chapter5recovery.com Open in urlscan Pro
141.193.213.11 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://chapter5recovery.com/
Submission: On February 14 via automatic, source certstream-suspicious (February 14th 2023, 9:31:53 pm UTC) — Scanned from DE

Summary HTTP 143 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 18 domains to perform 143 HTTP transactions. The main IP is 141.193.213.11, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is chapter5recovery.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 25th 2022. Valid for: a year.

This is the only time chapter5recovery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	141.193.213.11 141.193.213.11	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
7	2600:9000:230... 2600:9000:2304:1a00:12:de4a:40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
6	2600:9000:21f... 2600:9000:21f3:e600:1:9458:cb00:21	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:1122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2600:9000:21f... 2600:9000:21f3:ce00:7:6419:34c0:21	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:be00:1f:523f:1e80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:802::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:7a00:15:a0d3:77c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
17	2600:9000:223... 2600:9000:223c:800:6:4c42:9b40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:7c00:1f:a2da:e400:93a1	16509 (AMAZON-02) (AMAZON-02)
8	3.219.106.100 3.219.106.100	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:402... 2a00:1450:4025:401::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:804::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
11	2606:4700:10:... 2606:4700:10::6816:1983	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
15	2606:4700:10:... 2606:4700:10::6816:1883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
143	25

32 141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

chapter5recovery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2304:1a00:12:de4a:40:93a1 (United States)

ASN16509 (AMAZON-02, US)

241167.tctm.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:21f3:e600:1:9458:cb00:21 (United States)

ASN16509 (AMAZON-02, US)

d1cbloud6m3d4c.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1122 (United States)

ASN13335 (CLOUDFLARENET, US)

static.legitscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:21f3:ce00:7:6419:34c0:21 (United States)

ASN16509 (AMAZON-02, US)

d13dzd80tn4pg3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:be00:1f:523f:1e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.talkfurther.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:802::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:7a00:15:a0d3:77c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:9000:223c:800:6:4c42:9b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

vsa.talkfurther.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:7c00:1f:a2da:e400:93a1 (United States)

ASN16509 (AMAZON-02, US)

evsa.talkfurther.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.219.106.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-106-100.compute-1.amazonaws.com

api.talkfurther.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)

va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	chapter5recovery.com chapter5recovery.com	3 MB
27	talkfurther.com js.talkfurther.com — Cisco Umbrella Rank: 188385 vsa.talkfurther.com — Cisco Umbrella Rank: 173479 evsa.talkfurther.com — Cisco Umbrella Rank: 180191 api.talkfurther.com — Cisco Umbrella Rank: 163480	577 KB
26	tawk.to embed.tawk.to — Cisco Umbrella Rank: 8614 va.tawk.to — Cisco Umbrella Rank: 8325	206 KB
12	cloudfront.net d1cbloud6m3d4c.cloudfront.net d13dzd80tn4pg3.cloudfront.net	208 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	428 KB
7	tctm.co 241167.tctm.co	34 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2	42 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 41 region1.google-analytics.com — Cisco Umbrella Rank: 2213	20 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 412	12 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	157 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 66	174 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	237 B
2	legitscript.com static.legitscript.com — Cisco Umbrella Rank: 34349	15 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	53 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5268	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 95	352 B
1	clickcease.com www.clickcease.com — Cisco Umbrella Rank: 11135	54 KB
143	18

	Domain	Requested by
32	chapter5recovery.com	chapter5recovery.com
21	embed.tawk.to	chapter5recovery.com embed.tawk.to
17	vsa.talkfurther.com	js.talkfurther.com vsa.talkfurther.com
8	api.talkfurther.com	js.talkfurther.com vsa.talkfurther.com
7	241167.tctm.co	chapter5recovery.com 241167.tctm.co
6	www.google.com	chapter5recovery.com www.gstatic.com www.google.com
6	d13dzd80tn4pg3.cloudfront.net	chapter5recovery.com
6	d1cbloud6m3d4c.cloudfront.net	chapter5recovery.com
5	va.tawk.to	embed.tawk.to
5	fonts.gstatic.com	fonts.googleapis.com www.google.com
4	www.gstatic.com	www.google.com www.gstatic.com
3	bat.bing.com	chapter5recovery.com bat.bing.com
3	connect.facebook.net	chapter5recovery.com connect.facebook.net
3	www.googletagmanager.com	chapter5recovery.com www.googletagmanager.com
3	fonts.googleapis.com	chapter5recovery.com vsa.talkfurther.com
2	www.facebook.com	chapter5recovery.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	static.legitscript.com	chapter5recovery.com
1	cdn.jsdelivr.net	embed.tawk.to
1	www.google.de	chapter5recovery.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	evsa.talkfurther.com	js.talkfurther.com
1	www.clickcease.com	chapter5recovery.com
1	js.talkfurther.com	chapter5recovery.com
143	25

This site contains links to these domains. Also see Links.

Domain
royallifecenters.com
insightscare.com
legitscript.com
www.naatp.org
whitebison.org
www.facebook.com
www.instagram.com
www.google.com

Subject Issuer	Validity	Valid
chapter5recovery.com Cloudflare Inc ECC CA-3	`2022-07-25` - `2023-07-24`	a year	crt.sh
*.tctm.co Amazon	`2022-09-08` - `2023-10-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-14` - `2023-06-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
talkfurther.com Amazon	`2022-09-07` - `2023-10-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-24` - `2023-02-22`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
clickcease.com Amazon RSA 2048 M02	`2022-10-27` - `2023-11-25`	a year	crt.sh
api.talkfurther.com R3	`2023-01-06` - `2023-04-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://chapter5recovery.com/
Frame ID: 338FCD56E5210ED0D376C04004ED7A39
Requests: 121 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfsTqcUAAAAAC1Q62hQDTFfdkKctRa1FmmCP3pH&co=aHR0cHM6Ly9jaGFwdGVyNXJlY292ZXJ5LmNvbTo0NDM.&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=p4ss8psgedjz
Frame ID: 69244DE6429671B7B83BDECF8A843622
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 1076C75A3B90CD942424BF54EF2FC613
Requests: 1 HTTP requests in this frame

Frame: https://api.talkfurther.com/api/chat/visitors?visit=af1e6429-c79f-47ae-9ba2-02553a983606
Frame ID: A12FE18C58F48D3B44944F0A8AD678A7
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/63b77dcd282/css/min-widget.css
Frame ID: 4534F8C4C1AF96762F7F1C35D003E916
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/63b77dcd282/css/bubble-widget.css
Frame ID: B5A0F62BEA665F69EA181DE03842C31E
Requests: 2 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/63b77dcd282/css/message-preview.css
Frame ID: 1A0E9F4AD753DE68FBCF218C1386A40D
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/63b77dcd282/css/max-widget.css
Frame ID: 7EFAFE848AF70216D2463A5F328C493C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Drug Detox and Treatment Center - Royal Life Centers at Chapter 5 WA : Royal Life Centers at Chapter 5

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

143
Requests

100 %
HTTPS

92 %
IPv6

18
Domains

25
Subdomains

25
IPs

4
Countries

5192 kB
Transfer

9521 kB
Size

17
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://royallifecenters.com/employment-specialists/
Title: Employment Specialists

Search URL Search Domain Scan URL

URL: https://royallifecenters.com/alumni-services/
Title: Alumni Services

Search URL Search Domain Scan URL

URL: https://insightscare.com/royal-life-centers-accredited-facility-rendering-spotless-rehab-detox-services/
Title: here

Search URL Search Domain Scan URL

URL: https://legitscript.com/

Search URL Search Domain Scan URL

URL: http://www.naatp.org/resources/addiction-industry-directory/20592

Search URL Search Domain Scan URL

URL: https://whitebison.org/WellBrietyAffiliateTreatment.aspx

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Chapter5Recovery/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/royalatchapter5/

Search URL Search Domain Scan URL

URL: https://www.google.com/search?q=Chapter+5+recovery+arizona&rlz=1C1GCEU_enUS830US830&oq=Chapter+5+recovery+arizona&aqs=chrome..69i57.6159j0j4&sourceid=chrome&ie=UTF-8#lrd=0x872d2928870dba9b:0xcad456604948ef5c,1,,,

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

143 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
chapter5recovery.com/ 51 KB
13 KB 552ms
472ms Document
text/html 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: 76ea0414aafcb349b9ab21a93662ac1527d9d8c43496f3c58d79b3cd368ee289

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7998e9920ce390f2-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 14 Feb 2023 21:31:44 GMT
link: <https://chapter5recovery.com/wp-json/>; rel="https://api.w.org/" <https://chapter5recovery.com/wp-json/wp/v2/pages/31>; rel="alternate"; type="application/json" <https://chapter5recovery.com/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TvcDXCIR6f9E68uG19RUJy%2FuRPn0NPx0PfJZh2x1CCioX0BLvERmidIOgJwG8LqOdi6vL94Xu19oNjOA2OU%2FSouFWrbdpEcK5iXvM%2F8JDXyf%2FuPb6vfB8ZdCiXWOXVBu1sfFJOFR"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 2
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

GET
H2 200 t.js Show response
241167.tctm.co/ 56 KB
17 KB 236ms
118ms Script
application/x-javascript 2600:9000:2304:1a00:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://241167.tctm.co/t.js
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:1a00:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: 80dc8bfb477cf497e869d6486fcd88a50171de05708215a1e62e5b351bbdddfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:44 GMT
content-encoding: gzip
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
last-modified: Tue, 14 Feb 2023 21:31:44 GMT
server: ctm
x-amz-cf-pop: VIE50-P1
etag: W/63ebfdc00003ae0f1e96e38e-241167
x-cache: Miss from cloudfront
content-type: application/x-javascript
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-id: 28nJNV38HuvvsXr54f27_AXeU-E6Y1ye_5BkbVU7_2WL-Jv7AHQx2g==

GET
H2 200 css
fonts.googleapis.com/ 2 KB
993 B 90ms
33ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Julius+Sans+One|Fjalla+One|Libre+Franklin

Requested by

Host: chapter5recovery.com
URL: https://chapter5recovery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ac723b9c49819209d13d9ce97c1739524181702063b96ca6a363facf537cfad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 14 Feb 2023 21:31:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 21:31:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Feb 2023 21:31:44 GMT

GET
H2 200 style.min.css
chapter5recovery.com/wp-includes/css/dist/block-library/ 93 KB
13 KB 482ms
479ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://chapter5recovery.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"636e62ad-172a9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWDXf8ezkOHaKKMeyUnRr7J4gIxkfd60%2BFekD6mf9ITs6NeB9z%2FVxC1fHWd0E1soxGzXPMoG0Y6XzbtZJnYsIPq%2BeI5DGlQSgAnFyQ0yIjwa%2BEi%2BfvnNzJJdbwadaLHTvG2PLO9E"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7998e9950f7690f2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 classic-themes.min.css
chapter5recovery.com/wp-includes/css/ 217 B
485 B 514ms
511ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://chapter5recovery.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6357e86c-d9"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0LU%2FcgQuKCIixh7qgAMoX3Uus7y22fkTGMe80pzYu9EmG%2B1LZ%2BxJf5ppq9E6JxKCvRyjvl5oyNIEV411zcIB7Uf6BLaInqM9mp1vwodyyg7aJ5TpT20rX4flieNGueo88PpDTv2"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7998e9950f7990f2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 editor.css
chapter5recovery.com/wp-content/plugins/templately/assets/css/ 2 KB
912 B 36ms
33ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://chapter5recovery.com/wp-content/plugins/templately/assets/css/editor.css?ver=1.3.6
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d57ed361d70acff81f0c4a9e395358682ca058066f7cb34d6e804a6ade7f384

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 11:47:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 163590
etag: W/"62de82e8-854"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9PBujO1voqinoOvAy40ReFOgTQ%2FmWQcszPk5fZ%2BWeme2tv78fx3kBN9pD%2FaWUyJvfTPd2bAq18fdQtLTtFQuiVy7zQGhScf%2BIgqgmc8zyWrvlPNQ22if3w26uiS8ndnOdZNrSvG"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7998e9950f7a90f2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 734e5f942.min.css
chapter5recovery.com/wp-content/uploads/essential-addons-elementor/ 228 KB
28 KB 518ms
515ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://chapter5recovery.com/wp-content/uploads/essential-addons-elementor/734e5f942.min.css?ver=1676410288
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 479b77232094625d36126a09a25f165961b77f1f2ba3ebb8a9f8b9b7a3daff44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 25 Jul 2022 11:40:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62de8144-390e7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZODltEdOKRYZBMg9lhslvsqXeF00rhJcofQDv%2FhdR5QEZr%2BrpYsGpsiUFXdICzIFJ4MV9%2FxnwBA7L0ReJu2Ss01eV6Q8PTyjMf4HurIKKEJPaVdFRmxOzgoMcXPXYazRhX7F%2FFW"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7998e9950f7b90f2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 normalize.css
chapter5recovery.com/wp-content/themes/html5blank-stable/ 8 KB
2 KB 477ms
475ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://chapter5recovery.com/wp-content/themes/html5blank-stable/normalize.css?ver=1.0
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0baa2625178bc5ebc538f20e295742058efc73cbb6e517717d6bfa4ce6cc820e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 25 Jul 2022 11:39:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62de80e0-1f10"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NmXwq2245T3C7LllYSjTd9UAJS%2BQOofrns%2FNT%2Fyai9waQynNcPYK4mfPR8Ok7FcUNkXeRVU6P%2B3PYx29rvjmf10JdSuZh4YQIz3tfyVBUcOo%2FiMRQM49Ml17EihkGGrs2f%2B3ePQq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7998e9950f7c90f2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
chapter5recovery.com/wp-content/themes/html5blank-stable/ 58 KB
10 KB 483ms
481ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://chapter5recovery.com/wp-content/themes/html5blank-stable/style.css?ver=1.0
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5306a41be7a414000d99c95effb2fc7978fa3185f1e3e225f80fa9659891b079

