myofficeboca.net.turkpayroll.com Open in urlscan Pro
68.66.226.81 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://myofficeboca.net.turkpayroll.com/
Submission: On June 10 via api (June 10th 2024, 6:35:54 am UTC) from US — Scanned from DE

Summary HTTP 58 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 58 HTTP transactions. The main IP is 68.66.226.81, located in United States and belongs to A2HOSTING, US. The main domain is myofficeboca.net.turkpayroll.com.
TLS certificate: Issued by R3 on May 26th 2024. Valid for: 3 months.

This is the only time myofficeboca.net.turkpayroll.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	68.66.226.81 68.66.226.81	55293 (A2HOSTING) (A2HOSTING)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	65.9.66.53 65.9.66.53	16509 (AMAZON-02) (AMAZON-02)
2	159.65.56.174 159.65.56.174	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	20.246.218.104 20.246.218.104	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
2	65.9.66.21 65.9.66.21	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
23	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
58	11

12 68.66.226.81 (United States)

ASN55293 (A2HOSTING, US)
PTR: az1-ts2.a2hosting.com

myofficeboca.net.turkpayroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.myofficeboca.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-53.fra56.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.65.56.174 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)

app.aminos.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 20.246.218.104 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.cognitoforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-21.fra56.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

static.cognitoforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	cognitoforms.com www.cognitoforms.com — Cisco Umbrella Rank: 45411 static.cognitoforms.com — Cisco Umbrella Rank: 67957	331 KB
11	turkpayroll.com myofficeboca.net.turkpayroll.com	414 KB
3	stripe.com js.stripe.com — Cisco Umbrella Rank: 1516	4 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 119	3 KB
2	gstatic.com fonts.gstatic.com	16 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	73 KB
2	aminos.ai app.aminos.ai — Cisco Umbrella Rank: 873034	230 KB
1	myofficeboca.net www.myofficeboca.net Failed	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70	821 B
58	9

	Domain	Requested by
23	static.cognitoforms.com	www.cognitoforms.com
11	myofficeboca.net.turkpayroll.com	myofficeboca.net.turkpayroll.com
5	www.cognitoforms.com	myofficeboca.net.turkpayroll.com static.cognitoforms.com www.cognitoforms.com
3	js.stripe.com	myofficeboca.net.turkpayroll.com js.stripe.com
2	www.facebook.com	myofficeboca.net.turkpayroll.com
2	fonts.gstatic.com	fonts.googleapis.com
2	connect.facebook.net	myofficeboca.net.turkpayroll.com connect.facebook.net
2	app.aminos.ai	myofficeboca.net.turkpayroll.com app.aminos.ai
1	www.myofficeboca.net	myofficeboca.net.turkpayroll.com
1	fonts.googleapis.com	myofficeboca.net.turkpayroll.com
58	10

This site contains links to these domains. Also see Links.

Domain
myofficeboca.com
app.hellosign.com
wa.me
goo.gl
www.facebook.com

Subject Issuer	Validity	Valid
autodiscover.myofficeboca.net R3	`2024-05-26` - `2024-08-24`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-05-22` - `2024-08-22`	3 months	crt.sh
app.aminos.ai R11	`2024-06-09` - `2024-09-07`	3 months	crt.sh
*.cognitoforms.com Go Daddy Secure Certificate Authority - G2	`2023-07-08` - `2024-08-08`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-19` - `2024-06-17`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://myofficeboca.net.turkpayroll.com/
Frame ID: AD1745E17A7F7BE0D8717D0BD900B1BE
Requests: 53 HTTP requests in this frame

Frame: https://js.stripe.com/v3/buy-button-app-e16b3287b86d35bbb2843aadc41ee2576aed4ac5.html
Frame ID: 6C4C2356AD9396FC85D261ABC382335A
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/buy-button-app-e16b3287b86d35bbb2843aadc41ee2576aed4ac5.html
Frame ID: A4E99DD75E22F905E4557BF15120A8E2
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Don't miss out on amazing! Elevate Your Business Game with Virtual Office in Boca Raton

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

58
Requests

90 %
HTTPS

50 %
IPv6

9
Domains

10
Subdomains

11
IPs

3
Countries

1074 kB
Transfer

3174 kB
Size

2
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://myofficeboca.com/

Search URL Search Domain Scan URL

URL: https://app.hellosign.com/s/9gxWJUdu
Title: Usage Agreement

Search URL Search Domain Scan URL

URL: https://wa.me/19549804000?text=I%27m%20interested%20in%20VirtualofficeBoca%20services.
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/CgeNpPztF3aPPa9q9
Title: 7781 NW Beacon Square Blvd 102 Boca Raton, FL 33487

Search URL Search Domain Scan URL

URL: https://www.facebook.com/myofficeboca/
Title: Facebook/myofficeboca

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
myofficeboca.net.turkpayroll.com/ 37 KB
8 KB 3146ms
161ms Document
text/html 68.66.226.81
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://myofficeboca.net.turkpayroll.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.81 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts2.a2hosting.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

bc05d1292ed6f5599afa8b419a59cb394ecb2c715f9d98d3583d1a50ef0971eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 10 Jun 2024 06:35:46 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.4.33

GET
H2 200 stacks.css
myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/ 1 KB
403 B 179ms
155ms Stylesheet
text/css 68.66.226.81
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/stacks.css?rwcache=738449097

Requested by

Host: myofficeboca.net.turkpayroll.com
URL: https://myofficeboca.net.turkpayroll.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.81 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts2.a2hosting.com

Software

LiteSpeed /

Resource Hash

c12f66e47da8e8d16c444c3923ec1592f895dc378d6e5960954ec46a8bc56c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://myofficeboca.net.turkpayroll.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 06:35:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sun, 26 May 2024 20:45:16 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 344
expires: Mon, 17 Jun 2024 06:35:46 GMT

GET
H2 200 bootstrap.min.css
myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/ 227 KB
28 KB 478ms
456ms Stylesheet
text/css 68.66.226.81
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/bootstrap.min.css?rwcache=738449097

Requested by

Host: myofficeboca.net.turkpayroll.com
URL: https://myofficeboca.net.turkpayroll.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.81 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts2.a2hosting.com

Software

LiteSpeed /

Resource Hash

66ac704488e8836391b7c6146b461bbcc9902f5a3e8506658dca4a66c9fc9f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://myofficeboca.net.turkpayroll.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 06:35:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sun, 26 May 2024 20:45:48 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 28271
expires: Mon, 17 Jun 2024 06:35:46 GMT

