXmRvidQTPDWqbn8oRjqE%2BBK9Z1DJmvJQ2PV3ZD%2BN7pqawO3fBHdz3r6LGtLipoD8k8kElp6uhdNCZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: null
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 6a33b7ed6cf54108-PRG
cf-bgj: imgq:100,h2pri

GET
H2 200 chaport-message-status-icons.png
app.chaport.com/images/ Frame B6CD 832 B
1 KB 20ms
19ms Image
image/png 104.26.15.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.chaport.com/images/chaport-message-status-icons.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aabead9c89249c4cf91b8d3954e59e45322d1f65ce66488d1f2bfa90a75e7bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 13:58:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 532164
cf-polished: origSize=858
vary: Accept-Encoding
content-length: 832
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Oct 2021 09:51:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "615ec32c-35a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ngpjuquj8y5g3sjmur3SuXvcm9PQvJTOINIAnOsWfah2AEpZvNWCaYuJ9NS6sI4tOiVfZhRYGkjjSbBr30TldSnFBBlSp%2B5HY9LaOrhdD%2BOiRsPtGdUM3f%2Fi2h3Kty0tCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: null
expires: Wed, 17 Nov 2021 10:07:21 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 6a33b7ed7d154108-PRG
cf-bgj: imgq:100,h2pri

GET
H2 200 chaport-message-status-icons@2x.png
app.chaport.com/images/ Frame B6CD 1 KB
2 KB 19ms
19ms Image
image/png 104.26.15.45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.chaport.com/images/chaport-message-status-icons@2x.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9787df42797e3b5661b34a43f701ba8556bbb6199789acc19a902393851b3d09

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 13:58:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 532164
cf-polished: origSize=1538
vary: Accept-Encoding
content-length: 1180
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Aug 2021 07:17:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6112280e-602"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubdomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAej29R87Ihwkbp8MNtDH9%2FARoK1WZG81A6qktJ7dmtsh4JuYwcKtOX7ij6GyPHbuNnTHqQQJsg03cqRBZNfXJNwBrrX8BcezFyECVymlgUKSBBaeJQCHTZvageo5RbdHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: null
expires: Fri, 22 Oct 2021 10:37:38 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 6a33b7ed7d174108-PRG
cf-bgj: imgq:100,h2pri

POST
H2 200 html Show response
o2.mouseflow.com/ 0
258 B 60ms
28ms XHR
text/plain 185.17.186.162
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://o2.mouseflow.com/html?website=64f83a32-78c8-4c5b-9fbd-5d6fd269f400&session=e76e2fc1fa19304a5f7e338cded8c356&page=102409900b4924b2d37220abfd4b8a599a99cea9&gz=1

Requested by

Host: cdn.mouseflow.com
URL: https://cdn.mouseflow.com/projects/64f83a32-78c8-4c5b-9fbd-5d6fd269f400.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.17.186.162 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

Mouseflow /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.oficloud.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Oct 2021 13:58:11 GMT
server: Mouseflow
x-recorder: rec-05-eu
content-type: text/plain; charset=Windows-1252
access-control-allow-origin: https://www.oficloud.com
cache-control: no-cache
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
expires: -1

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
server.chaport.com/5b05d23f017b69329e0bc3f5	1970-02-25 10:11:23	Name: chaport-5b05d23f017b69329e0bc3f5 Value: e45bf15b-3fa0-4951-92c1-8be8f1884188%2Fudq6omSBcBsUdFJoDWTaKOyKDUN85c7Enzrq
.oficloud.com/	1970-01-20 15:42:35	Name: _ga Value: GA1.2.1605174724.1635083890
.oficloud.com/	1970-01-19 22:12:50	Name: _gid Value: GA1.2.1119280932.1635083890
.oficloud.com/	1970-01-19 22:11:23	Name: _gat Value: 1
.doubleclick.net/	1970-01-19 22:11:24	Name: test_cookie Value: CheckForPermission
.oficloud.com/	1970-01-20 00:20:59	Name: mf_user Value: 715446b35ae034e946ec6db269f3c1dd\|
.oficloud.com/	1969-12-31 23:59:59	Name: mf_64f83a32-78c8-4c5b-9fbd-5d6fd269f400 Value: e76e2fc1fa19304a5f7e338cded8c356\|102409900b4924b2d37220abfd4b8a599a99cea9.47.1635083889994\|1635083889990\|\|0\|\|\|0\|17.51\|41.05106
www.oficloud.com/	1970-01-20 06:49:47	Name: chaport-5b05d23f017b69329e0bc3f5 Value: e45bf15b-3fa0-4951-92c1-8be8f1884188%2Fudq6omSBcBsUdFJoDWTaKOyKDUN85c7Enzrq
.linkedin.com/	1970-01-19 22:54:35	Name: UserMatchHistory Value: AQLIVdx8CHhkTgAAAXyymC5YpkYTqcnePvP08NZEvyEMpgHm3xf9rPf07b48FLrxo3ADgfnoBf-cPw
.linkedin.com/	1970-01-19 22:54:35	Name: AnalyticsSyncHistory Value: AQLM9_todRtqiwAAAXyymC5YH_pc6wDmL9NSH5CeXwaidSphFgSHMAaYOZsH8VAWiNTFZ12Nkpd6WhAXmhtkyQ
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:43:17	Name: bcookie Value: "v=2&9c17a5cb-6ab1-4cbb-8be9-10aa0f48d019"
.linkedin.com/	1970-01-19 22:12:50	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2512:u=1:x=1:i=1635083890:t=1635170290:v=2:sig=AQGzy290bl9KA2yFOnNO08VUODMbw_qS"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 15:43:17	Name: bscookie Value: "v=1&20211024135810374710b8-0eb0-4107-8e7d-d6a446b279f9AQGqeZU0XMhOqXkO0hih0tS2bKwc_xY0"