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 25 Jul 2022 11:39:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62de80e0-e797"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69m5hGbQROkRtyWUODwiwuJND%2FbXMSEAlxT9l7spcM1WwoPbM6DtY%2BsmpGLFyqzztilsgxsTWYLx2Nri7Ncn6sgIMlNyYa%2BzR5NdkMpFqr8d9bh2ilSCnlJeXnA51ayk3cXcJUA9"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7998e9950f7d90f2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 conditionizr-4.3.0.min.js Show response
chapter5recovery.com/wp-content/themes/html5blank-stable/js/lib/ 1 KB
952 B 33ms
31ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://chapter5recovery.com/wp-content/themes/html5blank-stable/js/lib/conditionizr-4.3.0.min.js?ver=4.3.0
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbcb2921ab0b7450e3bcc89f8ae48430e794baf103c36a58eccf9b773a6dfc60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 11:39:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 163590
etag: W/"62de80e4-449"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2Brjt13OWxPMV2cJL7fGAw%2Bxy4TwKjY4cEQj596RbJTqVz2CS9yP1OmmdeEc4DdSjD1mRKWrygaiEOtCbDEOho4UFF%2FI2lvcGltg6iQJQroUYq0C3d4DIIITDprjVaRo2kb5Suc8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7998e9950f7f90f2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 modernizr-2.7.1.min.js Show response
chapter5recovery.com/wp-content/themes/html5blank-stable/js/lib/ 14 KB
6 KB 475ms
473ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://chapter5recovery.com/wp-content/themes/html5blank-stable/js/lib/modernizr-2.7.1.min.js?ver=2.7.1
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b2a741489fb323cd96e2b546693ca1fc7151cfa0f2111eee4dd512e6b359941

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 25 Jul 2022 11:39:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62de80e4-38fa"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oUOfYNlKC7iNxA61%2BXetKnhMj75zTOc7dBZzPkv9PP4RF%2FRlDLve8vxlisMVaZNvH7M9vO5nqz4EuVtpYPHihlUU%2BgW0RmszWm0RQQvkKKl3vs8BMYP6YEJU0Na35jvU6WuD7wDV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7998e9950f8090f2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
chapter5recovery.com/wp-includes/js/jquery/ 88 KB
32 KB 39ms
37ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://chapter5recovery.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 163590
etag: W/"632879b8-15e54"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YqFQwgOJVmDPQAwz5oLupLlE71LFV1OngKxWM7eRVmRV7cuv2osIN1plZjbfHMetcJ6CdCcAVQ4E0%2BfIckaBiLy9Aw9MjGgnjOEDxpGJ%2F8%2BcGveUEZ5bt2EtIR8AGSxlEEQXBQdh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7998e9950f8190f2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
chapter5recovery.com/wp-includes/js/jquery/ 11 KB
4 KB 35ms
33ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://chapter5recovery.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 163590
etag: W/"5fb4e3fe-2bd8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ED4u86wpUkp5Chq49f%2FVxowOcJEMGbsRGz5jBC20ya8HR40GEtB6%2Fik6l7YvtOc%2Brroea8yTKszE2S551UL1gRJ%2BWjCaXgVZzUayDmi7TuzthIF0iMVbokhYRoLZM22EC0P%2F9DW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7998e9950f8390f2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 scripts.js Show response
chapter5recovery.com/wp-content/themes/html5blank-stable/js/ 142 B
441 B 532ms
531ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://chapter5recovery.com/wp-content/themes/html5blank-stable/js/scripts.js?ver=1.0.0
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c2e41bd288629182c310a1c984015e357fba719d37825c4fa9fc05350557eab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 25 Jul 2022 11:39:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62de80e4-8e"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtMvQcSkbrrB2rqwL7IcescZiHQ0cIOe9SryvMyC6wSTcVCNn9dU8T9NguUuiKMd%2FAAvlGmMkl%2F5kTOp%2ForQcKv5CnBXyTuoVmBLqjr%2BugVavSXuc8Jq9SCGTSr3CsffLBq0uWCe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7998e9952fa290f2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 102ms
37ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-78597314-8

Requested by

Host: chapter5recovery.com
URL: https://chapter5recovery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6903857c13f7d2204d3067810b1ea50547504ee6f8c429f9f8e107f810a45863

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45126
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Feb 2023 21:31:45 GMT

GET
H3 200 chap5.png
chapter5recovery.com/wp-content/uploads/2019/01/ 36 KB
37 KB 529ms
522ms Image
image/png 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chapter5recovery.com/wp-content/uploads/2019/01/chap5.png
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 719ea554fe736e5169a7bb523cf9a8783da2e0fc3ed6b83dbb7cc1378a6f720b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
cf-cache-status: MISS
last-modified: Mon, 25 Jul 2022 11:41:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62de817a-9056"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNzmiJxTzk1eaCHW7HvehsPmZ79D6ZqXcciyIa3xEGo93FmoMbSij%2FzlqpduLWEzVcVffRSOsDrhjHVe%2FecPUPR2ezQc068lqJWYJrye6CFCSPVd60mbRIjQtPudv6eEsbXFafvo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7998e99888639a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36950

GET
H3 200 drphil.png
chapter5recovery.com/wp-content/uploads/2019/01/ 989 KB
990 KB 634ms
627ms Image
image/png 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chapter5recovery.com/wp-content/uploads/2019/01/drphil.png
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41c1196bec166436407460037acf0f1c64e6b512a40a83748a6aec1a2c46154a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
cf-cache-status: MISS
last-modified: Mon, 25 Jul 2022 11:41:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62de8160-f754b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kktl1X2PIP4uTLG6om8utltyW4x7APQ6y33fYeMYhMe%2BVIdKCcjjnq%2B39YqesUsHbQBUNVATYWNbmCNx0eqMVP230lG2ffH95cIBVTXPrV0hwHutc3yz%2BDJWBDR3%2F8nWsnglrnc7"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7998e99888649a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1013067

GET
H2 200 insights.png
d1cbloud6m3d4c.cloudfront.net/wp-content/uploads/2019/05/02184538/ 4 KB
5 KB 519ms
436ms Image
image/png 2600:9000:21f3:e600:1:9458:cb00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cbloud6m3d4c.cloudfront.net/wp-content/uploads/2019/05/02184538/insights.png
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:e600:1:9458:cb00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7d74fcd46283ff75a6b881ec32c502996451331d0428df1fc28af739e5bceff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:46 GMT
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
last-modified: Thu, 02 May 2019 18:45:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "22157b7c62d064341bb7321adf850e63"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4426
x-amz-cf-id: gcTSAlLdUBOmrF0OJwkmuawGqSxc0TmJ80PQ3A4PjvDcardQs3SS0g==
expires: Fri, 01 May 2020 18:45:42 GMT

GET
H2 200 carfcred.png
d1cbloud6m3d4c.cloudfront.net/wp-content/uploads/2018/06/ 21 KB
21 KB 116ms
33ms Image
image/png 2600:9000:21f3:e600:1:9458:cb00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cbloud6m3d4c.cloudfront.net/wp-content/uploads/2018/06/carfcred.png
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:e600:1:9458:cb00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a56a027ae7d13825094b55471e1fe07177c4d1823050e2469501c41e14fc5e92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 08:16:52 GMT
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
last-modified: Thu, 02 Aug 2018 18:56:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 47694
etag: "8767e39527b6450ebbf3850cb7c2da7f"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 21276
x-amz-cf-id: UpXRRcP5nNUq04unWovKvbbh_-Z_i_9bw3vuocSKQ9vHOKbkVInVPg==

GET
H2 200 jca.png
d1cbloud6m3d4c.cloudfront.net/wp-content/uploads/2018/06/ 20 KB
20 KB 134ms
51ms Image
image/png 2600:9000:21f3:e600:1:9458:cb00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cbloud6m3d4c.cloudfront.net/wp-content/uploads/2018/06/jca.png
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:e600:1:9458:cb00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 98cfc43629665f1f3484c3d647740344f7e7497d89c2ef0377a8ca2d0759fb2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:28:23 GMT
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
last-modified: Thu, 02 Aug 2018 18:57:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 203
etag: "c44e13024c23b2bb8c3d3fd1cdadc320"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 20511
x-amz-cf-id: 99yz2CnkAkJYm9tFEb-WykjSJqLTmkzLvopBFbqtLIK6tGMyoSfu7w==

GET
H2 200 3784221.js Show response
static.legitscript.com/seals/ 314 B
401 B 734ms
667ms Script
application/javascript 2606:4700::6812:1122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.legitscript.com/seals/3784221.js
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05bf1a6e446e2f533d47e80cfe170f676d120fe22c69cfe5ae48b67d29759aa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:46 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 21:01:52 GMT
server: cloudflare
etag: W/"63ebf6c0-13a"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 7998e998b97a9b95-FRA

GET
H2 200 NAATP_Provider_Member_Logo_website.png
d13dzd80tn4pg3.cloudfront.net/wp-content/uploads/2020/05/14181609/ 19 KB
19 KB 108ms
34ms Image
image/png 2600:9000:21f3:ce00:7:6419:34c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13dzd80tn4pg3.cloudfront.net/wp-content/uploads/2020/05/14181609/NAATP_Provider_Member_Logo_website.png
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ce00:7:6419:34c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d23fae43bcb666edee7bede8c9b3352916d8f2ff23f4bd46010f1f6a3addc6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 23:13:28 GMT
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
last-modified: Thu, 14 May 2020 18:16:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 166697
etag: "11cd7ef4b34eb7d411e6be8c46f7d7e5"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 19222
x-amz-cf-id: efIBAHRt-MqToD34qArpUUiWcJM1IooRwr3Y97yfJUMhVD-hqPc6cQ==
expires: Fri, 14 May 2021 18:16:11 GMT

GET
H2 200 psych.png
d13dzd80tn4pg3.cloudfront.net/wp-content/uploads/2019/03/04153838/ 6 KB
6 KB 102ms
29ms Image
image/png 2600:9000:21f3:ce00:7:6419:34c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13dzd80tn4pg3.cloudfront.net/wp-content/uploads/2019/03/04153838/psych.png
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ce00:7:6419:34c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44c158e94133655ce48de4f251aa517421e43b246ae531748c155cf85989ef27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 01:03:35 GMT
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 17:00:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 1024091
etag: "2420f152e0ba6ebe876172b9546604be"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5729
x-amz-cf-id: Fm7ZS5KLP0Fln_PbAP5BtiBBE_RLnsqYuCLJvBiv86KU_rVteXmdqg==
expires: Fri, 09 Oct 2020 17:00:49 GMT

GET
H2 200 ASAM-logo-accreditations-e1588626348120.png
d13dzd80tn4pg3.cloudfront.net/wp-content/uploads/2020/05/04210530/ 20 KB
20 KB 123ms
50ms Image
image/png 2600:9000:21f3:ce00:7:6419:34c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13dzd80tn4pg3.cloudfront.net/wp-content/uploads/2020/05/04210530/ASAM-logo-accreditations-e1588626348120.png
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ce00:7:6419:34c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc0bde79e9682328fabd2752ef0889055cb7a681f17be804a99b9aa3004ee00e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 23:13:28 GMT
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
last-modified: Mon, 04 May 2020 21:05:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 166697
etag: "a4a8a8eb2e42d7a85d457373af8d336c"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20432
x-amz-cf-id: t0knRRAB9ps0iOnQBLKyW9SP-JCepXikhHL7uoLyBGY5qSSteUXRNg==
expires: Tue, 04 May 2021 21:05:50 GMT

GET
H2 200 wellbriety-sig.png
d13dzd80tn4pg3.cloudfront.net/wp-content/uploads/2020/07/15221344/ 25 KB
25 KB 289ms
216ms Image
image/png 2600:9000:21f3:ce00:7:6419:34c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13dzd80tn4pg3.cloudfront.net/wp-content/uploads/2020/07/15221344/wellbriety-sig.png
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ce00:7:6419:34c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de54340d68d5ce85f4204228ecbcd08b6a57427b3e2e83a8e1c9a0d8e5ffed5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:46 GMT
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
last-modified: Wed, 15 Jul 2020 22:13:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "ad7de6e2206ed7bf2e55bbe9f09f3d95"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 25670
x-amz-cf-id: 1hZV7CP-Tt9HkozD9I59eeg6vdZGy7gE95MmE7Ad1W3Lu6Tqwp5-3Q==
expires: Thu, 15 Jul 2021 22:13:45 GMT

GET
H3 200 drug-rehab-washington.jpg
chapter5recovery.com/wp-content/uploads/2019/01/ 81 KB
81 KB 631ms
625ms Image
image/jpeg 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chapter5recovery.com/wp-content/uploads/2019/01/drug-rehab-washington.jpg
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1454b8d84b5a8a1dd974fc716c4bf7b6e21f3f00724fd0549948c3dfd3f035a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
cf-cache-status: MISS
last-modified: Mon, 25 Jul 2022 11:41:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62de815c-1430b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fDGnaIwQ91gWw66S3BPszhJGQQ3q6tl8fCEq35Io6ozY983zR4VawTeQ9%2FgMFNM8i97r2%2BbKi4GKAuAev1aEr1sC847F%2B5ju6eA2Qx8R6QtqhPr8qWtW8Tc99cY8vkD3iwWtUT88"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7998e99888659a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 82699

GET
H2 200 Alcohol-Drug-and-Other-Rehab-Centers-in-Prescott-AZ-Badge-300x244-1.png
d13dzd80tn4pg3.cloudfront.net/wp-content/uploads/2020/12/08160845/ 65 KB
66 KB 62ms
60ms Image
image/png 2600:9000:21f3:ce00:7:6419:34c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13dzd80tn4pg3.cloudfront.net/wp-content/uploads/2020/12/08160845/Alcohol-Drug-and-Other-Rehab-Centers-in-Prescott-AZ-Badge-300x244-1.png
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ce00:7:6419:34c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4bdd31f06897265670c0d3a6c5fac6217beabac01058065ed5953f5d100cc7cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 23:13:28 GMT
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
last-modified: Tue, 08 Dec 2020 16:09:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 166697
etag: "217e7f6cacdee10b6b43d85b14952fcd"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 66754
x-amz-cf-id: psw1i_Sc7xEWiKI-xClTpuJ6H-MX_TEJM6TIN_2WVIenzIqAuSwSSQ==
expires: Wed, 08 Dec 2021 16:09:07 GMT

GET
H3 200 alcohol-detox-az.jpg
chapter5recovery.com/wp-content/uploads/2019/01/ 59 KB
59 KB 608ms
603ms Image
image/jpeg 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chapter5recovery.com/wp-content/uploads/2019/01/alcohol-detox-az.jpg
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55ff1e65d1197088d96bcf3e4e3fd2b773f51ac3cca2f13d6b7f2a46b6405333