GET
H2 200 stacks_page_page0.css
myofficeboca.net.turkpayroll.com/files/ 291 KB
39 KB 328ms
308ms Stylesheet
text/css 68.66.226.81
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://myofficeboca.net.turkpayroll.com/files/stacks_page_page0.css?rwcache=738449097

Requested by

Host: myofficeboca.net.turkpayroll.com
URL: https://myofficeboca.net.turkpayroll.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.81 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts2.a2hosting.com

Software

LiteSpeed /

Resource Hash

bdae7a11cea4e5176cba3b6b748c2ec963c083c25f05fb440f16c891a40d73e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://myofficeboca.net.turkpayroll.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 06:35:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sun, 26 May 2024 20:45:55 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 39752
expires: Mon, 17 Jun 2024 06:35:46 GMT

GET
H2 200 jquery-2.2.4.min.js Show response
myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/ 84 KB
29 KB 470ms
455ms Script
application/javascript 68.66.226.81
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/jquery-2.2.4.min.js?rwcache=738449097

Requested by

Host: myofficeboca.net.turkpayroll.com
URL: https://myofficeboca.net.turkpayroll.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.81 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts2.a2hosting.com

Software

LiteSpeed /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://myofficeboca.net.turkpayroll.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 06:35:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sun, 26 May 2024 20:45:58 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29167
expires: Mon, 17 Jun 2024 06:35:46 GMT

GET
H2 200 font-awesome.min.css
myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/ 30 KB
7 KB 166ms
152ms Stylesheet
text/css 68.66.226.81
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/font-awesome.min.css?rwcache=738449097

Requested by

Host: myofficeboca.net.turkpayroll.com
URL: https://myofficeboca.net.turkpayroll.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.81 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts2.a2hosting.com

Software

LiteSpeed /

Resource Hash

fd00bbafd075c724d48213b6ad9f6091984ab5ada86a11f77241f316ce25cf19

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://myofficeboca.net.turkpayroll.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 06:35:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sun, 26 May 2024 20:45:12 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 6649
expires: Mon, 17 Jun 2024 06:35:46 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/ 79 KB
22 KB 167ms
156ms Script
application/javascript 68.66.226.81
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/bootstrap.bundle.min.js?rwcache=738449097

Requested by

Host: myofficeboca.net.turkpayroll.com
URL: https://myofficeboca.net.turkpayroll.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.81 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts2.a2hosting.com

Software

LiteSpeed /

Resource Hash

f200de74197ce4d398afa19a632d72c0b41d8c7396b229b64744a9a4b88897eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://myofficeboca.net.turkpayroll.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 06:35:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sun, 26 May 2024 20:45:43 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 22861
expires: Mon, 17 Jun 2024 06:35:46 GMT

GET
H2 200 stacks_page_page0.js Show response
myofficeboca.net.turkpayroll.com/files/ 74 KB
20 KB 465ms
454ms Script
application/javascript 68.66.226.81
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://myofficeboca.net.turkpayroll.com/files/stacks_page_page0.js?rwcache=738449097

Requested by

Host: myofficeboca.net.turkpayroll.com
URL: https://myofficeboca.net.turkpayroll.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.81 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts2.a2hosting.com

Software

LiteSpeed /

Resource Hash

7a63bc6c966ea05378cf44b06e242afae5e2900294816b76d2a3c846cf97fd23

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://myofficeboca.net.turkpayroll.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 06:35:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Sun, 26 May 2024 20:46:01 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 20052
expires: Mon, 17 Jun 2024 06:35:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
821 B 97ms
27ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400,700,

Requested by

Host: myofficeboca.net.turkpayroll.com
URL: https://myofficeboca.net.turkpayroll.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f9f4b743e9eb8730c606cf5776e89fde8d9c8694426490579941b6a8e91135e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Jun 2024 06:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 10 Jun 2024 06:35:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Jun 2024 06:35:46 GMT

GET
H2 200 drag-and-drop-logo-4-FD6.png
myofficeboca.net.turkpayroll.com/files/ 15 KB
15 KB 324ms
315ms Image
image/png 68.66.226.81
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myofficeboca.net.turkpayroll.com/files/drag-and-drop-logo-4-FD6.png

Requested by

Host: myofficeboca.net.turkpayroll.com
URL: https://myofficeboca.net.turkpayroll.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.81 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts2.a2hosting.com

Software

LiteSpeed /

Resource Hash

12e33a7b05a17696bf44ecfedb75f7af3c136abe9d8d4bfaa489d72e609cc114

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://myofficeboca.net.turkpayroll.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 06:35:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sun, 26 May 2024 20:45:05 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 15504
expires: Mon, 17 Jun 2024 06:35:46 GMT

GET
H2 200 buy-button.js Show response
js.stripe.com/v3/ 10 KB
4 KB 67ms
21ms Script
text/javascript 65.9.66.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/buy-button.js

Requested by

Host: myofficeboca.net.turkpayroll.com
URL: https://myofficeboca.net.turkpayroll.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-53.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

be9312b2598cdc82eb622b054641322798c16acee8f0f9724854c6be2a3413f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 06:35:46 GMT
content-encoding: gzip
via: 1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 52
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
last-modified: Fri, 07 Jun 2024 20:04:03 GMT
server: Cloudfront
etag: W/"3654d24354cce4c9f17d49d6c0a4fc4e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: wJMUBt3fe61_wKA0CFlyyr7TrRyteon4iiHhnYvBdu6aTkUonIdgQw==

GET
H2 200 chat_plugin.js Show response
app.aminos.ai/js/ 822 KB
229 KB 315ms
109ms Script
application/javascript 159.65.56.174
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.aminos.ai/js/chat_plugin.js

Requested by

Host: myofficeboca.net.turkpayroll.com
URL: https://myofficeboca.net.turkpayroll.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.65.56.174 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

22c99930d1401bbc519578cc8ebe49142610a191fb39e8642e5c009c9bce5e26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 06:35:46 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sun, 09 Jun 2024 14:50:44 GMT
server: nginx-rc
etag: W/"6665c144-cd840"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Wed, 10 Jul 2024 06:35:46 GMT

GET
H2 200 seamless.js Show response
www.cognitoforms.com/f/ 69 KB
18 KB 491ms
239ms Script
application/javascript 20.246.218.104
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cognitoforms.com/f/seamless.js

Requested by

Host: myofficeboca.net.turkpayroll.com
URL: https://myofficeboca.net.turkpayroll.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.246.218.104 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