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://app.chaport.com/assets/audio-player-2cd72cb6eebd6a3061aa56ff706e478f.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.chaport.com
cdn.mouseflow.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
o2.mouseflow.com
px.ads.linkedin.com
server.chaport.com
snap.licdn.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.googleadservices.com
www.linkedin.com
www.oficloud.com
104.26.15.45
108.174.11.37
13.107.42.14
142.250.181.226
142.250.181.234
142.250.184.194
142.250.185.78
142.251.5.157
172.217.23.100
172.217.23.99
185.17.186.162
188.166.82.40
2.16.186.10
23.111.9.38
35.187.109.125
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
08f6eb9dff42378fa2c6d8b145e16d745a5ced7c5c027d9112b26479d335066e
197f29a9d43e95d57c1aee32ca7b618daa3d46938c0677bc5a4c3a0b3e188bc0
289ac1c18b1f530d5f571deb5013a05b7e6c1307be307744ac9cc9664632626d
2bf26b9d87ad578b4183074680f1887cc72a8b394c50433d85d2e066bfd74c16
36b59421bdc34fd9869a7541c47d5f157ff19eb183032efff759c4d5be5d9cae
379a87462abe7c94a9fac979e1f1a5b85018a07bb62889f0b82d0bc413c11e8c
402683fbeed42d05bce96ad300cccbf715bd0a9a2a7ad391ae190dba4cd9fb3e
47b4c22fcad10a715f203361ebbad61d35405a577a1fb4b46b582bb3e50db120
51a2bf2fc78ab9e441a330434bf8c4ef3ccfde1d5d898e246ae228526e770bc5
55f34e2987da2f0c358a95a191908c281f1755b6507c149dba284f0509694586
5aabead9c89249c4cf91b8d3954e59e45322d1f65ce66488d1f2bfa90a75e7bc
5cb5d89c1f418ba301e0f25edfbd2dbb67a95f5d5bc74bf066db9fdea530b97d
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
65945ac66feca36ec43e97e96a278a7bd2a727b8f11b7c2e2e11960cb20c712c
6637df115b1c1aa507da1db534bb831af9d19b49faf1c0d51bd44ffe209148c4
6bf4a1e2fcc1cc3fa210ee73bf1321ad0f927d3a641660296f61d39fb8a2a3b7
72e6e98b1391dd750f3b44019ac52c993b93bb0fed404b5149ae5a8af9660d59
786aaa212a91d20fe6d14b7121a4fb2ba6b3b302d6d181659aa7953d2d10384d
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
88eb3ed55564364e1e9d620234ac15fe104e093c94672bcb14264d8d510b75ca
925f95751733d9674a09c7a2315fd93c6ba86d2a61b80cbdf0a5a17148cc733c
9787df42797e3b5661b34a43f701ba8556bbb6199789acc19a902393851b3d09
a966349e876cdfb8cb9e99128d7d953afe173e1aa645c0989d424f9002dfd5b2
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aa9a458081789d7ac41079cb37dfb3cf19d4ddc308caa7e16f722b8f40299abf
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b31382b34012123058ee44ab3b2f6abca5c5111ad92bc18b00249caa23bc488d
c659c1851c3f27f5a32e10b0d6881b269e3d5e4b0de5b5ff2e8ef9c0f52cd471
d052aaa1ea1ab5c149c656fbd3a9e162336ef22561e61f979c187387d3a3454f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d7092e6eb6f3aa0c572e52e061a59cc88a3e9eff581c95c4bd7456800904d0
f46e5123b20f741e4d5d5f85996094d8d6b1f1ab976a966a6ee856b6f1785e35
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fbfbe45447a3a64d377a9b9c3a54a2335d025dc860a8c41ded31ecafccc740d4
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www.oficloud.com Open in urlscan Pro 35.187.109.125 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

46 Requests

100 %HTTPS

0 %IPv6

11 Domains

15 Subdomains

14 IPs

3 Countries

712 kBTransfer

1993 kBSize

15 Cookies

5 Outgoing links

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.oficloud.com Open in urlscan Pro
35.187.109.125 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

15
Subdomains

14
IPs

3
Countries

712 kB
Transfer

1993 kB
Size

15
Cookies

46 HTTP transactions
0 data transactions