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
cf-cache-status: MISS
last-modified: Mon, 25 Jul 2022 11:41:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62de8176-ebe5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WyzwT4jpOId54JQoxkh1w1lNSO51jw642PoaKfU68wIQ8kAkYbisq99sZNVv4xyb%2FwYvR46fucSnP3iLs3shKtKaoE24FrGXlGvCTGG3cp1k%2Bqxis7o5Gux%2FEp2Q%2FLO5tzplJ64t"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7998e99888669a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60389

GET
H3 200 drug-detox-arizona.jpg
chapter5recovery.com/wp-content/uploads/2019/01/ 58 KB
59 KB 653ms
648ms Image
image/jpeg 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chapter5recovery.com/wp-content/uploads/2019/01/drug-detox-arizona.jpg
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42fb5e5ca2eca081bba10840c6bed7a3b69a5623b33a87c955f64fe538cbe5a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
cf-cache-status: MISS
last-modified: Mon, 25 Jul 2022 11:41:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62de8164-e842"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2BpoSuFbWgDSdaCgjE4Fjt9L6q1PljibvH7IO0PxhilBxjf6ldzb98hplQhLnWEhMaWn7%2FRklWc1tZ21vAB4NOFXnmbjOIxqZXgmkvAodGt9zMXvvURE6BrGnp0quu%2BUWZTUxm93"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7998e99888679a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59458

GET
H3 200 inslogowhite1.png
chapter5recovery.com/wp-content/uploads/2019/01/ 4 KB
5 KB 503ms
497ms Image
image/png 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chapter5recovery.com/wp-content/uploads/2019/01/inslogowhite1.png
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcb9027719cf3fd6a830edefda94b5aa48ec728328b1e267661a4c02ffe95914

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
cf-cache-status: MISS
last-modified: Mon, 25 Jul 2022 11:41:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62de816a-10e2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abELvZxkvWorfZdjY8lTD3iWj5C7c9Db88csnCy0cece%2F3jzP%2Fk%2BRO0dTppVcAzccrW06rHNP7jF3fnDKHIteawSTE9K%2FoYQE%2FNQcbjqVGx6I%2FnxeCZzH%2B8CNNeEjcuxpaPTw6Io"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7998e99888689a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4322

GET
H3 200 inslogowhite6.png
chapter5recovery.com/wp-content/uploads/2019/01/ 3 KB
4 KB 503ms
497ms Image
image/png 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chapter5recovery.com/wp-content/uploads/2019/01/inslogowhite6.png
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c87f438cf878c7c18f5a436c5e9c403e183848d1182458123d66396573c33c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
cf-cache-status: MISS
last-modified: Mon, 25 Jul 2022 11:41:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62de8172-d54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ztA%2BYWYS22pC%2FgHjx09asXsTwyF9QTDKPeWlSaw7jR4EWGulsBkSTNXPhoC3vXZ27VQgPCr7Sb4UWqW6fPF0xZkoQKt2IenAGOQ4UsBxiVoqWQzwKZlyHOr7xsITrjbay5NW9qxH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7998e99888699a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3412

GET
H3 200 inslogowhite5.png
chapter5recovery.com/wp-content/uploads/2019/01/ 3 KB
4 KB 503ms
498ms Image
image/png 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chapter5recovery.com/wp-content/uploads/2019/01/inslogowhite5.png
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66a63e7f4510fb5ce40a505e94589266565d7d96a683de5e0de2b30d2080bb0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
cf-cache-status: MISS
last-modified: Mon, 25 Jul 2022 11:41:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62de8178-c81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMAfp3xKdx7dsFdZee5Gbl0KhraqQh3%2BxT3eDlXa4ArqYmts34haaMqC7q3yi8H6H7RWYeHoRHDwGgooYvcTK0lLNBG%2Bhi6hfHutc3J%2BdUFR8hB2iV2yi2p%2FdFvaT5TeYfKKY%2BD6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7998e998886a9a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3201

GET
H3 200 inslogowhite3.png
chapter5recovery.com/wp-content/uploads/2019/01/ 4 KB
4 KB 504ms
498ms Image
image/png 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chapter5recovery.com/wp-content/uploads/2019/01/inslogowhite3.png
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d583cbfc3f9044c6e82a6bdc967f41475cde7ae98af59486047de237d7f35b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
cf-cache-status: MISS
last-modified: Mon, 25 Jul 2022 11:41:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62de817e-f1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRyazZzdKv25%2Foh5QhLBlgWcqN%2FBtv%2FvNgvyZSoLzYwbqq3F2nC7gDyJwmWO8Sm35rgxtz0gz6wtUfd94yI4Up4Swik57qg7b9AVzu6GolDIhwpQ9eCyrcfw8RrSDMGgLLHeHIj9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7998e998886c9a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3868

GET
H2 200 drug-treatment.jpg
d13dzd80tn4pg3.cloudfront.net/wp-content/uploads/2019/02/01150642/ 21 KB
21 KB 34ms
32ms Image
image/jpeg 2600:9000:21f3:ce00:7:6419:34c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13dzd80tn4pg3.cloudfront.net/wp-content/uploads/2019/02/01150642/drug-treatment.jpg
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ce00:7:6419:34c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a9a2ecc6388ccda40b751c88bde471c7b5f721e54ab4f87fc5cbbd6dde9d640

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 23:13:28 GMT
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 17:02:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 166697
etag: "00225b878d782a7a9cf806ac1fc28082"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 21054
x-amz-cf-id: gvim2FiP1oOWYy2nb9yE8F-OaaGoTo9ZqWgONsXvOzNX_LUlpyj0uQ==
expires: Fri, 09 Oct 2020 17:02:33 GMT

GET
H2 200 social-1.png
d1cbloud6m3d4c.cloudfront.net/wp-content/uploads/2018/07/ 1 KB
1 KB 426ms
425ms Image
image/png 2600:9000:21f3:e600:1:9458:cb00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cbloud6m3d4c.cloudfront.net/wp-content/uploads/2018/07/social-1.png
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:e600:1:9458:cb00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 128a83fca29e19a94dc5c5a2d97ca0ebeb0bf4902b0cac565406d8cc30bd5b48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:46 GMT
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
last-modified: Thu, 02 Aug 2018 18:57:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "d4375e5409cbdbc2e0c740789a148358"
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1176
x-amz-cf-id: XKHUi4TcR7TSdsHL5oBOaRDVJWW36zS_vScio4XImJ5uABc80hf30g==

GET
H2 200 social-2.png
d1cbloud6m3d4c.cloudfront.net/wp-content/uploads/2018/07/ 1 KB
2 KB 419ms
417ms Image
image/png 2600:9000:21f3:e600:1:9458:cb00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cbloud6m3d4c.cloudfront.net/wp-content/uploads/2018/07/social-2.png
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:e600:1:9458:cb00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0276a9153b055c40f31f7fb197269353422f0e5c299d541bd6c3e31ea2623786

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:46 GMT
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
last-modified: Thu, 02 Aug 2018 18:57:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "5c84ebe5622ede80143725bb4d575639"
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1391
x-amz-cf-id: -IMbUifYDNkXBa30J9PrYPo011W6WEP2B-CuJYNGKamUrHQju893UA==

GET
H2 200 social-4.png
d1cbloud6m3d4c.cloudfront.net/wp-content/uploads/2018/07/ 1 KB
2 KB 429ms
427ms Image
image/png 2600:9000:21f3:e600:1:9458:cb00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cbloud6m3d4c.cloudfront.net/wp-content/uploads/2018/07/social-4.png
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:e600:1:9458:cb00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc4ccd0458e188ca8e9b234350ba26df8ea2b29b6ce288aa01aceb2f7cf342df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:46 GMT
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
last-modified: Thu, 02 Aug 2018 18:57:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "1f7f2a3406e85e492a4ab584f16d7779"
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1331
x-amz-cf-id: 98W8FdqoHhYmQDwLt-u0oG5BJ5JoVWxW12f15JlicmyEDloR_-ldeg==

GET
H3 200 regenerator-runtime.min.js Show response
chapter5recovery.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 504ms
504ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://chapter5recovery.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6254194e-194b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCHnFFwJ5Adg6V%2BHy5DOQFMobR35Fk5U9HlZcEl0bzlh%2B%2Bkyf5OAwTG4lVia2JX0tpikHrhFlkGZC2ii1btot4qUJIO2xnDr2zoyaeEU747dvLZjttuALuown63rirn%2F4qtW6EQY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7998e99888549a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 wp-polyfill.min.js Show response
chapter5recovery.com/wp-includes/js/dist/vendor/ 17 KB
7 KB 480ms
479ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://chapter5recovery.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6329dfa1-459f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HFG8OQ85ceAOQxyHRKlBGGqDzM1GFdJZPmmFwXW4BEv43v3D2WoS7rx5NSy%2FvkDDiQXgy52D70xJWQTj5edNQoRXXSoSFRDA0eWGUtBgNiA4yLi77juXLaLRY2lWo9ebKA1%2FPnA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7998e99888559a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 index.js Show response
chapter5recovery.com/wp-content/plugins/contact-form-7/includes/js/ 21 KB
7 KB 481ms
474ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://chapter5recovery.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e89d7526092c671c0a01bd02152a595271fb97f87bbd3ba379b5e8b1071f6b2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 25 Jul 2022 11:47:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62de82ee-5590"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1c9WVHkz0uLfbRpagOlDd5hpYMXagDCsFPGSrQnaCcgvhfLpIGOTRlliQnHhDDnOorHAbgijEY5hBE6wkpwrRQPP1m%2BHL7JwfoPg4C1joiwY797Sctb2XBv0%2F5Sz1xJdPzwN6oSg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7998e998885f9a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 frontend-scripts.min.js Show response
chapter5recovery.com/wp-content/plugins/wp-google-analytics-events/js/dist/ 5 KB
2 KB 505ms
498ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://chapter5recovery.com/wp-content/plugins/wp-google-analytics-events/js/dist/frontend-scripts.min.js?ver=1.0
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e71e6e86f65a19007376a38c66c6a4a8716b8f91c758ffac27850985e9cc609a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 25 Jul 2022 11:47:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62de82e2-137b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wfjlZuMf%2BIN3prB8huUDdzddDlw8%2FZTUBzRd7hwpjrDJsDrFcdmeRaX%2BRqxAtcZ3Yw92J6jpg5DBOYeEz2bAERLehmXdEG%2BPkwBrE8td%2FehXGXnX6IlhJsy%2Bqyhw0u63sK8fZkFx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7998e99888609a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 919 B
899 B 66ms
58ms Script
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit

Requested by

Host: chapter5recovery.com
URL: https://chapter5recovery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

77883d6b9ad48d3b6b332cf051b1b4c9a767a96edd37c242db46493815f67aeb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 579
x-xss-protection: 1; mode=block
expires: Tue, 14 Feb 2023 21:31:45 GMT

GET
H3 200 734e5f942.min.js Show response
chapter5recovery.com/wp-content/uploads/essential-addons-elementor/ 271 KB
74 KB 668ms
661ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://chapter5recovery.com/wp-content/uploads/essential-addons-elementor/734e5f942.min.js?ver=1676410288
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a603012d28ff819dfab9077ffc69128ff8d90ee42db185e029cec86b2ce0ef34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 25 Jul 2022 11:40:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62de8144-43b0f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDh%2BTurInxo0u18vZQrwN2bDkALr5a1dQ%2BZ7SmSesdm6%2Bk1%2FpB0zwpcALZmEmdITOfPnpe2Vfk3aupqa5Ukjhz0tfpu1GZeyH4Agcl1Y%2B%2FDQXS3pjsRAehNiAW3PvjNHHwpRi4%2Fr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7998e99888619a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
651 B 168ms
63ms Script
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfsTqcUAAAAAC1Q62hQDTFfdkKctRa1FmmCP3pH&ver=3.0

Requested by

Host: chapter5recovery.com
URL: https://chapter5recovery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ac7fe6b3666879500bf7d0455ba34fe582660ef3cc66075414ec444f3f5b399f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 582
x-xss-protection: 1; mode=block
expires: Tue, 14 Feb 2023 21:31:45 GMT

GET
H3 200 index.js Show response
chapter5recovery.com/wp-content/plugins/contact-form-7/modules/recaptcha/ 999 B
977 B 524ms
517ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://chapter5recovery.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.1
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 25 Jul 2022 11:48:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62de82f2-3e7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khLMQMtZf0nEZnKW6uh7M79P68ehRUb6hCeSPVplg2qCQhHjeaLq%2FoJILSEVBknOh1ljqcjilphdWuYPp2VAFCq7RUd83X2%2FfS%2BVis423CLfeBMVIBG3yCrYCuZgehbnQOGEhF78"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7998e99888629a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 141 KB
54 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TJNBVFM

Requested by

Host: chapter5recovery.com
URL: https://chapter5recovery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f7eff1cc2591b25382e2f42fbde2501a291a5dead80c4b0e165cf32b0e2fd94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54894
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Feb 2023 21:31:45 GMT

GET
H2 200 talkfurther_init.min.js Show response
js.talkfurther.com/ 43 KB
13 KB 174ms
23ms Script
application/javascript 2600:9000:20eb:be00:1f:523f:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.talkfurther.com/talkfurther_init.min.js
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:be00:1f:523f:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 124cd3f417060e4502bd4f2082ef0cd5643e6f7cfa02ec5434022dfcab018aed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 09:34:23 GMT
content-encoding: gzip
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
last-modified: Fri, 20 Jan 2023 14:54:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 60129
etag: W/"f9047eb6f5963e2e6062419c40712b8d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Ysb1DI8DN6Qgsmd9U7slLwE5MRobEX-w0vC-QnyvKQ5dZwEgoBLUDw==

GET
H2 200 t.js Show response
241167.tctm.co/ 56 KB
17 KB 119ms
114ms Script
application/x-javascript 2600:9000:2304:1a00:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://241167.tctm.co/t.js
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:1a00:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: 80dc8bfb477cf497e869d6486fcd88a50171de05708215a1e62e5b351bbdddfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
content-encoding: gzip
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
last-modified: Tue, 14 Feb 2023 21:31:45 GMT
server: ctm
x-amz-cf-pop: VIE50-P1
etag: W/63ebfdc00003ae0f1e96e38e-241167
x-cache: Miss from cloudfront
content-type: application/x-javascript
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-id: nmhGCDzJlnGPE2plU8Y0jToE9vSi6s0Ut_nsm0zp3q55BOcXP0eQsA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 146ms
74ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: chapter5recovery.com
URL: https://chapter5recovery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 14 Feb 2023 21:31:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: LYvGI2IR5h7c3fuebJT5KecmcOW7mgbxxzpJ/JnKz8yDPvIGsK030EPddYI2EA4W3s9UJ0ym6bwWgab0WMUEpw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 179ms
90ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: chapter5recovery.com
URL: https://chapter5recovery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 14 Feb 2023 21:31:44 GMT
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E9D9B221725C4252AC01164F79339A1E Ref B: FRA31EDGE0607 Ref C: 2023-02-14T21:31:45Z
etag: "076bc30652fd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11552