061f95b1475a6247a869e7adb4423a4ca789650951cd1526e30c5be3a1b57b42

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://; connect-src 'self' https:// wss:; media-src 'self' https://* blob:; font-src 'self' https://* data:; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:; worker-src blob:;
Strict-Transport-Security	max-age=35136000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 06:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=35136000; includeSubDomains
x-role-instance: cogwprdb0001FU
content-security-policy: default-src 'self' https://*; connect-src 'self' https://* wss:; media-src 'self' https://* blob:; font-src 'self' https://* data:; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:; worker-src blob:;
p3p: CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
content-length: 17768
request-context: appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
pragma: no-cache
x-server-time: 2024-06-10T06:35:47.066Z
referrer-policy: origin-when-cross-origin
etag: 5805880f7e2dbdfdb953a223b8c01198
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-SessionToken,X-Server-Time, Request-Context
cache-control: no-cache, must-revalidate
x-request-time: 3ms
expires: -1

GET consolidated.css
www.myofficeboca.net/rw_common/themes/FDY/ 0
0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 54ms
20ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: myofficeboca.net.turkpayroll.com
URL: https://myofficeboca.net.turkpayroll.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://myofficeboca.net.turkpayroll.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 10 Jun 2024 06:35:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57975
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=12, mss=1297, tbw=2808, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: y5jcMSDmaGudCGuIoHdUOnk/yv7tLRc32d/IHMLHFlLYrsT2HeqEaILDJr3GlvQZg+tki7PBwaHMwO6LwIZU9w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 drag-and-drop-img-560.png
myofficeboca.net.turkpayroll.com/files/ 170 KB
171 KB 158ms
157ms Image
image/png 68.66.226.81
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myofficeboca.net.turkpayroll.com/files/drag-and-drop-img-560.png

Requested by

Host: myofficeboca.net.turkpayroll.com
URL: https://myofficeboca.net.turkpayroll.com/files/stacks_page_page0.css?rwcache=738449097

Protocol

Security

QUIC, , AES_128_GCM

Server

68.66.226.81 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts2.a2hosting.com

Software

LiteSpeed /

Resource Hash

d3bcd1e1eb17895a0ade507cd3c481d93138b207a206ae9b759933711f70a649

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://myofficeboca.net.turkpayroll.com/files/stacks_page_page0.css?rwcache=738449097
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 06:35:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sun, 26 May 2024 20:45:34 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 174339
expires: Mon, 17 Jun 2024 06:35:47 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 189ms
2ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,700,

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://myofficeboca.net.turkpayroll.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 13:43:57 GMT
x-content-type-options: nosniff
age: 233510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 13:43:57 GMT

GET buy-button-app-e16b3287b86d35bbb2843aadc41ee2576aed4ac5.html
js.stripe.com/v3/ Frame 6C4C 0
0

GET
H2 200 buy-button-app-e16b3287b86d35bbb2843aadc41ee2576aed4ac5.html
js.stripe.com/v3/ Frame 6C4C 0
0 147ms
18ms Document
text/html 65.9.66.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/buy-button-app-e16b3287b86d35bbb2843aadc41ee2576aed4ac5.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/buy-button.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-21.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://r.stripe.com https://errors.stripe.com https://merchant-ui-api.stripe.com; default-src 'none'; font-src 'self' https://js.stripe.com; form-action 'none'; frame-src 'self' https://js.stripe.com; img-src 'self' https://js.stripe.com https://stripe-camo.global.ssl.fastly.net https://d1wqzb5bdbcre6.cloudfront.net https://files.stripe.com https://img.stripecdn.com; script-src 'self' https://js.stripe.com; style-src 'self' https://js.stripe.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 458
cache-control: max-age=604800, stale-while-revalidate=900
content-length: 956
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://r.stripe.com https://errors.stripe.com https://merchant-ui-api.stripe.com; default-src 'none'; font-src 'self' https://js.stripe.com; form-action 'none'; frame-src 'self' https://js.stripe.com; img-src 'self' https://js.stripe.com https://stripe-camo.global.ssl.fastly.net https://d1wqzb5bdbcre6.cloudfront.net https://files.stripe.com https://img.stripecdn.com; script-src 'self' https://js.stripe.com; style-src 'self' https://js.stripe.com; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://r.stripe.com https://errors.stripe.com https://merchant-ui-api.stripe.com; default-src 'none'; font-src 'self' https://js.stripe.com; form-action 'none'; frame-src 'self' https://js.stripe.com; img-src 'self' https://js.stripe.com https://stripe-camo.global.ssl.fastly.net https://d1wqzb5bdbcre6.cloudfront.net https://files.stripe.com https://img.stripecdn.com; script-src 'self' https://js.stripe.com; style-src 'self' https://js.stripe.com; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 10 Jun 2024 06:32:09 GMT
etag: "83416f8ce7dde0447267fd23f87e6a87"
last-modified: Fri, 07 Jun 2024 20:04:03 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
x-amz-cf-id: N1vSNG6wsgsWbHhcIDAbOzqHgMNS2GEYVAgwTkde9fuxcmvICrYEtA==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET buy-button-app-e16b3287b86d35bbb2843aadc41ee2576aed4ac5.html
js.stripe.com/v3/ Frame A4E9 0
0

GET
H2 200 buy-button-app-e16b3287b86d35bbb2843aadc41ee2576aed4ac5.html
js.stripe.com/v3/ Frame A4E9 0
0 137ms
137ms Document
text/html 65.9.66.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/buy-button-app-e16b3287b86d35bbb2843aadc41ee2576aed4ac5.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/buy-button.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-21.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

base-uri 'none'; connect-src 'self' https://api.stripe.com https://r.stripe.com https://errors.stripe.com https://merchant-ui-api.stripe.com; default-src 'none'; font-src 'self' https://js.stripe.com; form-action 'none'; frame-src 'self' https://js.stripe.com; img-src 'self' https://js.stripe.com https://stripe-camo.global.ssl.fastly.net https://d1wqzb5bdbcre6.cloudfront.net https://files.stripe.com https://img.stripecdn.com; script-src 'self' https://js.stripe.com; style-src 'self' https://js.stripe.com; report-uri https://q.stripe.com/csp-report