GET
H2 200 1Pt2g8TAX_SGgBGUi0tGOYEga5WOwnsX.woff2
fonts.gstatic.com/s/juliussansone/v14/ 16 KB
16 KB 92ms
30ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/juliussansone/v14/1Pt2g8TAX_SGgBGUi0tGOYEga5WOwnsX.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Julius+Sans+One|Fjalla+One|Libre+Franklin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

964362fd7e113edc6f34832b645b184160bb47c17af3119cb89071b05d6f1a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://chapter5recovery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 16:52:37 GMT
x-content-type-options: nosniff
age: 16748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:34:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Feb 2024 16:52:37 GMT

GET
H2 200 Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
fonts.gstatic.com/s/fjallaone/v13/ 16 KB
17 KB 84ms
22ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/fjallaone/v13/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Julius+Sans+One|Fjalla+One|Libre+Franklin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54eb546ba2203d87ad9a38ffdb92fdfed9733e08239dbea692a1ca059a287480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://chapter5recovery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 18:29:51 GMT
x-content-type-options: nosniff
age: 10914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16588
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:38:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Feb 2024 18:29:51 GMT

GET
H3 200 drug-detox-washington.jpg
chapter5recovery.com/wp-content/uploads/2019/01/ 467 KB
467 KB 642ms
641ms Image
image/jpeg 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chapter5recovery.com/wp-content/uploads/2019/01/drug-detox-washington.jpg
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/wp-content/themes/html5blank-stable/style.css?ver=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ae1822e36451bc7b0823268f85e3c4fc853b35c6255dd043b4c6c0d8fbbf3f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/wp-content/themes/html5blank-stable/style.css?ver=1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
cf-cache-status: MISS
last-modified: Mon, 25 Jul 2022 11:41:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62de817c-74aee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kpzCJ3yPKTVIjxGHSz3Rhen3ImNyGyx7z6GWaqClz96SNBeQJpFm9A0a5COg2BVf79iNTDK83KL%2Bi3iUxUDl%2F30kjV6DWeRodFIzFQgFTFVQSqZ3jiC5Uti6Q8cSyejMSWtd5Qjv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7998e99898769a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 477934

GET
H2 200 jizOREVItHgc8qDIbSTKq4XkRg8T88bjFuXOnduhLsWkANDJ.woff2
fonts.gstatic.com/s/librefranklin/v13/ 14 KB
14 KB 88ms
46ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v13/jizOREVItHgc8qDIbSTKq4XkRg8T88bjFuXOnduhLsWkANDJ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Julius+Sans+One|Fjalla+One|Libre+Franklin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b49f91c87827ee6adc5a811c73e6a1b493adc72a8c0a832fc4c77e80c0226ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://chapter5recovery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 18:06:38 GMT
x-content-type-options: nosniff
age: 357907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:54:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 18:06:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
76 KB 92ms
91ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RLSXSCMVR5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-78597314-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5bb6bd1eb45721d054b78ed5ad5308a8192aa3d48f72567aeebe67cee75b23a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77871
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Feb 2023 21:31:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 185ms
36ms Script
text/javascript 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-78597314-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Feb 2023 21:12:06 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1179
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 14 Feb 2023 23:12:06 GMT

GET
H2 200 stat.js Show response
www.clickcease.com/monitor/ 171 KB
54 KB 126ms
30ms Script
application/javascript 2600:9000:20eb:7a00:15:a0d3:77c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickcease.com/monitor/stat.js

Requested by

Host: chapter5recovery.com
URL: https://chapter5recovery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:7a00:15:a0d3:77c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4f9687af855e3702920c9feedcf07596807bf43bcd8de0b543ffee66f98e1a22

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

x-amz-version-id: 6Er2d0GJvgnFniPQXIH7h8kzG7dJBNJf
content-encoding: gzip
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
date: Tue, 14 Feb 2023 21:31:42 GMT
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
x-amz-cf-pop: FRA2-C1
age: 4
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Nov 2022 11:31:37 GMT
server: AmazonS3
etag: W/"1c27f449b067550681f23ad3e53988fa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: microphone 'none'; camera 'none';
x-amz-cf-id: fcke4_n-KRaNzetVoODdzAuX-GRFO6BG5-lYwAyEvLATI_XBNhoUaw==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 85ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RLSXSCMVR5&gtm=45je32d0&_p=671783218&cid=1530749564.1676410306&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676410305&sct=1&seg=0&dl=https%3A%2F%2Fchapter5recovery.com%2F&dt=Drug%20Detox%20and%20Treatment%20Center%20-%20Royal%20Life%20Centers%20at%20Chapter%205%20WA%20%3A%20Royal%20Life%20Centers%20at%20Chapter%205&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RLSXSCMVR5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 21:31:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://chapter5recovery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
21 KB 24ms
22ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.95

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 14 Feb 2023 21:31:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: OvlnsiPZOWw//DyqCWUglGYZgUHhYQNuTaE8qEZtAXoNN6XemZLtwJOeOVrflzTgVz8rDPy5b0/hDly6sgcT+A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 498762644204504 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 514ms
514ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/498762644204504?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

20e82263d05a2639052af63ddb0c7c43bfd53ae4eab5e8a9a866cc5feccd71a5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 14 Feb 2023 21:31:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: EIShd49+C6Rhw3Akmi/bxofMbjR4ALgQ9bc3c6KGErnFP4fjCRpC1fvzOSTyuiLJpMFBUp9H7H6G0dR0S1g6EA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 famchat.v3.js Show response
vsa.talkfurther.com/ 307 KB
102 KB 170ms
37ms Script
application/javascript 2600:9000:223c:800:6:4c42:9b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vsa.talkfurther.com/famchat.v3.js
Requested by: Host: js.talkfurther.com
URL: https://js.talkfurther.com/talkfurther_init.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:800:6:4c42:9b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27ebed7e8a456f3b5135136a8672cf0cc61ea529a3a035bb9b5aad56fa542a86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:03:09 GMT
content-encoding: gzip
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
last-modified: Tue, 14 Feb 2023 13:02:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 1717
etag: "6e05d49f9ef777e3d9baec6f0c1cb9ec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=7200
content-length: 104138
x-amz-cf-id: XQmulXvpbh9by6rfUPNrcer-Pi22rDo-Ot9ALFH2xDAcNDxZJ9QyDw==
x-amz-meta-etag: t7++6DXu7T0fzIKP2NKgpg==

GET
H2 200 embedded-vsa.js Show response
evsa.talkfurther.com/ 571 KB
159 KB 127ms
23ms Script
application/javascript 2600:9000:21f3:7c00:1f:a2da:e400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://evsa.talkfurther.com/embedded-vsa.js
Requested by: Host: js.talkfurther.com
URL: https://js.talkfurther.com/talkfurther_init.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7c00:1f:a2da:e400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf211abf206a36de9b3d8ab8aa2281117f825fad5c408b324fa821436404bb45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 13:04:08 GMT
content-encoding: gzip
via: 1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront)
last-modified: Tue, 14 Feb 2023 13:03:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 30458
etag: "e3289f647a463e9ff0d7f17a818fc346"
x-cache: Hit from cloudfront
content-type: application/javascript
content-length: 162741
x-amz-cf-id: EHLaFnr7smW331EXSY2b2X-f1vGfZsaVAfQ5PUe7hlry4lyRbKMfuw==

POST
H2 201 visits Show response
api.talkfurther.com/api/chat/ 97 B
318 B 244ms
244ms Fetch
application/json 3.219.106.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.talkfurther.com/api/chat/visits

Requested by

Host: js.talkfurther.com
URL: https://js.talkfurther.com/talkfurther_init.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.219.106.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-219-106-100.compute-1.amazonaws.com

Software

nginx /

Resource Hash

363221ad4a947b0cc6018970538444c8000aa26bff2879a4b248d2e889c37a7d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept: application/json
Referer: https://chapter5recovery.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
content-type: application/json

Response headers

date: Tue, 14 Feb 2023 21:31:47 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept, Origin, Cookie
content-type: application/json
allow: OPTIONS, POST
access-control-allow-origin: https://chapter5recovery.com
access-control-allow-credentials: true
content-length: 97

OPTIONS
H2 200 visits
api.talkfurther.com/api/chat/ Frame 0
0 1520ms
1073ms Preflight
text/html 3.219.106.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.talkfurther.com/api/chat/visits
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.106.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-106-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://chapter5recovery.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, x-checksum
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://chapter5recovery.com
access-control-max-age: 86400
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 14 Feb 2023 21:31:47 GMT
server: nginx
vary: Accept-Encoding Origin

GET
H2 204 13007602.js Show response
bat.bing.com/p/action/ 0
117 B 115ms
115ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/13007602.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 14 Feb 2023 21:31:44 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 21E41F4E302A46ABAA20DFBF2A711CC9 Ref B: FRA31EDGE0607 Ref C: 2023-02-14T21:31:45Z
x-cache: CONFIG_NOCACHE

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
210 B 58ms
57ms XHR
text/plain 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=671783218&t=pageview&_s=1&dl=https%3A%2F%2Fchapter5recovery.com%2F&ul=en-us&de=UTF-8&dt=Drug%20Detox%20and%20Treatment%20Center%20-%20Royal%20Life%20Centers%20at%20Chapter%205%20WA%20%3A%20Royal%20Life%20Centers%20at%20Chapter%205&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=813428198&gjid=157041805&cid=1530749564.1676410306&tid=UA-78597314-8&_gid=1898632722.1676410306&_r=1&gtm=457e32d0&z=563745310

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://chapter5recovery.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 21:31:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://chapter5recovery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p.js Show response
241167.tctm.co/ 74 B
443 B 104ms
103ms Script
application/x-javascript 2600:9000:2304:1a00:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://241167.tctm.co/p.js?sid=63ebfdc00003ae0f1e96e38e&p=1615844.1.888.534.9140&
Requested by: Host: 241167.tctm.co
URL: https://241167.tctm.co/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:1a00:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: c4b1a881faf6b4c9c4b9d1141beb460c2b4b3d305f9b709ac77debbe0a74674b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:45 GMT
content-encoding: gzip
via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
server: ctm
x-amz-cf-pop: VIE50-P1
x-cache: Miss from cloudfront
content-type: application/x-javascript
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-id: QIrL3i32t9WkgmNw5wETO9KfPLRxCsiU_0rQQJbzbq8rnjMnvqv3kA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 94ms
31ms XHR
text/plain 2a00:1450:4025:401::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-78597314-8&cid=1530749564.1676410306&jid=813428198&gjid=157041805&_gid=1898632722.1676410306&_u=YADAAUAAAAAAACAAI~&z=260640877

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chapter5recovery.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 14 Feb 2023 21:31:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://chapter5recovery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 73ms
72ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-78597314-8&cid=1530749564.1676410306&jid=813428198&_u=YADAAUAAAAAAACAAI~&z=2088775924

Requested by

Host: chapter5recovery.com
URL: https://chapter5recovery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 21:31:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 163ms
70ms Image
image/gif 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-78597314-8&cid=1530749564.1676410306&jid=813428198&_u=YADAAUAAAAAAACAAI~&z=2088775924

Requested by

Host: chapter5recovery.com
URL: https://chapter5recovery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 21:31:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3784221.png
static.legitscript.com/seals/ 15 KB
15 KB 825ms
825ms Image
image/png 2606:4700::6812:1122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.legitscript.com/seals/3784221.png
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2045cfea6d2ac0f8d552a0163c75586dae6673c05e9b90030f224cbd5b138bce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:46 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Feb 2023 21:01:52 GMT
server: cloudflare
etag: "63ebf6c0-3b9b"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 7998e99ceee19b95-FRA
content-length: 15259

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ 406 KB
163 KB 132ms
36ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfsTqcUAAAAAC1Q62hQDTFfdkKctRa1FmmCP3pH&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0924e5af960e9110d8424b1a364b61a5bcd949d53bcca312d0474dcb8c64a478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chapter5recovery.com/
Origin: https://chapter5recovery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 16:12:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166252
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 03:04:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Feb 2024 16:12:57 GMT

GET
H2 200 default Show response
embed.tawk.to/58b909f31919dc09f90e9091/ 2 KB
938 B 532ms
474ms Script
application/x-javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/58b909f31919dc09f90e9091/default

Requested by

Host: chapter5recovery.com
URL: https://chapter5recovery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a18017415b08aa80ce9fe8c4e790bb4f0d05c30f0bd2d2a68880b44223a803c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chapter5recovery.com/
Origin: https://chapter5recovery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:46 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
server: cloudflare
etag: W/"stable-v4-63b77dcd282"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 7998e99d6dc2918e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 servicebg.jpg
chapter5recovery.com/wp-content/uploads/2019/01/ 118 KB
119 KB 607ms
606ms Image
image/jpeg 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chapter5recovery.com/wp-content/uploads/2019/01/servicebg.jpg
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/wp-content/themes/html5blank-stable/style.css?ver=1.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a776a2ab6b13f3c6443b7fc85d82f8f4842cc45caa183d0701b9bedc97e7648

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/wp-content/themes/html5blank-stable/style.css?ver=1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:46 GMT
cf-cache-status: MISS
last-modified: Mon, 25 Jul 2022 11:41:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62de817c-1d8b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjzoy5R13vJrCebPCStn8NiTypZ%2BxyQeM6z%2Fi%2BBCGkjY3DX4cdA0PE0ToEuQWhDKb6c%2BkAcfv7dPVMQNNiW4%2BTxd7YZweMXKzEFCCuFpQqCK0T37i%2F9J8m2pr3iAc0b6h99RaCPe"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7998e99d0ddf9a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 121012

GET
H3 200 Insurance-Pay-for-Drug-Rehab.png
chapter5recovery.com/wp-content/uploads/2022/11/ 479 KB
480 KB 616ms
612ms Image
image/png 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chapter5recovery.com/wp-content/uploads/2022/11/Insurance-Pay-for-Drug-Rehab.png
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f88e842133e01de6caa60ae5e4b67c7f2e0e4dc0d540380eac46fffd8c0ea7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:46 GMT
cf-cache-status: MISS
last-modified: Fri, 18 Nov 2022 22:46:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63780b30-77d29"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5uCkNkOYyACjz9vYlookGxYaoW0BGoYTjIxy8TMHRRR%2FKxBQTfT8bPPVeqWntoX4jVyNC0FSklu6i2%2F%2FnXioCJx4BzYr%2BegUaFojyzrfHcpHHVSC7Lo8cVf1vc8iydl1ScI0WWl"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7998e99d2e1e9a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 490793

GET
H3 200 Nutrition-in-Rehab-1.png
chapter5recovery.com/wp-content/uploads/2022/09/ 568 KB
569 KB 614ms
609ms Image
image/png 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chapter5recovery.com/wp-content/uploads/2022/09/Nutrition-in-Rehab-1.png
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 431a230730dbfbb0a7e6204569e8b545144ed2b383d76f2e36c9b8a555c84406

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:46 GMT
cf-cache-status: MISS
last-modified: Fri, 30 Sep 2022 20:56:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "633757fb-8e13a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=50%2FODHwYFhu0WWpe8lBC7%2Fj%2BwDqt5JptiETQlXhzNdOkHaRqG4OpNVRzUfM5AN9OmNZ0iqQgsLr332RCIMVkttwUZ%2BXZyC28UofSXVM6rx2O%2FHfJuuao70AlwqYuf%2BdIBSN2wqyq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7998e99d2e219a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 581946

GET
H3 200 noah-silliman-gzhyKEo_cbU-unsplash-scaled-1-2048x1366.jpg
chapter5recovery.com/wp-content/uploads/2022/06/ 124 KB
125 KB 619ms
614ms Image
image/jpeg 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chapter5recovery.com/wp-content/uploads/2022/06/noah-silliman-gzhyKEo_cbU-unsplash-scaled-1-2048x1366.jpg
Requested by: Host: chapter5recovery.com
URL: https://chapter5recovery.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ea2bcbf3ebd13693717a10f17c511bdd0985bc5a4b83b1d08f329944fec40a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:46 GMT
cf-cache-status: MISS
last-modified: Mon, 25 Jul 2022 11:40:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62de8124-1f121"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyhU6YxddHM1QudslcTAGJvofCvnOwg%2F%2BWRvAq1ePMTtjIxWoUGnhF0gZF%2FYF9WkZ1B4uq84cy%2Fw5id0x74ibRMW%2F%2BJg2D662%2FGeXeGiSZZxxYFTm9DBkCKOv5uyvQY4l8o0Vd6I"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7998e99d2e249a1d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 127265

GET
H2 204 0
bat.bing.com/action/ 0
286 B 46ms
45ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13007602&Ver=2&mid=8be24ea5-d3fe-4da0-b99d-c88000a13ff0&sid=fb6ff700acae11eda3b5e5706f16a310&vid=fb7018d0acae11ed988d01512e1ca5c0&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Drug%20Detox%20and%20Treatment%20Center%20-%20Royal%20Life%20Centers%20at%20Chapter%205%20WA%20%3A%20Royal%20Life%20Centers%20at%20Chapter%205&p=https%3A%2F%2Fchapter5recovery.com%2F&r=&lt=1863&evt=pageLoad&sv=1&rn=822041

Requested by

Host: chapter5recovery.com
URL: https://chapter5recovery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 14 Feb 2023 21:31:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3D8636FC0A3940B1BDA6C418546EFFA8 Ref B: FRA31EDGE0607 Ref C: 2023-02-14T21:31:46Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 86ms
26ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=498762644204504&ev=PageView&dl=https%3A%2F%2Fchapter5recovery.com%2F&rl=&if=false&ts=1676410306235&sw=1600&sh=1200&v=2.9.95&r=stable&a=wordpress-6.1.1-3.0.6&ec=0&o=30&cs_est=true&fbp=fb.1.1676410306234.1831755069&it=1676410305661&coo=false&rqm=GET

Requested by

Host: chapter5recovery.com
URL: https://chapter5recovery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 14 Feb 2023 21:31:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 6924 42 KB
22 KB 75ms
74ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfsTqcUAAAAAC1Q62hQDTFfdkKctRa1FmmCP3pH&co=aHR0cHM6Ly9jaGFwdGVyNXJlY292ZXJ5LmNvbTo0NDM.&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=p4ss8psgedjz

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

91fa15ec36658ebba9c6f63a06e3f81cd73bb1d43ce28b8ea6df53c129402d3d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9UK59aVrUxizzrLb5fLojA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chapter5recovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22087
content-security-policy: script-src 'report-sample' 'nonce-9UK59aVrUxizzrLb5fLojA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Feb 2023 21:31:46 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ Frame 6924 55 KB
24 KB 111ms
36ms Stylesheet
text/css 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfsTqcUAAAAAC1Q62hQDTFfdkKctRa1FmmCP3pH&co=aHR0cHM6Ly9jaGFwdGVyNXJlY292ZXJ5LmNvbTo0NDM.&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=p4ss8psgedjz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 07:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 03:04:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Feb 2024 07:40:57 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ Frame 6924 406 KB
162 KB 131ms
57ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0924e5af960e9110d8424b1a364b61a5bcd949d53bcca312d0474dcb8c64a478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 16:12:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166252
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 03:04:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Feb 2024 16:12:57 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 1076 0
52 B 22ms
21ms Document
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: chapter5recovery.com
URL: https://chapter5recovery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://chapter5recovery.com
Referer: https://chapter5recovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://chapter5recovery.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 14 Feb 2023 21:31:46 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 201 x.json Show response
241167.tctm.co/ 0
371 B 99ms
97ms XHR
text/plain 2600:9000:2304:1a00:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://241167.tctm.co/x.json
Requested by: Host: 241167.tctm.co
URL: https://241167.tctm.co/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:1a00:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chapter5recovery.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-type: application/json

Response headers

date: Tue, 14 Feb 2023 21:31:47 GMT
via: 1.1 452b7761b1eb87a22cbc4ec546224f1a.cloudfront.net (CloudFront)
server: ctm
x-amz-cf-pop: VIE50-P1
access-control-max-age: 2592000
access-control-allow-methods: POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
x-amz-cf-id: 3xfdL69rFiseuYP7gqtNzB8VOOe5Gcfh-OG62-SwZEus3ffrZPBTJw==

POST
H2 201 x.json Show response
241167.tctm.co/ 0
371 B 101ms
97ms XHR
text/plain 2600:9000:2304:1a00:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://241167.tctm.co/x.json
Requested by: Host: 241167.tctm.co
URL: https://241167.tctm.co/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:1a00:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chapter5recovery.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-type: application/json

Response headers

date: Tue, 14 Feb 2023 21:31:46 GMT
via: 1.1 452b7761b1eb87a22cbc4ec546224f1a.cloudfront.net (CloudFront)
server: ctm
x-amz-cf-pop: VIE50-P1
access-control-max-age: 2592000
access-control-allow-methods: POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
x-amz-cf-id: gA0VBB05oRCZ-_1BCofpSmxcRpiS3pcCv_WZ7XdOoIkP0J7Zl_Szig==

OPTIONS
H2 201 x.json
241167.tctm.co/ Frame 0
0 171ms
102ms Preflight
text/plain 2600:9000:2304:1a00:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://241167.tctm.co/x.json
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:1a00:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://chapter5recovery.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 2592000
cache-control: no-cache, no-store, must-revalidate
content-type: text/plain
date: Tue, 14 Feb 2023 21:31:46 GMT
server: ctm
via: 1.1 452b7761b1eb87a22cbc4ec546224f1a.cloudfront.net (CloudFront)
x-amz-cf-id: 4JE4fx-74IEi8PPBvdoqJcN3Pwnj55tPqRpcCWXXrEZC8AKvQaKPaw==
x-amz-cf-pop: VIE50-P1
x-cache: Miss from cloudfront

OPTIONS
H2 201 x.json
241167.tctm.co/ Frame 0
0 119ms
51ms Preflight
text/plain 2600:9000:2304:1a00:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://241167.tctm.co/x.json
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:1a00:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://chapter5recovery.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 2592000
cache-control: no-cache, no-store, must-revalidate
content-type: text/plain
date: Tue, 14 Feb 2023 21:31:46 GMT
server: ctm
via: 1.1 452b7761b1eb87a22cbc4ec546224f1a.cloudfront.net (CloudFront)
x-amz-cf-id: 1jSpObNE4iN06USjB3KtAG-b2u200FXLEd4q3PNZmRV8-_4u_b6Flg==
x-amz-cf-pop: VIE50-P1
x-cache: Miss from cloudfront

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 6924 2 KB
2 KB 37ms
36ms Image
image/png 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:21:21 GMT
x-content-type-options: nosniff
age: 22225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 21 Feb 2023 15:21:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6924 15 KB
15 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 09:35:04 GMT
x-content-type-options: nosniff
age: 561402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Feb 2024 09:35:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6924 15 KB
15 KB 27ms
26ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:28:44 GMT
x-content-type-options: nosniff
age: 529382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Feb 2024 18:28:44 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 6924 102 B
133 B 66ms
65ms Other
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=tNAc29ZZrpcOCErva2nr4BS9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9345880ada178d9c36ed991525ff3c0671594be63500a61313d2ac1d35f3a51c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfsTqcUAAAAAC1Q62hQDTFfdkKctRa1FmmCP3pH&co=aHR0cHM6Ly9jaGFwdGVyNXJlY292ZXJ5LmNvbTo0NDM.&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=p4ss8psgedjz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Tue, 14 Feb 2023 21:31:46 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 6924 32 KB
18 KB 116ms
115ms XHR
application/json 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfsTqcUAAAAAC1Q62hQDTFfdkKctRa1FmmCP3pH

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3cde6acc5c93fa2af7cf6fb25247f762b6cd39db45b9e630abf7c3976a8d61b2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfsTqcUAAAAAC1Q62hQDTFfdkKctRa1FmmCP3pH&co=aHR0cHM6Ly9jaGFwdGVyNXJlY292ZXJ5LmNvbTo0NDM.&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=p4ss8psgedjz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 14 Feb 2023 21:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18616
x-xss-protection: 1; mode=block
expires: Tue, 14 Feb 2023 21:31:47 GMT

GET
H2 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/63b77dcd282/js/ 121 B
286 B 140ms
138ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/58b909f31919dc09f90e9091/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chapter5recovery.com/
Origin: https://chapter5recovery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:47 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
server: cloudflare
content-encoding: br
etag: W/"da5bb1dc647470204df0e49f5afac2de"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7998e9a34d48918e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/63b77dcd282/js/ 76 KB
27 KB 255ms
254ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/58b909f31919dc09f90e9091/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chapter5recovery.com/
Origin: https://chapter5recovery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:47 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
server: cloudflare
content-encoding: br
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7998e9a34d49918e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/63b77dcd282/js/ 206 KB
61 KB 372ms
371ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/58b909f31919dc09f90e9091/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

299a4f2bad31c68a87c725376227e4e71d3fa3be5ac21776509b6a526bfd603b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chapter5recovery.com/
Origin: https://chapter5recovery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:47 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
server: cloudflare
content-encoding: br
etag: W/"70dac54eca3bb2143032bc4db3237623"
x-cache-status: HIT
vary: X-Goog-Allowed-Resources, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7998e9a34d4b918e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/63b77dcd282/js/ 192 KB
40 KB 364ms
363ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/58b909f31919dc09f90e9091/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e76be61057b7d805440ba2693d2c357f9a828fa8bda74170b9ac70b58af626d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chapter5recovery.com/
Origin: https://chapter5recovery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:47 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
server: cloudflare
content-encoding: br
etag: W/"385105148a50079bafff97e9c9476109"
x-cache-status: HIT
vary: X-Goog-Allowed-Resources, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7998e9a34d50918e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/63b77dcd282/js/ 2 KB
1 KB 146ms
145ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/58b909f31919dc09f90e9091/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da3edd648fc579bc07c4b1b1bb3ba1e8258ae308049a311e5966464295eb0e51

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chapter5recovery.com/
Origin: https://chapter5recovery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:47 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
server: cloudflare
content-encoding: br
etag: W/"de21d01e9f8b6cc35ea67267d0ba80ec"
x-cache-status: HIT
vary: X-Goog-Allowed-Resources, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7998e9a34d51918e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/63b77dcd282/js/ 151 B
206 B 141ms
140ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/58b909f31919dc09f90e9091/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chapter5recovery.com/
Origin: https://chapter5recovery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:47 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
server: cloudflare
content-encoding: br
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7998e9a34d54918e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 visitors Show response
api.talkfurther.com/api/chat/ Frame A12F 293 B
588 B 782ms
554ms Document
text/html 3.219.106.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.talkfurther.com/api/chat/visitors?visit=af1e6429-c79f-47ae-9ba2-02553a983606
Requested by: Host: js.talkfurther.com
URL: https://js.talkfurther.com/talkfurther_init.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.106.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-106-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8f343668efe38385aa88ed447e9665cdd917cf8f9564cb91b5e5b27010f67e47

Request headers

Referer: https://chapter5recovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

allow: GET, OPTIONS
content-encoding: gzip
content-length: 187
content-type: text/html; charset=utf-8
date: Tue, 14 Feb 2023 21:31:48 GMT
server: nginx
vary: Cookie, Accept, Accept-Encoding

GET
H2 200 site_setup Show response
api.talkfurther.com/api/chat/ 256 B
506 B 1946ms
1946ms Fetch
application/json 3.219.106.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.talkfurther.com/api/chat/site_setup?url=chapter5recovery.com%2F

Requested by

Host: js.talkfurther.com
URL: https://js.talkfurther.com/talkfurther_init.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.219.106.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-219-106-100.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5926da261ff6bcb0e36e12a85566d130188949274bb7369ece0587d9e13afd22

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept: application/json
Referer: https://chapter5recovery.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
content-type: application/json

Response headers

date: Tue, 14 Feb 2023 21:31:49 GMT
content-encoding: gzip
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept, Origin, Cookie, Accept-Encoding
content-type: application/json
allow: GET, HEAD, OPTIONS
access-control-allow-origin: https://chapter5recovery.com
cache-control: max-age=0
access-control-allow-credentials: true
content-length: 206
expires: Tue, 14 Feb 2023 21:31:49 GMT