X-Content-Type-Options

nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 458
cache-control: max-age=604800, stale-while-revalidate=900
content-length: 956
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://r.stripe.com https://errors.stripe.com https://merchant-ui-api.stripe.com; default-src 'none'; font-src 'self' https://js.stripe.com; form-action 'none'; frame-src 'self' https://js.stripe.com; img-src 'self' https://js.stripe.com https://stripe-camo.global.ssl.fastly.net https://d1wqzb5bdbcre6.cloudfront.net https://files.stripe.com https://img.stripecdn.com; script-src 'self' https://js.stripe.com; style-src 'self' https://js.stripe.com; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://r.stripe.com https://errors.stripe.com https://merchant-ui-api.stripe.com; default-src 'none'; font-src 'self' https://js.stripe.com; form-action 'none'; frame-src 'self' https://js.stripe.com; img-src 'self' https://js.stripe.com https://stripe-camo.global.ssl.fastly.net https://d1wqzb5bdbcre6.cloudfront.net https://files.stripe.com https://img.stripecdn.com; script-src 'self' https://js.stripe.com; style-src 'self' https://js.stripe.com; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 10 Jun 2024 06:32:09 GMT
etag: "83416f8ce7dde0447267fd23f87e6a87"
last-modified: Fri, 07 Jun 2024 20:04:03 GMT
server: Cloudfront
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
x-amz-cf-id: N1vSNG6wsgsWbHhcIDAbOzqHgMNS2GEYVAgwTkde9fuxcmvICrYEtA==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 fontawesome-webfont.woff2
myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/ 75 KB
76 KB 206ms
205ms Font
font/woff2 68.66.226.81
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: myofficeboca.net.turkpayroll.com
URL: https://myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/font-awesome.min.css?rwcache=738449097

Protocol

Security

QUIC, , AES_128_GCM

Server

68.66.226.81 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts2.a2hosting.com

Software

LiteSpeed /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/font-awesome.min.css?rwcache=738449097
Origin: https://myofficeboca.net.turkpayroll.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 06:35:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sun, 26 May 2024 20:46:03 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: font/woff2
accept-ranges: bytes
content-length: 77160

GET
H2 200 1107143453767544 Show response
connect.facebook.net/signals/config/ 65 KB
14 KB 256ms
222ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1107143453767544?v=2.9.157&r=stable&domain=myofficeboca.net.turkpayroll.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d23040ec8ccb2e8aeef214ef110387f741e6d64c34edf08524894c58b5e1fce6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 10 Jun 2024 06:35:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=65, rtx=0, c=40, mss=1297, tbw=63538, tp=-1, tpl=-1, uplat=225, ullat=0
pragma: public
x-fb-debug: zRAKt2ZxR6PF5ix7ec93g+ZLO9rsypTDKq7XpvW80NO/1a872+PZQNqXLgivzIF3BIgAyMXr03X0N4LhHCpV9Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET javascript.js
www.myofficeboca.net/rw_common/themes/FDY/ 0
0

GET
DATA 200
OK truncated
/ 44 B
44 B Other
image/webp

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52734ffc9ed5c328ac20a2b1bd1177ade6dd2a4279d2445547fffdd5d1f5e2c4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 58ms
55ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,700,

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://myofficeboca.net.turkpayroll.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 00:46:39 GMT
x-content-type-options: nosniff
age: 280148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 00:46:39 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 155ms
17ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1107143453767544&ev=PageView&dl=https%3A%2F%2Fmyofficeboca.net.turkpayroll.com%2F&rl=&if=false&ts=1718001347501&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718001347486.905146890902850844&cs_est=true&ler=empty&cdl=API_unavailable&it=1718001347164&coo=false&rqm=GET

Requested by

Host: myofficeboca.net.turkpayroll.com
URL: https://myofficeboca.net.turkpayroll.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=2, c=1, mss=1297, tbw=2813, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 10 Jun 2024 06:35:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 319ms
181ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1107143453767544&ev=PageView&dl=https%3A%2F%2Fmyofficeboca.net.turkpayroll.com%2F&rl=&if=false&ts=1718001347501&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718001347486.905146890902850844&cs_est=true&ler=empty&cdl=API_unavailable&it=1718001347164&coo=false&rqm=FGET

Requested by

Host: myofficeboca.net.turkpayroll.com
URL: https://myofficeboca.net.turkpayroll.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xf588cfe5c3682ec0","source_keys":["1","2"]},{"key_piece":"0xb9590d91fa17903e","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 10 Jun 2024 06:35:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=2, c=7, mss=1297, tbw=3130, tp=-1, tpl=-1, uplat=172, ullat=0
pragma: no-cache
x-fb-debug: msIB6bHyyirc/GDZ3VfEQGhe2FTzYRp7WHO41iBkwsaZob+Arn5hYUIjZDuQ4+0Ka+yax1ws/cQvflvCYMg8ag==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 403 16448 Show response
app.aminos.ai/api/bot_info/ 54 B
930 B 1163ms
59ms XHR
application/json 159.65.56.174
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://app.aminos.ai/api/bot_info/16448
Requested by: Host: app.aminos.ai
URL: https://app.aminos.ai/js/chat_plugin.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.65.56.174 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx-rc /
Resource Hash: 3badc36c0070a45c212cbda5d0e60814eb2aeeef7c980745d31e49c6d7da0fe3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 10 Jun 2024 06:35:49 GMT
content-encoding: br
server: nginx-rc
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: private, must-revalidate
expires: -1

GET
H2 200 27.e98d1369d14d2b1586c2.js Show response
static.cognitoforms.com/form/modern/ 115 KB
49 KB 84ms
25ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/27.e98d1369d14d2b1586c2.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3d13494fece71cfd3d65a1037360b2c6d6dee4f0022a00ce25b902e10fd18f1e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 10 Jun 2024 06:35:48 GMT
content-encoding: br
last-modified: Fri, 31 May 2024 12:42:14 GMT
vary: Accept-Encoding
x-azure-ref: 20240610T063548Z-16577d9575d9l9l8ba67b06k100000000av000000000xf5c
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 613cd3fe-f01e-0055-241a-b5bcb6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 4761670

GET
H2 200 114.0c5775db0fe51be9e589.js Show response
static.cognitoforms.com/form/modern/ 2 KB
1 KB 83ms
24ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/114.0c5775db0fe51be9e589.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 47938ba13e4f180286efffcc1d0ce2b2937273354bd4ae048e840032f59d3d0f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 10 Jun 2024 06:35:48 GMT
content-encoding: br
last-modified: Fri, 31 May 2024 12:42:14 GMT
vary: Accept-Encoding
x-azure-ref: 20240610T063548Z-16577d9575d9l9l8ba67b06k100000000av000000000xf5d
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 77a1b664-c01e-003c-76ee-b485fa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 4761670

GET
H2 200 203.24ec54c3d416d1410a41.js Show response
static.cognitoforms.com/form/modern/ 3 KB
2 KB 96ms
38ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/203.24ec54c3d416d1410a41.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3ee7ba6b4b8fff2816f2217eecccc0a3776e9015bcb4753283deec524e791675