OPTIONS
H2 200 site_setup
api.talkfurther.com/api/chat/ Frame 0
0 603ms
603ms Preflight
text/html 3.219.106.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.talkfurther.com/api/chat/site_setup?url=chapter5recovery.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.106.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-106-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://chapter5recovery.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, x-checksum
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://chapter5recovery.com
access-control-max-age: 86400
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 14 Feb 2023 21:31:47 GMT
server: nginx
vary: Accept-Encoding Origin

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
1 KB 514ms
499ms Fetch
application/json 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=58b909f31919dc09f90e9091&widgetId=default&sv=undefined

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c847046bcab12545b0e25df05ccf5f34f527c623c7ca0e733e1219ec975aa98

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:48 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: visitor-application-preemptive-0r8j
server: cloudflare
etag: W/"2-75-0"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 7998e9a628cf918e-FRA
access-control-allow-headers: content-type,x-tawk-token

POST
H3 200 start Show response
va.tawk.to/v1/session/ 1008 B
1 KB 385ms
357ms Fetch
application/json 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15ab914b9439239e5a3d6f8bc595bd5cd715462e356d22579d1ab3eeb33c41e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chapter5recovery.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Tue, 14 Feb 2023 21:31:48 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://chapter5recovery.com
access-control-allow-credentials: true
cf-ray: 7998e9a7292c5b5c-FRA
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: visitor-application-preemptive-k2ph

OPTIONS
H2 200 start
va.tawk.to/v1/session/ Frame 0
0 148ms
139ms Preflight 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://chapter5recovery.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://chapter5recovery.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7998e9a628d1918e-FRA
date: Tue, 14 Feb 2023 21:31:47 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-dbxn

GET
H3 200 en.js Show response
embed.tawk.to/_s/v4/app/63b77dcd282/languages/ 16 KB
4 KB 45ms
45ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/63b77dcd282/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:48 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 475615
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
server: cloudflare
etag: W/"585ba00b2c167b90c210161454f843b5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7998e9a94a6f5b5c-FRA

GET
H3 200 twk-chunk-2c78ba82.js Show response
embed.tawk.to/_s/v4/app/63b77dcd282/js/ 7 KB
2 KB 56ms
56ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2c78ba82.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:48 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 475616
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
server: cloudflare
etag: W/"fac25ff2d2c405e1ac7e156dca1f819c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7998e9a99a995b5c-FRA

GET
H3 200 twk-chunk-696bc286.js Show response
embed.tawk.to/_s/v4/app/63b77dcd282/js/ 16 KB
5 KB 31ms
31ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-696bc286.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3bbf1d795232665eceff33610ed6876b9d83db71364782c2d9bbe26a1753ae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:48 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 475616
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
server: cloudflare
etag: W/"2aa8e4d8fcf9760a324a8b2e7902f6ca"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7998e9a99a9a5b5c-FRA

GET
H3 200 twk-chunk-f1596d96.js Show response
embed.tawk.to/_s/v4/app/63b77dcd282/js/ 10 KB
4 KB 31ms
31ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-f1596d96.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3418417801acc364fae9a8675f8292b2ae09cf39fe35de90a981e69e49e6e24c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:48 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 475610
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
server: cloudflare
etag: W/"058710526a0979b9e77a4babe9adfcd7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7998e9a99a9b5b5c-FRA

GET
H3 200 twk-chunk-48f46bef.js Show response
embed.tawk.to/_s/v4/app/63b77dcd282/js/ 15 KB
5 KB 31ms
31ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-48f46bef.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87e512de8c063410a12ffdd7c34124de2dade5a644ed49bb66213ca3e26dde4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:48 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 475616
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
server: cloudflare
etag: W/"d9f3d1c4504d77c3e7c2e3e2f126fd9b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7998e9a99a9c5b5c-FRA

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/63b77dcd282/js/ 942 B
714 B 55ms
54ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:48 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 475616
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
server: cloudflare
etag: W/"5f434bdd806571a4e1b385bee9316ff6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7998e9a9aaa15b5c-FRA

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/63b77dcd282/js/ 546 B
603 B 55ms
54ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:48 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 475616
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
server: cloudflare
etag: W/"09c3819d373bd4178a620d721429fada"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7998e9a9aaa25b5c-FRA

GET
H3 200 twk-chunk-f163fcd0.js Show response
embed.tawk.to/_s/v4/app/63b77dcd282/js/ 11 KB
4 KB 52ms
51ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-f163fcd0.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:48 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 475616
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
server: cloudflare
etag: W/"a92075fd9ac5ba130387a80453676099"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7998e9a9aaa45b5c-FRA

GET
H3 200 twk-chunk-32507910.js Show response
embed.tawk.to/_s/v4/app/63b77dcd282/js/ 73 KB
16 KB 52ms
52ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-32507910.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5545096f7c7a5c5b9e151ed1127b929098806899b9f910e547f3cbcbbbdcfc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:48 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 475616
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
server: cloudflare
etag: W/"b931365947ecaea657544f82994716af"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7998e9a9aaa55b5c-FRA

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/63b77dcd282/css/ Frame 4534 24 KB
5 KB 31ms
30ms Stylesheet
text/css 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/63b77dcd282/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f08b0bfc5ca2e4fb4d2befa761a291c460279d018754531c1ed73fcb8bbd83b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:48 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 475616
cf-polished: origSize=24960
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
server: cloudflare
etag: W/"80df9814fe6b98404ccc1df3c455ceaa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7998e9aa1aeb5b5c-FRA

GET
H3 200 bubble-widget.css
embed.tawk.to/_s/v4/app/63b77dcd282/css/ Frame B5A0 13 KB
3 KB 33ms
33ms Stylesheet
text/css 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/63b77dcd282/css/bubble-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:48 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 475610
cf-polished: origSize=13594
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
server: cloudflare
etag: W/"ce7913b80c763449b3895d46419f7a6b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7998e9aa2af45b5c-FRA

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/63b77dcd282/css/ Frame 1A0E 37 KB
8 KB 31ms
30ms Stylesheet
text/css 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/63b77dcd282/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b959ad2221d60430f98667e34f19ac4830d2a4e82d086aafec1d1c92aaf1a9bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:48 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 475616
cf-polished: origSize=38268
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
server: cloudflare
etag: W/"949ecc85ac578750ec9a03e5680f7b0e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7998e9aa3afe5b5c-FRA

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/63b77dcd282/css/ Frame 7EFA 74 KB
14 KB 32ms
31ms Stylesheet
text/css 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/63b77dcd282/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc9b8766ba1ad9df5f06c2da364ce4736551d12b4f3878ff78f9fd8a4079ba41

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:48 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 475616
cf-polished: origSize=75771
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
server: cloudflare
etag: W/"0158db159e8967dbda5865ed6b2e435d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7998e9aa5b1c5b5c-FRA

GET
H3 200 37-br.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame B5A0 4 KB
2 KB 37ms
36ms Image
image/svg+xml 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://embed.tawk.to/_s/v4/assets/images/attention-grabbers/37-br.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ab0ee55e9acc1339ff5d9e2e347ed7234b1e18989def9fd6b50b2e09bce6e2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:48 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 272753
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 22 May 2021 07:25:18 GMT
server: cloudflare
etag: W/"6c995a432260aa3edeb051266c18dad4"
vary: X-Goog-Allowed-Resources, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7998e9aa7b3a5b5c-FRA

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
53 KB 93ms
26ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Feb 2023 21:31:48 GMT
age: 10076908
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 53889
x-served-by: cache-fra-eddf8230064-FRA, cache-hhn-etou8220067-HHN
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

POST
H3 200 v3 Show response
va.tawk.to/log-performance/ 5 B
283 B 145ms
145ms Fetch
text/html 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://chapter5recovery.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Tue, 14 Feb 2023 21:31:48 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://chapter5recovery.com
access-control-allow-credentials: true
cf-ray: 7998e9adffbb3826-FRA
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: visitor-application-preemptive-0ws3

OPTIONS
H3 200 v3
va.tawk.to/log-performance/ Frame 0
0 147ms
146ms Preflight 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://chapter5recovery.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://chapter5recovery.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7998e9ad0e6d3826-FRA
date: Tue, 14 Feb 2023 21:31:48 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-297c

GET
H2 200 icon
fonts.googleapis.com/ 1 KB
535 B 35ms
34ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Outlined

Requested by

Host: vsa.talkfurther.com
URL: https://vsa.talkfurther.com/famchat.v3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d07ef0194e19742cc9a57ae3d71da5280e0dac3756d638bdc0b38cf055dd6008

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 14 Feb 2023 21:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 21:31:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Feb 2023 21:31:50 GMT

GET
H2 200 config Show response
api.talkfurther.com/api/chat/ 19 KB
5 KB 219ms
219ms Fetch
application/json 3.219.106.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.talkfurther.com/api/chat/config?url=chapter5recovery.com%2F&vsa_version=new-cloud&vsa_loader=talkfurther_init&property=91703

Requested by

Host: vsa.talkfurther.com
URL: https://vsa.talkfurther.com/famchat.v3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.219.106.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-219-106-100.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b48f71250119a9a096e544b1c2ee9cdebd581a6490732afae37bd4ba2e457e1f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:31:50 GMT
content-encoding: gzip
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept, Origin, Cookie, Accept-Encoding
content-type: application/json
x-further-cache: HIT
access-control-allow-origin: https://chapter5recovery.com
allow: GET, HEAD, OPTIONS
access-control-allow-credentials: true
cache-control: max-age=0
content-length: 5163
expires: Tue, 14 Feb 2023 21:31:50 GMT

GET
H2 200 icon
fonts.googleapis.com/ 1 KB
489 B 36ms
35ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Outlined

Requested by

Host: chapter5recovery.com
URL: https://chapter5recovery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d07ef0194e19742cc9a57ae3d71da5280e0dac3756d638bdc0b38cf055dd6008

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 14 Feb 2023 21:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 21:31:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Feb 2023 21:31:50 GMT

POST
H2 200 93429 Show response
api.talkfurther.com/api/chat/start/ 68 B
334 B 516ms
516ms Fetch
application/json 3.219.106.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.talkfurther.com/api/chat/start/93429

Requested by

Host: vsa.talkfurther.com
URL: https://vsa.talkfurther.com/famchat.v3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.219.106.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-219-106-100.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f0078f7f68e529bcedb27c031c5ab36f6cef9af45132343a753ca75d93ced5e4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://chapter5recovery.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 14 Feb 2023 21:31:50 GMT
content-encoding: gzip
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Accept, Origin, Cookie
content-type: application/json
access-control-allow-origin: https://chapter5recovery.com
allow: POST, OPTIONS
access-control-allow-credentials: true

OPTIONS
H2 200 93429
api.talkfurther.com/api/chat/start/ Frame 0
0 126ms
124ms Preflight
text/html 3.219.106.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.talkfurther.com/api/chat/start/93429
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.106.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-106-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://chapter5recovery.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, x-checksum
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://chapter5recovery.com
access-control-max-age: 86400
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 14 Feb 2023 21:31:50 GMT
server: nginx
vary: Accept-Encoding Origin

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 31ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RLSXSCMVR5&gtm=45je32d0&_p=671783218&cid=1530749564.1676410306&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1676410305&sct=1&seg=0&dl=https%3A%2F%2Fchapter5recovery.com%2F&dt=Drug%20Detox%20and%20Treatment%20Center%20-%20Royal%20Life%20Centers%20at%20Chapter%205%20WA%20%3A%20Royal%20Life%20Centers%20at%20Chapter%205&en=scroll&epn.percent_scrolled=90&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RLSXSCMVR5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Feb 2023 21:31:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://chapter5recovery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 asset-manifest.gf0h3waj485.json Show response
vsa.talkfurther.com/ 3 KB
1021 B 98ms
30ms Fetch
application/json 2600:9000:223c:800:6:4c42:9b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vsa.talkfurther.com/asset-manifest.gf0h3waj485.json
Requested by: Host: vsa.talkfurther.com
URL: https://vsa.talkfurther.com/famchat.v3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:800:6:4c42:9b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28e7b5199d6b93675821a55c2a6b589711beade2e71f86f7a6ac1a9950e58d8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:03:56 GMT
content-encoding: gzip
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1676
x-cache: Hit from cloudfront
content-length: 565
x-amz-meta-etag: t7++6DXu7T0fzIKP2NKgpg==
last-modified: Tue, 14 Feb 2023 13:02:28 GMT
server: AmazonS3
etag: "62c018cadb0c0d54d3d1cb5d96c34355"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=7200
x-amz-cf-id: pwKUz1Xv53xRwbvi8jlQmJ8qmzBjaWnl9VD0GvpNmbXj9Cls4P0vaA==

GET
H2 200 0.6f4b56ee.chunk.famchat.v3.js Show response
vsa.talkfurther.com/ 48 KB
18 KB 46ms
46ms Script
application/javascript 2600:9000:223c:800:6:4c42:9b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vsa.talkfurther.com/0.6f4b56ee.chunk.famchat.v3.js
Requested by: Host: vsa.talkfurther.com
URL: https://vsa.talkfurther.com/famchat.v3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:800:6:4c42:9b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26c93479d9e7d82fbb8af44f8a984bddb375f81c5d290a09a3cbc0f09bc8deb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:03:57 GMT
content-encoding: gzip
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
last-modified: Tue, 14 Feb 2023 13:02:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 1675
etag: "b3204113e78a3e0c272334ebfba94ed8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=7200
content-length: 17483
x-amz-cf-id: s7avk6WYehU_YWo9MksO3rpIN1CdNJD7dFUvKxprkgps-IM5Ts50Ag==
x-amz-meta-etag: t7++6DXu7T0fzIKP2NKgpg==

GET
H2 200 1.264b2a8c.chunk.famchat.v3.js Show response
vsa.talkfurther.com/ 19 KB
7 KB 46ms
46ms Script
application/javascript 2600:9000:223c:800:6:4c42:9b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vsa.talkfurther.com/1.264b2a8c.chunk.famchat.v3.js
Requested by: Host: vsa.talkfurther.com
URL: https://vsa.talkfurther.com/famchat.v3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:800:6:4c42:9b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04fee72c8f1521e81618f193b8baca7feb691dfb66257795d82b6f4a1a6a966f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:03:11 GMT
content-encoding: gzip
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
last-modified: Tue, 14 Feb 2023 10:19:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 1721
etag: "c893ff9577bbb1cf527625b340199f71"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=7200
content-length: 6390
x-amz-cf-id: tnOWxqSFID_DOcJ5pkrvJrvYUNTUYMVN-PChQ9FHxiqeCK5ETMiCQA==
x-amz-meta-etag: kDAuzil4T5bcTV8bcY1mbw==

GET
H2 200 2.35f9399f.chunk.famchat.v3.js Show response
vsa.talkfurther.com/ 202 KB
60 KB 46ms
46ms Script
application/javascript 2600:9000:223c:800:6:4c42:9b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vsa.talkfurther.com/2.35f9399f.chunk.famchat.v3.js
Requested by: Host: vsa.talkfurther.com
URL: https://vsa.talkfurther.com/famchat.v3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:800:6:4c42:9b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe9930944f4c921b554250f7ac3da6c94b6e25ea2ecdb3e20aefdf53153890c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:03:57 GMT
content-encoding: gzip
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
last-modified: Tue, 14 Feb 2023 13:02:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 1675
etag: "c580e727e7c1a522376278c7b71dd0ac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=7200
content-length: 60822
x-amz-cf-id: h7iqVr19jT9VH-3JdP18q93f61fTyzu08FUH_cCi_GFz_JNwwBBmkQ==
x-amz-meta-etag: t7++6DXu7T0fzIKP2NKgpg==

GET
H2 200 4.3a4b7642.chunk.famchat.v3.js Show response
vsa.talkfurther.com/ 247 KB
65 KB 46ms
45ms Script
application/javascript 2600:9000:223c:800:6:4c42:9b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vsa.talkfurther.com/4.3a4b7642.chunk.famchat.v3.js
Requested by: Host: vsa.talkfurther.com
URL: https://vsa.talkfurther.com/famchat.v3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:800:6:4c42:9b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e52d92ce115cded34c64d322e2147037f6dc2075df81983528467327acf9ed5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:03:57 GMT
content-encoding: gzip
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
last-modified: Tue, 14 Feb 2023 13:02:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 1675
etag: "b7bfbee835eeed3d1fcc828fd8d2a0a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=7200
content-length: 65883
x-amz-cf-id: aFSdW0aeBYD3urIeTd5yPrjsE4Wcix4N6Dl9N8tbKWl5jdr32s3S6w==
x-amz-meta-etag: t7++6DXu7T0fzIKP2NKgpg==

GET
H2 200 5.ad98972c.chunk.famchat.v3.js Show response
vsa.talkfurther.com/ 75 KB
21 KB 44ms
44ms Script
application/javascript 2600:9000:223c:800:6:4c42:9b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vsa.talkfurther.com/5.ad98972c.chunk.famchat.v3.js
Requested by: Host: vsa.talkfurther.com
URL: https://vsa.talkfurther.com/famchat.v3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:800:6:4c42:9b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efc70d6ba7428b74ab23e29060480b5e980539535e34e140c141a6b9c2879164

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:03:11 GMT
content-encoding: gzip
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
last-modified: Tue, 14 Feb 2023 10:19:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 1721
etag: "c6058a29827aeb0b4e75177cac617724"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=7200
content-length: 20917
x-amz-cf-id: Py9U1Cse4ysSiin4PiGBu3mb-dWMJkwywW_7JoSIgwHgZTh-E8Mf4w==
x-amz-meta-etag: kDAuzil4T5bcTV8bcY1mbw==

GET
H2 200 6.9372f366.chunk.famchat.v3.js Show response
vsa.talkfurther.com/ 116 KB
32 KB 48ms
47ms Script
application/javascript 2600:9000:223c:800:6:4c42:9b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vsa.talkfurther.com/6.9372f366.chunk.famchat.v3.js
Requested by: Host: vsa.talkfurther.com
URL: https://vsa.talkfurther.com/famchat.v3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:800:6:4c42:9b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 668495d957991cf03f2ca0df0e2bdc65d3148604d261a7b16b6769157945a8f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:03:57 GMT
content-encoding: gzip
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
last-modified: Tue, 14 Feb 2023 13:02:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 1675
etag: "ef4c7ae9887eddec3fb802b77eedbed2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=7200
content-length: 32334
x-amz-cf-id: AG1TPNlDSTdmXJL6bvRa-Anou-R-TrA0btbmuyG8CwSy_BVHKgfE1Q==
x-amz-meta-etag: t7++6DXu7T0fzIKP2NKgpg==

GET
H2 200 7.f4028984.chunk.famchat.v3.js Show response
vsa.talkfurther.com/ 156 KB
45 KB 46ms
45ms Script
application/javascript 2600:9000:223c:800:6:4c42:9b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vsa.talkfurther.com/7.f4028984.chunk.famchat.v3.js
Requested by: Host: vsa.talkfurther.com
URL: https://vsa.talkfurther.com/famchat.v3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:800:6:4c42:9b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6cff18bf5196ded8461e0ac5c584c193a90237324bbe78b6180a22a7ac287430

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:03:11 GMT
content-encoding: gzip
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
last-modified: Tue, 14 Feb 2023 10:19:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 1721
etag: "e24e1666f6ae7bccb54a119e25a592f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=7200
content-length: 45649
x-amz-cf-id: bqhjXcQXEdt4ZXdsWRQldNMUynh_htiIQlOQ9dNEfJwyq3vNCPfLLg==
x-amz-meta-etag: kDAuzil4T5bcTV8bcY1mbw==

GET
H2 200 8.70dfeba5.chunk.famchat.v3.js Show response
vsa.talkfurther.com/ 22 KB
6 KB 46ms
44ms Script
application/javascript 2600:9000:223c:800:6:4c42:9b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vsa.talkfurther.com/8.70dfeba5.chunk.famchat.v3.js
Requested by: Host: vsa.talkfurther.com
URL: https://vsa.talkfurther.com/famchat.v3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:800:6:4c42:9b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b5877be06ab634e1bba2c0af432d6b218cc71da388d89bd418a967320e0f09f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:03:11 GMT
content-encoding: gzip
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
last-modified: Tue, 14 Feb 2023 10:19:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 1721
etag: "efc39b6661162d25e9c3adcd579be296"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=7200
content-length: 5990
x-amz-cf-id: 54zTF3yEi1TkRhL19ugOteU8ctS4HXX5AcSB_zawJwkGOwZcorSguA==
x-amz-meta-etag: kDAuzil4T5bcTV8bcY1mbw==

GET
H2 200 9.a16eca43.chunk.famchat.v3.js Show response
vsa.talkfurther.com/ 3 KB
2 KB 47ms
45ms Script
application/javascript 2600:9000:223c:800:6:4c42:9b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vsa.talkfurther.com/9.a16eca43.chunk.famchat.v3.js
Requested by: Host: vsa.talkfurther.com
URL: https://vsa.talkfurther.com/famchat.v3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:800:6:4c42:9b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54a8f7864455e60e0092e64bba74e6e9ccd96c163406dcb893bec1116a4571e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:03:11 GMT
content-encoding: gzip
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
last-modified: Tue, 14 Feb 2023 10:19:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 1721
etag: "7a6852ca8571be93be80effe7d0b32b1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=7200
content-length: 1158
x-amz-cf-id: Sv83mUcth87Z9w1XhqMyqIVrxi6kyruJq2wRk2KDLJ4A0iw8Sx3cEg==
x-amz-meta-etag: kDAuzil4T5bcTV8bcY1mbw==

GET
H2 200 10.7da33fd0.chunk.famchat.v3.js Show response
vsa.talkfurther.com/ 60 KB
24 KB 74ms
71ms Script
application/javascript 2600:9000:223c:800:6:4c42:9b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vsa.talkfurther.com/10.7da33fd0.chunk.famchat.v3.js
Requested by: Host: vsa.talkfurther.com
URL: https://vsa.talkfurther.com/famchat.v3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:800:6:4c42:9b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 685810f6426c4469ba0deabd1f8f20e95d0f4cc7f1a7321ee22645827e0aa358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:03:11 GMT
content-encoding: gzip
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
last-modified: Tue, 14 Feb 2023 10:19:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 1721
etag: "90302ece29784f96dc4d5f1b718d666f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=7200
content-length: 24097
x-amz-cf-id: r2w2GJIE9FtYy8uTdJQlhboNCzVyIiZw75CspMF-hi52vjyBzAwe-w==
x-amz-meta-etag: kDAuzil4T5bcTV8bcY1mbw==

GET
H2 200 11.c8377e22.chunk.famchat.v3.js Show response
vsa.talkfurther.com/ 9 KB
3 KB 83ms
81ms Script
application/javascript 2600:9000:223c:800:6:4c42:9b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vsa.talkfurther.com/11.c8377e22.chunk.famchat.v3.js
Requested by: Host: vsa.talkfurther.com
URL: https://vsa.talkfurther.com/famchat.v3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:800:6:4c42:9b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51c5e9cb7416a69793cdd079b5c172cbe58b762fa4b493f765bdf112a3ff4bc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:03:11 GMT
content-encoding: gzip
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
last-modified: Tue, 14 Feb 2023 10:19:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 1721
etag: "caaf0d27d04b88b36d6eab637f96aeec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=7200
content-length: 2970
x-amz-cf-id: vw2i4JikD87yxoM5sNWyQ_WOBcua5DDzvRofJlbV2xBFTA_ACthIlw==
x-amz-meta-etag: kDAuzil4T5bcTV8bcY1mbw==

GET
H2 200 12.4fd499cc.chunk.famchat.v3.js Show response
vsa.talkfurther.com/ 8 KB
3 KB 84ms
81ms Script
application/javascript 2600:9000:223c:800:6:4c42:9b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vsa.talkfurther.com/12.4fd499cc.chunk.famchat.v3.js
Requested by: Host: vsa.talkfurther.com
URL: https://vsa.talkfurther.com/famchat.v3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:800:6:4c42:9b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7852e429fb71a8a6e26f5d7707797940df1d86e9a15e06e36cea7c0e013b38e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:03:57 GMT
content-encoding: gzip
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
last-modified: Tue, 14 Feb 2023 10:19:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 1675
etag: "e3e5adacd7ab09aac3e7d566aa2c328c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=7200
content-length: 2617
x-amz-cf-id: Nmr_PKMEzAgfBJihmDOPmrbJfRDkP0ZTVXxNnH2ajWM8niUAON6BfA==
x-amz-meta-etag: kDAuzil4T5bcTV8bcY1mbw==

GET
H2 200 13.2d67fda7.chunk.famchat.v3.js Show response
vsa.talkfurther.com/ 8 KB
3 KB 83ms
81ms Script
application/javascript 2600:9000:223c:800:6:4c42:9b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vsa.talkfurther.com/13.2d67fda7.chunk.famchat.v3.js
Requested by: Host: vsa.talkfurther.com
URL: https://vsa.talkfurther.com/famchat.v3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:800:6:4c42:9b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13e2f4ca5a86240b65daa5f2a42d2831e3a9bab96107767e52ec3b1b63a5b7ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:03:57 GMT
content-encoding: gzip
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
last-modified: Tue, 14 Feb 2023 10:19:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 1675
etag: "81c8be6953f9c8c569164914b491c10c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=7200
content-length: 2701
x-amz-cf-id: 6m9Z2EoHRtDCkhTN80cIlPcDnfagf-Rs38PAhmk0Unm4_SJOUwScfQ==
x-amz-meta-etag: kDAuzil4T5bcTV8bcY1mbw==

GET
H2 200 14.6653f668.chunk.famchat.v3.js Show response
vsa.talkfurther.com/ 9 KB
3 KB 84ms
82ms Script
application/javascript 2600:9000:223c:800:6:4c42:9b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vsa.talkfurther.com/14.6653f668.chunk.famchat.v3.js
Requested by: Host: vsa.talkfurther.com
URL: https://vsa.talkfurther.com/famchat.v3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:800:6:4c42:9b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97c7ab17b2112e7f471e9c562ddb02745f8b6594a9a47f23cbddcf50cfb9dd2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:03:57 GMT
content-encoding: gzip
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
last-modified: Tue, 14 Feb 2023 10:19:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 1675
etag: "8ed55d0e4642cde0956cdad567dfb8f5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=7200
content-length: 2826
x-amz-cf-id: vOJXoUx-kPqqtIjbK1p0lnDvBJQWdtmcHtamtW_LfXUo5Y2ItKJodg==
x-amz-meta-etag: kDAuzil4T5bcTV8bcY1mbw==

GET
H2 200 15.a6a126eb.chunk.famchat.v3.js Show response
vsa.talkfurther.com/ 10 KB
3 KB 83ms
82ms Script
application/javascript 2600:9000:223c:800:6:4c42:9b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vsa.talkfurther.com/15.a6a126eb.chunk.famchat.v3.js
Requested by: Host: vsa.talkfurther.com
URL: https://vsa.talkfurther.com/famchat.v3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:800:6:4c42:9b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7240a46ebe66b5b087ff7df119cf4061e5b2641a6c6bea0d87d9c8c1a8ff7004

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chapter5recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 21:03:57 GMT
content-encoding: gzip
via: 1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
last-modified: Tue, 14 Feb 2023 10:19:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 1675
etag: "feaa0d2352d35558da324f257a964054"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=7200
content-length: 3165
x-amz-cf-id: lTn0gwPG7FUuEGRxhsGuzZKE1pRJPXYqP-dCSgskpT6d8cra5F46tg==
x-amz-meta-etag: kDAuzil4T5bcTV8bcY1mbw==