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 10 Jun 2024 06:35:48 GMT
content-encoding: br
last-modified: Fri, 31 May 2024 12:42:14 GMT
vary: Accept-Encoding
x-azure-ref: 20240610T063548Z-16577d9575d9l9l8ba67b06k100000000av000000000xf5e
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 84a040e6-001e-006e-272a-b5f912000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 4761670

GET
DATA 200
OK truncated
/ 497 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05d055c4cb935414f1cc2eb7ffec3f85f541991a10899c53baf31a1e630a78fd

Request headers

Referer
Origin: https://myofficeboca.net.turkpayroll.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 favicon-32x32.png
www.myofficeboca.net/resources/ 2 KB
2 KB 385ms
149ms Other
image/png 68.66.226.81
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://www.myofficeboca.net/resources/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.81 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts2.a2hosting.com

Software

LiteSpeed /

Resource Hash

d0193c33d5e864aec9c1c47a611ca445c043983d989cd7caa2849d54281550d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 06:35:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sun, 26 May 2024 20:45:57 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1826
expires: Mon, 17 Jun 2024 06:35:48 GMT

GET
H2 200 177.3b5ba3af41efbf7e0f3b.js Show response
static.cognitoforms.com/form/modern/ 123 KB
38 KB 50ms
10ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/177.3b5ba3af41efbf7e0f3b.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 354b11d042e16b1548f806eed69ebc40ade72d16ed08359135202a882e297b76

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 10 Jun 2024 06:35:48 GMT
content-encoding: br
last-modified: Fri, 31 May 2024 12:42:14 GMT
vary: Accept-Encoding
x-azure-ref: 20240610T063548Z-16577d9575d9l9l8ba67b06k100000000av000000000xf5u
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7c3cbc7e-001e-0023-352a-b536fe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 4761670

GET
H2 200 199.98db2e8e1d77b72d79c0.js Show response
static.cognitoforms.com/form/modern/ 37 KB
9 KB 45ms
5ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/199.98db2e8e1d77b72d79c0.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b636082f1ab199d86df4c0049547fba1d6115d7dbfa81b320634c3a08fc11e2c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 10 Jun 2024 06:35:48 GMT
content-encoding: br
last-modified: Fri, 31 May 2024 12:42:14 GMT
vary: Accept-Encoding
x-azure-ref: 20240610T063548Z-16577d9575d9l9l8ba67b06k100000000av000000000xf5v
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c8736207-b01e-0054-2d2a-b5e36a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 4761670

GET
H2 200 66.e1dac0ae5fb425f2ae30.js Show response
static.cognitoforms.com/form/modern/ 51 KB
22 KB 43ms
5ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/66.e1dac0ae5fb425f2ae30.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 866574aa6ca7145a56ab0f983bffd818ccd0cc47fc664f17eb783d11a1923339

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 10 Jun 2024 06:35:48 GMT
content-encoding: br
last-modified: Fri, 31 May 2024 12:42:14 GMT
vary: Accept-Encoding
x-azure-ref: 20240610T063548Z-16577d9575d9l9l8ba67b06k100000000av000000000xf5w
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5d936b15-001e-000c-6118-b53b35000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 4761670

GET
H2 200 198.89e828fbe412d40c3982.js Show response
static.cognitoforms.com/form/modern/ 130 KB
50 KB 43ms
6ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/198.89e828fbe412d40c3982.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 586ca022f43fe82e790ffd385a53177e59db216849c7ca22642a8fe135f536bf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 10 Jun 2024 06:35:48 GMT
content-encoding: br
last-modified: Fri, 31 May 2024 12:42:14 GMT
vary: Accept-Encoding
x-azure-ref: 20240610T063548Z-16577d9575d9l9l8ba67b06k100000000av000000000xf5x
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0c0d6d49-b01e-0044-6f27-b52602000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 0

GET
H2 200 37.8683a6b91792f39f2629.js Show response
static.cognitoforms.com/form/modern/ 152 KB
48 KB 42ms
5ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/37.8683a6b91792f39f2629.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 85c2b7f6c779682a967d9eaa6f06c29537c7f9ae4572e3a0d8b4ba4204e69b5c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 10 Jun 2024 06:35:48 GMT
content-encoding: br
last-modified: Fri, 31 May 2024 12:42:14 GMT
vary: Accept-Encoding
x-azure-ref: 20240610T063548Z-16577d9575d9l9l8ba67b06k100000000av000000000xf5y
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 958cb2c1-e01e-0076-4523-b52675000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 4761670

GET
H2 200 174.e2a32e5fcddb2bfda5e6.js Show response
static.cognitoforms.com/form/modern/ 149 KB
41 KB 47ms
10ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/174.e2a32e5fcddb2bfda5e6.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c6947fc6b560f6c142c9ab5876eb4a00aed8e846298863d7d4bbb0f8b13382b1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 10 Jun 2024 06:35:48 GMT
content-encoding: br
last-modified: Wed, 05 Jun 2024 12:54:06 GMT
vary: Accept-Encoding
x-azure-ref: 20240610T063548Z-16577d9575d9l9l8ba67b06k100000000av000000000xf5z
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: a3843990-401e-000d-034b-b764e9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 0

POST
H2 200 23 Show response
www.cognitoforms.com/svc/load-form/new-session/0FwzPHs_IEuSTevu99kmYw/ 2 KB
3 KB 169ms
169ms XHR
application/json 20.246.218.104
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cognitoforms.com/svc/load-form/new-session/0FwzPHs_IEuSTevu99kmYw/23?embedContext=seamless&omitPaymentToken=false

Requested by

Host: static.cognitoforms.com
URL: https://static.cognitoforms.com/form/modern/198.89e828fbe412d40c3982.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.246.218.104 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

84142cfaf259c05f2f6bd1215f39eaeb8ad49939b97fd9dfcbab891e52bd6d91

Security Headers

Name	Value
Strict-Transport-Security	max-age=35136000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
pragma: no-cache
date: Mon, 10 Jun 2024 06:35:48 GMT
strict-transport-security: max-age=35136000; includeSubDomains
x-server-time: 2024-06-10T06:35:48.668Z
x-role-instance: cogwprdb0001FX
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-SessionToken,X-Server-Time, Request-Context
cache-control: no-cache, no-store, must-revalidate
p3p: CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
x-request-time: 64ms
content-length: 2521
request-context: appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a

OPTIONS
H2 200 23
www.cognitoforms.com/svc/load-form/new-session/0FwzPHs_IEuSTevu99kmYw/ Frame 0
0 350ms
151ms Preflight 20.246.218.104
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cognitoforms.com/svc/load-form/new-session/0FwzPHs_IEuSTevu99kmYw/23?embedContext=seamless&omitPaymentToken=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.246.218.104 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=35136000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: POST
Origin: https://myofficeboca.net.turkpayroll.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-requested-with, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: Request-Context
access-control-max-age: 1728000
content-length: 0
date: Mon, 10 Jun 2024 06:35:48 GMT
p3p: CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
request-context: appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
strict-transport-security: max-age=35136000; includeSubDomains
x-request-time: 15ms
x-role-instance: cogwprdb0001EW

GET
H2 200 23 Show response
www.cognitoforms.com/svc/load-form/form-def/0FwzPHs_IEuSTevu99kmYw/ 34 KB
8 KB 170ms
169ms Script
application/javascript 20.246.218.104
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cognitoforms.com/svc/load-form/form-def/0FwzPHs_IEuSTevu99kmYw/23

Requested by

Host: static.cognitoforms.com
URL: https://static.cognitoforms.com/form/modern/37.8683a6b91792f39f2629.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.246.218.104 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

38c0c3afe93402e431e416c061340a64bde8dd564d6ed0068261647c655e264c

Security Headers

Name	Value
Strict-Transport-Security	max-age=35136000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
pragma: no-cache
date: Mon, 10 Jun 2024 06:35:48 GMT
content-encoding: gzip
x-server-time: 2024-06-10T06:35:48.838Z
strict-transport-security: max-age=35136000; includeSubDomains
x-role-instance: cogwprdb0001EW
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-SessionToken,X-Server-Time, Request-Context
cache-control: no-cache, no-store, must-revalidate
p3p: CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
x-request-time: 70ms
content-length: 7453
request-context: appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a

GET
H2 200 opensanscondensed.css
www.cognitoforms.com/content/fonts/opensanscondensed/ 5 KB
1 KB 102ms
102ms Stylesheet
text/css 20.246.218.104
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cognitoforms.com/content/fonts/opensanscondensed/opensanscondensed.css

Requested by

Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/form-def/0FwzPHs_IEuSTevu99kmYw/23

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.246.218.104 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5470d8ba3d52e47b7719c9d91ff8bd76d2c502e8c93d05738a0c23956dd4d491

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://; connect-src 'self' https:// wss:; media-src 'self' https://* blob:; font-src 'self' https://* data:; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:; worker-src blob:;
Strict-Transport-Security	max-age=35136000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 06:35:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=35136000; includeSubDomains
x-role-instance: cogwprdb0001ET
content-security-policy: default-src 'self' https://*; connect-src 'self' https://* wss:; media-src 'self' https://* blob:; font-src 'self' https://* data:; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:; worker-src blob:;
p3p: CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
content-length: 609
request-context: appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
x-server-time: 2024-06-10T06:35:49.013Z
referrer-policy: origin-when-cross-origin
last-modified: Wed, 05 Jun 2024 16:55:32 GMT
etag: "01a482d69b7da1:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: X-SessionToken,X-Server-Time, Request-Context
x-request-time: 0ms
accept-ranges: bytes

GET
H2 200 69.87cb675daac1315f930b.js Show response
static.cognitoforms.com/form/modern/ 2 KB
1 KB 10ms
9ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/69.87cb675daac1315f930b.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: eb5d5896a3c157bb64220170a469f30035327b95b06f5d09f351345c823fd12c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 10 Jun 2024 06:35:48 GMT
content-encoding: br
last-modified: Fri, 31 May 2024 12:42:14 GMT
vary: Accept-Encoding
x-azure-ref: 20240610T063548Z-16577d9575d9l9l8ba67b06k100000000av000000000xf81
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 339e509a-801e-0002-3f2b-b51285000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 4761670

GET
H2 200 39.0302816b47628bba4c32.js Show response
static.cognitoforms.com/form/modern/ 16 KB
7 KB 10ms
10ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/39.0302816b47628bba4c32.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 29f4d76ba21af733ddff00739d98b8c089658ac0c857a6c9dcf45bb055ae083e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 10 Jun 2024 06:35:48 GMT
content-encoding: br
last-modified: Fri, 31 May 2024 12:42:14 GMT
vary: Accept-Encoding
x-azure-ref: 20240610T063548Z-16577d9575d9l9l8ba67b06k100000000av000000000xf82
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: fd6b5f9c-801e-004f-2316-b5dd69000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 4761670

GET
H2 200 206.0e93cd53b2f91563ceaa.js Show response
static.cognitoforms.com/form/modern/ 3 KB
2 KB 21ms
21ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/206.0e93cd53b2f91563ceaa.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 30ea390e355cb3f1a6a4273912ab9af121e79960102a7d7d0cdb6f5d9cdf7a81

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 10 Jun 2024 06:35:49 GMT
content-encoding: br
last-modified: Fri, 31 May 2024 12:42:14 GMT
vary: Accept-Encoding
x-azure-ref: 20240610T063549Z-16577d9575d9l9l8ba67b06k100000000av000000000xf86
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 959fc418-e01e-0076-6c27-b52675000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 0

GET
H2 200 22.4079b1f6d28b66195e1c.js Show response
static.cognitoforms.com/form/modern/ 10 KB
4 KB 11ms
11ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/22.4079b1f6d28b66195e1c.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cb22b95005902ce2085369a42e51f3bf31ce5eee3c52c152e12e96e78268e81d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 10 Jun 2024 06:35:49 GMT
content-encoding: br
last-modified: Fri, 31 May 2024 12:42:14 GMT
vary: Accept-Encoding
x-azure-ref: 20240610T063549Z-16577d9575d9l9l8ba67b06k100000000av000000000xf8e
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e4792f80-401e-0032-541b-b5ac4a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 4761670

GET
H2 200 13.44050a98893af356d256.js Show response
static.cognitoforms.com/form/modern/ 1 KB
1 KB 10ms
10ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/13.44050a98893af356d256.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 051578b32917a9d66350318dc4b7270656fc5c333d5ef0541623157a6047f544

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 10 Jun 2024 06:35:49 GMT
content-encoding: br
last-modified: Fri, 31 May 2024 12:42:14 GMT
vary: Accept-Encoding
x-azure-ref: 20240610T063549Z-16577d9575d9l9l8ba67b06k100000000av000000000xf8f
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6a4ddb7b-c01e-005e-5d00-b547dd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 0

GET
H2 200 123.dca6b20bd356ac8faab0.js Show response
static.cognitoforms.com/form/modern/ 4 KB
2 KB 10ms
10ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/123.dca6b20bd356ac8faab0.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dc59b14d676a28661546eba2c90e97d1da36d89f2bf821ec089cd6a243240362