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 13:59:22	Name: _GRECAPTCHA Value: 09AMK3mNA8ZcOk8HTfm_UFDqUBFrdvBKi-8D0797auvXtShsoY6lRyXBOVunpxDl33cEiPQIVUNjxGKU1amWlwYKs
241167.tctm.co/	1969-12-31 23:59:59	Name: ct241167 Value: 63ebfdc00003ae0f1e96e38e
.chapter5recovery.com/	1970-01-20 10:23:22	Name: __ctmid Value: 63ebfdc00003ae0f1e96e38e
chapter5recovery.com/	1970-01-20 10:23:22	Name: __ctmid Value: 63ebfdc00003ae0f1e96e38e
.chapter5recovery.com/	1970-01-20 11:49:46	Name: _gcl_au Value: 1.1.825559965.1676410306
.chapter5recovery.com/	1970-01-20 19:16:10	Name: _ga_RLSXSCMVR5 Value: GS1.1.1676410305.1.0.1676410305.0.0.0
.chapter5recovery.com/	1970-01-20 19:16:10	Name: _ga Value: GA1.2.1530749564.1676410306
.chapter5recovery.com/	1970-01-20 09:41:36	Name: _gid Value: GA1.2.1898632722.1676410306
.chapter5recovery.com/	1970-01-20 09:40:10	Name: _gat_gtag_UA_78597314_8 Value: 1
.chapter5recovery.com/	1970-01-20 09:41:36	Name: _uetsid Value: fb6ff700acae11eda3b5e5706f16a310
.chapter5recovery.com/	1970-01-20 19:01:46	Name: _uetvid Value: fb7018d0acae11ed988d01512e1ca5c0
.bing.com/	1970-01-20 19:01:46	Name: MUID Value: 211250D258BA640C3632426A59316569
.chapter5recovery.com/	1970-01-20 11:49:46	Name: _fbp Value: fb.1.1676410306234.1831755069
chapter5recovery.com/	1969-12-31 23:59:59	Name: twk_idm_key Value: 94Z1-NLxDV4lQpIgZQzPc
chapter5recovery.com/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.chapter5recovery.com/	1970-01-20 13:59:22	Name: twk_uuid_58b909f31919dc09f90e9091 Value: %7B%22uuid%22%3A%221.AGFRjdHAlQUWxmMny25SqcWeJdTXk0LAwHecxVxmuhHLQ491K0xaWk8qZuJ9wZ2k2mh6tYYTNoKbB3AmLiRjTGf2eO75twr4k6KE2Wxqhfy1cxhjcWGj9AqZARjhhtqN%22%2C%22version%22%3A3%2C%22domain%22%3A%22chapter5recovery.com%22%2C%22ts%22%3A1676410308085%7D
api.talkfurther.com/	1970-01-20 19:16:10	Name: visitor-uid Value: 39676afe-6eec-4a09-b44c-942e80c86635

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

241167.tctm.co
api.talkfurther.com
bat.bing.com
cdn.jsdelivr.net
chapter5recovery.com
connect.facebook.net
d13dzd80tn4pg3.cloudfront.net
d1cbloud6m3d4c.cloudfront.net
embed.tawk.to
evsa.talkfurther.com
fonts.googleapis.com
fonts.gstatic.com
js.talkfurther.com
region1.google-analytics.com
static.legitscript.com
stats.g.doubleclick.net
va.tawk.to
vsa.talkfurther.com
www.clickcease.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
141.193.213.11
2001:4860:4802:32::36
2600:9000:20eb:7a00:15:a0d3:77c0:93a1
2600:9000:20eb:be00:1f:523f:1e80:93a1
2600:9000:21f3:7c00:1f:a2da:e400:93a1
2600:9000:21f3:ce00:7:6419:34c0:21
2600:9000:21f3:e600:1:9458:cb00:21
2600:9000:223c:800:6:4c42:9b40:93a1
2600:9000:2304:1a00:12:de4a:40:93a1
2606:4700:10::6816:1883
2606:4700:10::6816:1983
2606:4700::6812:1122
2620:1ec:c11::200
2a00:1450:4001:808::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:828::2008
2a00:1450:400d:802::200e
2a00:1450:400d:804::2003
2a00:1450:400d:806::2003
2a00:1450:400d:80a::2004
2a00:1450:4025:401::9c
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:600::485
3.219.106.100
0276a9153b055c40f31f7fb197269353422f0e5c299d541bd6c3e31ea2623786
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04fee72c8f1521e81618f193b8baca7feb691dfb66257795d82b6f4a1a6a966f
05bf1a6e446e2f533d47e80cfe170f676d120fe22c69cfe5ae48b67d29759aa0
0924e5af960e9110d8424b1a364b61a5bcd949d53bcca312d0474dcb8c64a478
0b2a741489fb323cd96e2b546693ca1fc7151cfa0f2111eee4dd512e6b359941
0baa2625178bc5ebc538f20e295742058efc73cbb6e517717d6bfa4ce6cc820e
0ea2bcbf3ebd13693717a10f17c511bdd0985bc5a4b83b1d08f329944fec40a0
124cd3f417060e4502bd4f2082ef0cd5643e6f7cfa02ec5434022dfcab018aed
128a83fca29e19a94dc5c5a2d97ca0ebeb0bf4902b0cac565406d8cc30bd5b48
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
13e2f4ca5a86240b65daa5f2a42d2831e3a9bab96107767e52ec3b1b63a5b7ad
15ab914b9439239e5a3d6f8bc595bd5cd715462e356d22579d1ab3eeb33c41e9
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
1c2e41bd288629182c310a1c984015e357fba719d37825c4fa9fc05350557eab
1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f
1f88e842133e01de6caa60ae5e4b67c7f2e0e4dc0d540380eac46fffd8c0ea7f
2045cfea6d2ac0f8d552a0163c75586dae6673c05e9b90030f224cbd5b138bce
20e82263d05a2639052af63ddb0c7c43bfd53ae4eab5e8a9a866cc5feccd71a5
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c
26c93479d9e7d82fbb8af44f8a984bddb375f81c5d290a09a3cbc0f09bc8deb0
27ebed7e8a456f3b5135136a8672cf0cc61ea529a3a035bb9b5aad56fa542a86
28e7b5199d6b93675821a55c2a6b589711beade2e71f86f7a6ac1a9950e58d8e
299a4f2bad31c68a87c725376227e4e71d3fa3be5ac21776509b6a526bfd603b
2a776a2ab6b13f3c6443b7fc85d82f8f4842cc45caa183d0701b9bedc97e7648
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
3418417801acc364fae9a8675f8292b2ae09cf39fe35de90a981e69e49e6e24c
363221ad4a947b0cc6018970538444c8000aa26bff2879a4b248d2e889c37a7d
3a9a2ecc6388ccda40b751c88bde471c7b5f721e54ab4f87fc5cbbd6dde9d640
3cde6acc5c93fa2af7cf6fb25247f762b6cd39db45b9e630abf7c3976a8d61b2
3d583cbfc3f9044c6e82a6bdc967f41475cde7ae98af59486047de237d7f35b4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e52d92ce115cded34c64d322e2147037f6dc2075df81983528467327acf9ed5
41c1196bec166436407460037acf0f1c64e6b512a40a83748a6aec1a2c46154a
42fb5e5ca2eca081bba10840c6bed7a3b69a5623b33a87c955f64fe538cbe5a1
431a230730dbfbb0a7e6204569e8b545144ed2b383d76f2e36c9b8a555c84406
44c158e94133655ce48de4f251aa517421e43b246ae531748c155cf85989ef27
479b77232094625d36126a09a25f165961b77f1f2ba3ebb8a9f8b9b7a3daff44
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
4ac723b9c49819209d13d9ce97c1739524181702063b96ca6a363facf537cfad
4bdd31f06897265670c0d3a6c5fac6217beabac01058065ed5953f5d100cc7cf
4f9687af855e3702920c9feedcf07596807bf43bcd8de0b543ffee66f98e1a22
51c5e9cb7416a69793cdd079b5c172cbe58b762fa4b493f765bdf112a3ff4bc4
5306a41be7a414000d99c95effb2fc7978fa3185f1e3e225f80fa9659891b079
544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de
54a8f7864455e60e0092e64bba74e6e9ccd96c163406dcb893bec1116a4571e0
54eb546ba2203d87ad9a38ffdb92fdfed9733e08239dbea692a1ca059a287480
55ff1e65d1197088d96bcf3e4e3fd2b773f51ac3cca2f13d6b7f2a46b6405333
5926da261ff6bcb0e36e12a85566d130188949274bb7369ece0587d9e13afd22
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ae1822e36451bc7b0823268f85e3c4fc853b35c6255dd043b4c6c0d8fbbf3f6
668495d957991cf03f2ca0df0e2bdc65d3148604d261a7b16b6769157945a8f9
66a63e7f4510fb5ce40a505e94589266565d7d96a683de5e0de2b30d2080bb0a
685810f6426c4469ba0deabd1f8f20e95d0f4cc7f1a7321ee22645827e0aa358
6903857c13f7d2204d3067810b1ea50547504ee6f8c429f9f8e107f810a45863
6b49f91c87827ee6adc5a811c73e6a1b493adc72a8c0a832fc4c77e80c0226ed
6b5877be06ab634e1bba2c0af432d6b218cc71da388d89bd418a967320e0f09f
6c847046bcab12545b0e25df05ccf5f34f527c623c7ca0e733e1219ec975aa98
6cff18bf5196ded8461e0ac5c584c193a90237324bbe78b6180a22a7ac287430
6f7eff1cc2591b25382e2f42fbde2501a291a5dead80c4b0e165cf32b0e2fd94
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
719ea554fe736e5169a7bb523cf9a8783da2e0fc3ed6b83dbb7cc1378a6f720b
7240a46ebe66b5b087ff7df119cf4061e5b2641a6c6bea0d87d9c8c1a8ff7004
76ea0414aafcb349b9ab21a93662ac1527d9d8c43496f3c58d79b3cd368ee289
77883d6b9ad48d3b6b332cf051b1b4c9a767a96edd37c242db46493815f67aeb
7852e429fb71a8a6e26f5d7707797940df1d86e9a15e06e36cea7c0e013b38e2
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
80dc8bfb477cf497e869d6486fcd88a50171de05708215a1e62e5b351bbdddfb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87e512de8c063410a12ffdd7c34124de2dade5a644ed49bb66213ca3e26dde4b
8c87f438cf878c7c18f5a436c5e9c403e183848d1182458123d66396573c33c4
8d23fae43bcb666edee7bede8c9b3352916d8f2ff23f4bd46010f1f6a3addc6f
8f343668efe38385aa88ed447e9665cdd917cf8f9564cb91b5e5b27010f67e47
91fa15ec36658ebba9c6f63a06e3f81cd73bb1d43ce28b8ea6df53c129402d3d
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
9345880ada178d9c36ed991525ff3c0671594be63500a61313d2ac1d35f3a51c
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
964362fd7e113edc6f34832b645b184160bb47c17af3119cb89071b05d6f1a0d
97c7ab17b2112e7f471e9c562ddb02745f8b6594a9a47f23cbddcf50cfb9dd2d
97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0
98cfc43629665f1f3484c3d647740344f7e7497d89c2ef0377a8ca2d0759fb2f
9ab0ee55e9acc1339ff5d9e2e347ed7234b1e18989def9fd6b50b2e09bce6e2d
9d57ed361d70acff81f0c4a9e395358682ca058066f7cb34d6e804a6ade7f384
a18017415b08aa80ce9fe8c4e790bb4f0d05c30f0bd2d2a68880b44223a803c3
a56a027ae7d13825094b55471e1fe07177c4d1823050e2469501c41e14fc5e92
a5bb6bd1eb45721d054b78ed5ad5308a8192aa3d48f72567aeebe67cee75b23a
a603012d28ff819dfab9077ffc69128ff8d90ee42db185e029cec86b2ce0ef34
ac7fe6b3666879500bf7d0455ba34fe582660ef3cc66075414ec444f3f5b399f
b48f71250119a9a096e544b1c2ee9cdebd581a6490732afae37bd4ba2e457e1f
b959ad2221d60430f98667e34f19ac4830d2a4e82d086aafec1d1c92aaf1a9bc
bbcb2921ab0b7450e3bcc89f8ae48430e794baf103c36a58eccf9b773a6dfc60
bcb9027719cf3fd6a830edefda94b5aa48ec728328b1e267661a4c02ffe95914
bf211abf206a36de9b3d8ab8aa2281117f825fad5c408b324fa821436404bb45
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c4b1a881faf6b4c9c4b9d1141beb460c2b4b3d305f9b709ac77debbe0a74674b
cc4ccd0458e188ca8e9b234350ba26df8ea2b29b6ce288aa01aceb2f7cf342df
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d07ef0194e19742cc9a57ae3d71da5280e0dac3756d638bdc0b38cf055dd6008
d5545096f7c7a5c5b9e151ed1127b929098806899b9f910e547f3cbcbbbdcfc7
da3edd648fc579bc07c4b1b1bb3ba1e8258ae308049a311e5966464295eb0e51
dc0bde79e9682328fabd2752ef0889055cb7a681f17be804a99b9aa3004ee00e
dc9b8766ba1ad9df5f06c2da364ce4736551d12b4f3878ff78f9fd8a4079ba41
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de54340d68d5ce85f4204228ecbcd08b6a57427b3e2e83a8e1c9a0d8e5ffed5d
e1454b8d84b5a8a1dd974fc716c4bf7b6e21f3f00724fd0549948c3dfd3f035a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bbf1d795232665eceff33610ed6876b9d83db71364782c2d9bbe26a1753ae9
e71e6e86f65a19007376a38c66c6a4a8716b8f91c758ffac27850985e9cc609a
e76be61057b7d805440ba2693d2c357f9a828fa8bda74170b9ac70b58af626d7
e89d7526092c671c0a01bd02152a595271fb97f87bbd3ba379b5e8b1071f6b2d
e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc70d6ba7428b74ab23e29060480b5e980539535e34e140c141a6b9c2879164
f0078f7f68e529bcedb27c031c5ab36f6cef9af45132343a753ca75d93ced5e4
f08b0bfc5ca2e4fb4d2befa761a291c460279d018754531c1ed73fcb8bbd83b6
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f7d74fcd46283ff75a6b881ec32c502996451331d0428df1fc28af739e5bceff
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867
fe9930944f4c921b554250f7ac3da6c94b6e25ea2ecdb3e20aefdf53153890c8

chapter5recovery.com Open in urlscan Pro 141.193.213.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

143 Requests

100 %HTTPS

92 %IPv6

18 Domains

25 Subdomains

25 IPs

4 Countries

5192 kBTransfer

9521 kBSize

17 Cookies

9 Outgoing links

Redirected requests

143 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

chapter5recovery.com Open in urlscan Pro
141.193.213.11 Public Scan

Screenshot
Live screenshot

Full Image

143
Requests

100 %
HTTPS

92 %
IPv6

18
Domains

25
Subdomains

25
IPs

4
Countries

5192 kB
Transfer

9521 kB
Size

17
Cookies

143 HTTP transactions
0 data transactions