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 10 Jun 2024 06:35:49 GMT
content-encoding: br
last-modified: Fri, 31 May 2024 12:42:14 GMT
vary: Accept-Encoding
x-azure-ref: 20240610T063549Z-16577d9575d9l9l8ba67b06k100000000av000000000xf8g
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c81ce801-b01e-0054-141b-b5e36a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 4761670

GET
H2 200 1.7710b29580b4a9fb3336.js Show response
static.cognitoforms.com/form/modern/ 273 B
783 B 14ms
13ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/1.7710b29580b4a9fb3336.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 13a94242b556ef4c32988b9ebdad770a344422f347373e108ab4764343e45d51

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 10 Jun 2024 06:35:49 GMT
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 4761670
content-length: 273
x-ms-lease-status: unlocked
last-modified: Fri, 31 May 2024 12:42:14 GMT
etag: 0x8DC816F1954F785
x-azure-ref: 20240610T063549Z-16577d9575d9l9l8ba67b06k100000000av000000000xf8k
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ce50b863-401e-0050-181a-b56e6d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 0.0f6d4e130a6141c1dad3.js Show response
static.cognitoforms.com/form/modern/ 561 B
1 KB 19ms
18ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/0.0f6d4e130a6141c1dad3.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 144a4a376cb9cfbe9e45b455f25a80306291698c0ed2c97f24aca292cb2b21e1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 10 Jun 2024 06:35:49 GMT
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 0
content-length: 561
x-ms-lease-status: unlocked
last-modified: Fri, 31 May 2024 12:42:14 GMT
etag: 0x8DC816F195041E8
x-azure-ref: 20240610T063549Z-16577d9575d9l9l8ba67b06k100000000av000000000xf8m
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 59b8d49b-901e-0053-560e-b58f09000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 2.6d8910cc2b9da19bdfaf.js Show response
static.cognitoforms.com/form/modern/ 12 KB
5 KB 15ms
14ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/2.6d8910cc2b9da19bdfaf.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 238c7d1b1b295caadb6166f202d0284f653547a36dd07770e3efa3f563adc3b4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 10 Jun 2024 06:35:49 GMT
content-encoding: br
last-modified: Fri, 31 May 2024 12:42:14 GMT
vary: Accept-Encoding
x-azure-ref: 20240610T063549Z-16577d9575d9l9l8ba67b06k100000000av000000000xf8n
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: acb10014-501e-003e-0f01-b53b42000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 0

GET
H2 200 9.fac04b95522c60a24785.js Show response
static.cognitoforms.com/form/modern/ 18 KB
8 KB 13ms
12ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/9.fac04b95522c60a24785.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 89da017bf79927382fdcc6bdc062a35099e5b3e37a612c598a7b0da37865c6c2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 10 Jun 2024 06:35:49 GMT
content-encoding: br
last-modified: Fri, 31 May 2024 12:42:14 GMT
vary: Accept-Encoding
x-azure-ref: 20240610T063549Z-16577d9575d9l9l8ba67b06k100000000av000000000xf8p
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: fb6d8169-c01e-003c-2f29-b585fa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 0

GET
H2 200 3.28da91a52a535afae15d.js Show response
static.cognitoforms.com/form/modern/ 6 KB
2 KB 12ms
12ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/3.28da91a52a535afae15d.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e1b0e3a2e5a3bf414239e46390b0e0c2859caa67530a509246525bbfa097460a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 10 Jun 2024 06:35:49 GMT
content-encoding: br
last-modified: Wed, 05 Jun 2024 12:54:06 GMT
vary: Accept-Encoding
x-azure-ref: 20240610T063549Z-16577d9575d9l9l8ba67b06k100000000av000000000xf8q
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 91bae5fc-801e-0070-144b-b715ca000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 0

GET
H2 200 17.d0096b8b4128a623a2b5.js Show response
static.cognitoforms.com/form/modern/ 4 KB
2 KB 24ms
23ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/17.d0096b8b4128a623a2b5.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7dfa02d68e1df0ff551b8b3e42a9612f448ec3db7a70e43831d6f5a9d4e805c0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 10 Jun 2024 06:35:49 GMT
content-encoding: br
last-modified: Fri, 31 May 2024 12:42:14 GMT
vary: Accept-Encoding
x-azure-ref: 20240610T063549Z-16577d9575d9l9l8ba67b06k100000000av000000000xf8r
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 614890c7-101e-002f-2f1a-b5a1f6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 0

GET
H2 200 130.5f2bc106a29cf4eaaf5c.js Show response
static.cognitoforms.com/form/modern/ 4 KB
2 KB 15ms
15ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/130.5f2bc106a29cf4eaaf5c.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d19bf029f6157da94c5a754fbf174e5026a776b4a3910f6ba2023d612b6cb319

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 10 Jun 2024 06:35:49 GMT
content-encoding: br
last-modified: Fri, 31 May 2024 12:42:14 GMT
vary: Accept-Encoding
x-azure-ref: 20240610T063549Z-16577d9575d9l9l8ba67b06k100000000av000000000xf8s
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: fc30f2cd-c01e-004e-5881-b382b5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 4761670

GET
H2 200 128.c185ba9d01ca05608e93.js Show response
static.cognitoforms.com/form/modern/ 4 KB
2 KB 17ms
17ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/128.c185ba9d01ca05608e93.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44568efe3b5bba4143180e8827425df62376918028b69237ebcb1d608034d6f1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 10 Jun 2024 06:35:49 GMT
content-encoding: br
last-modified: Fri, 31 May 2024 12:42:14 GMT
vary: Accept-Encoding
x-azure-ref: 20240610T063549Z-16577d9575d9l9l8ba67b06k100000000av000000000xf8t
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: cd797970-a01e-0077-3804-b579a9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.myofficeboca.net
URL: http://www.myofficeboca.net/rw_common/themes/FDY/consolidated.css

Domain: js.stripe.com
URL: https://js.stripe.com/v3/buy-button-app-e16b3287b86d35bbb2843aadc41ee2576aed4ac5.html

Domain: js.stripe.com
URL: https://js.stripe.com/v3/buy-button-app-e16b3287b86d35bbb2843aadc41ee2576aed4ac5.html

Domain: js.stripe.com
URL: https://js.stripe.com/v3/buy-button-app-e16b3287b86d35bbb2843aadc41ee2576aed4ac5.html

Domain: js.stripe.com
URL: https://js.stripe.com/v3/buy-button-app-e16b3287b86d35bbb2843aadc41ee2576aed4ac5.html

Domain: www.myofficeboca.net
URL: http://www.myofficeboca.net/rw_common/themes/FDY/javascript.js

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.turkpayroll.com/	1970-01-20 23:22:57	Name: _fbp Value: fb.1.1718001347486.905146890902850844
			m.stripe.com/	1970-01-21 06:49:21	Name: m Value: 698e98ec-c3ae-4779-bf34-c1db0641adc34f5aa6

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://myofficeboca.net.turkpayroll.com/(Line 13) Message: Mixed Content: The page at 'https://myofficeboca.net.turkpayroll.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://www.myofficeboca.net/rw_common/themes/FDY/consolidated.css'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://myofficeboca.net.turkpayroll.com/ Message: Mixed Content: The page at 'https://myofficeboca.net.turkpayroll.com/' was loaded over HTTPS, but requested an insecure script 'http://www.myofficeboca.net/rw_common/themes/FDY/javascript.js'. This request has been blocked; the content must be served over HTTPS.
other	warning	URL: https://myofficeboca.net.turkpayroll.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://myofficeboca.net.turkpayroll.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://app.aminos.ai/api/bot_info/16448 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.aminos.ai
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
myofficeboca.net.turkpayroll.com
static.cognitoforms.com
www.cognitoforms.com
www.facebook.com
www.myofficeboca.net
js.stripe.com
www.myofficeboca.net
159.65.56.174
20.246.218.104
2620:1ec:bdf::45
2a00:1450:4001:803::200a
2a00:1450:4001:81d::2003
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
65.9.66.21
65.9.66.53
68.66.226.81
051578b32917a9d66350318dc4b7270656fc5c333d5ef0541623157a6047f544
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
05d055c4cb935414f1cc2eb7ffec3f85f541991a10899c53baf31a1e630a78fd
061f95b1475a6247a869e7adb4423a4ca789650951cd1526e30c5be3a1b57b42
12e33a7b05a17696bf44ecfedb75f7af3c136abe9d8d4bfaa489d72e609cc114
13a94242b556ef4c32988b9ebdad770a344422f347373e108ab4764343e45d51
144a4a376cb9cfbe9e45b455f25a80306291698c0ed2c97f24aca292cb2b21e1
22c99930d1401bbc519578cc8ebe49142610a191fb39e8642e5c009c9bce5e26
238c7d1b1b295caadb6166f202d0284f653547a36dd07770e3efa3f563adc3b4
29f4d76ba21af733ddff00739d98b8c089658ac0c857a6c9dcf45bb055ae083e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30ea390e355cb3f1a6a4273912ab9af121e79960102a7d7d0cdb6f5d9cdf7a81
354b11d042e16b1548f806eed69ebc40ade72d16ed08359135202a882e297b76
38c0c3afe93402e431e416c061340a64bde8dd564d6ed0068261647c655e264c
3badc36c0070a45c212cbda5d0e60814eb2aeeef7c980745d31e49c6d7da0fe3
3d13494fece71cfd3d65a1037360b2c6d6dee4f0022a00ce25b902e10fd18f1e
3ee7ba6b4b8fff2816f2217eecccc0a3776e9015bcb4753283deec524e791675
44568efe3b5bba4143180e8827425df62376918028b69237ebcb1d608034d6f1
47938ba13e4f180286efffcc1d0ce2b2937273354bd4ae048e840032f59d3d0f
52734ffc9ed5c328ac20a2b1bd1177ade6dd2a4279d2445547fffdd5d1f5e2c4
5470d8ba3d52e47b7719c9d91ff8bd76d2c502e8c93d05738a0c23956dd4d491
586ca022f43fe82e790ffd385a53177e59db216849c7ca22642a8fe135f536bf
66ac704488e8836391b7c6146b461bbcc9902f5a3e8506658dca4a66c9fc9f3a
7a63bc6c966ea05378cf44b06e242afae5e2900294816b76d2a3c846cf97fd23
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7dfa02d68e1df0ff551b8b3e42a9612f448ec3db7a70e43831d6f5a9d4e805c0
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
84142cfaf259c05f2f6bd1215f39eaeb8ad49939b97fd9dfcbab891e52bd6d91
85c2b7f6c779682a967d9eaa6f06c29537c7f9ae4572e3a0d8b4ba4204e69b5c
866574aa6ca7145a56ab0f983bffd818ccd0cc47fc664f17eb783d11a1923339
89da017bf79927382fdcc6bdc062a35099e5b3e37a612c598a7b0da37865c6c2
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b636082f1ab199d86df4c0049547fba1d6115d7dbfa81b320634c3a08fc11e2c
bc05d1292ed6f5599afa8b419a59cb394ecb2c715f9d98d3583d1a50ef0971eb
bdae7a11cea4e5176cba3b6b748c2ec963c083c25f05fb440f16c891a40d73e2
be9312b2598cdc82eb622b054641322798c16acee8f0f9724854c6be2a3413f3
c12f66e47da8e8d16c444c3923ec1592f895dc378d6e5960954ec46a8bc56c4d
c6947fc6b560f6c142c9ab5876eb4a00aed8e846298863d7d4bbb0f8b13382b1
cb22b95005902ce2085369a42e51f3bf31ce5eee3c52c152e12e96e78268e81d
d0193c33d5e864aec9c1c47a611ca445c043983d989cd7caa2849d54281550d9
d19bf029f6157da94c5a754fbf174e5026a776b4a3910f6ba2023d612b6cb319
d23040ec8ccb2e8aeef214ef110387f741e6d64c34edf08524894c58b5e1fce6
d3bcd1e1eb17895a0ade507cd3c481d93138b207a206ae9b759933711f70a649
dc59b14d676a28661546eba2c90e97d1da36d89f2bf821ec089cd6a243240362
e1b0e3a2e5a3bf414239e46390b0e0c2859caa67530a509246525bbfa097460a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb5d5896a3c157bb64220170a469f30035327b95b06f5d09f351345c823fd12c
f200de74197ce4d398afa19a632d72c0b41d8c7396b229b64744a9a4b88897eb
f9f4b743e9eb8730c606cf5776e89fde8d9c8694426490579941b6a8e91135e6
fd00bbafd075c724d48213b6ad9f6091984ab5ada86a11f77241f316ce25cf19

myofficeboca.net.turkpayroll.com Open in urlscan Pro 68.66.226.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

58 Requests

90 %HTTPS

50 %IPv6

9 Domains

10 Subdomains

11 IPs

3 Countries

1074 kBTransfer

3174 kBSize

2 Cookies

5 Outgoing links

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

myofficeboca.net.turkpayroll.com Open in urlscan Pro
68.66.226.81 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

90 %
HTTPS

50 %
IPv6

9
Domains

10
Subdomains

11
IPs

3
Countries

1074 kB
Transfer

3174 kB
Size

2
Cookies

58 HTTP transactions
2 data transactions