www.ost2.com Open in urlscan Pro
148.72.170.205 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tracking.4team.biz/tracking/click?d=vyP9IF8OHPzMHc5t_vTjn0Od2I-XnEGFdxWQcrie7kMNSUma-zICqR1XwDwRitw-17TjasEBtU1R8Dg...
Effective URL:
https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_...
Submission: On August 09 via manual (August 9th 2022, 1:59:51 pm UTC) from US — Scanned from FR

Summary HTTP 71 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 16 domains to perform 71 HTTP transactions. The main IP is 148.72.170.205, located in St Louis, United States and belongs to AS-30083-GO-DADDY-COM-LLC, US. The main domain is www.ost2.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 20th 2021. Valid for: a year.

This is the only time www.ost2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Incomplete ost2_setup.exe 15 MB

Size: 15 MB (15673288 bytes, 21% done)

Downloaded from: https://d.4team.biz/files/ost2_setup.exe

Domain & IP information

	IP Address	AS Autonomous System
1 1	94.23.161.19 94.23.161.19	16276 (OVH) (OVH)
1 28	148.72.170.205 148.72.170.205	30083 (AS-30083-...) (AS-30083-GO-DADDY-COM-LLC)
6	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	23.36.162.25 23.36.162.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	95.101.23.194 95.101.23.194	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:27::... 2620:1ec:27::cafe:1835	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.84.22.197 20.84.22.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400e:811::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.131.135.195 104.131.135.195	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
71	18

1 94.23.161.19 (Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: api.elasticemail.com

tracking.4team.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 148.72.170.205 (St Louis, United States) 1 redirects

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)

www.ost2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.4team.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.36.162.25 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-25.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.101.23.194 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-23-194.deploy.static.akamaitechnologies.com

api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
accounts.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1835 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.84.22.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

f.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:811::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.131.135.195 (San Francisco, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

d.4team.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	ost2.com 1 redirects www.ost2.com	292 KB
9	livechatinc.com cdn.livechatinc.com — Cisco Umbrella Rank: 5568 api.livechatinc.com — Cisco Umbrella Rank: 4538 secure.livechatinc.com — Cisco Umbrella Rank: 5641 accounts.livechatinc.com — Cisco Umbrella Rank: 6579	272 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 547 f.clarity.ms — Cisco Umbrella Rank: 5359 c.clarity.ms — Cisco Umbrella Rank: 996	26 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	40 KB
4	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 557	279 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 351 c.bing.com — Cisco Umbrella Rank: 195	13 KB
3	google.fr www.google.fr — Cisco Umbrella Rank: 13266	718 B
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 10	1 KB
3	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 118 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	2 KB
3	4team.biz 1 redirects tracking.4team.biz www.4team.biz d.4team.biz — Cisco Umbrella Rank: 329546	10 KB
2	gstatic.com fonts.gstatic.com	26 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 125	17 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	27 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	88 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	73 KB
71	16

	Domain	Requested by
27	www.ost2.com	1 redirects www.ost2.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.ost2.com
4	static.xx.fbcdn.net	www.facebook.com
4	cdn.livechatinc.com	www.ost2.com secure.livechatinc.com
3	www.google.fr	www.ost2.com
3	www.google.com	1 redirects www.ost2.com
3	api.livechatinc.com	cdn.livechatinc.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.ost2.com
2	c.clarity.ms	1 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	f.clarity.ms	www.clarity.ms
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	www.facebook.com	www.ost2.com connect.facebook.net
2	connect.facebook.net	www.ost2.com connect.facebook.net
1	d.4team.biz	www.ost2.com
1	accounts.livechatinc.com	cdn.livechatinc.com
1	c.bing.com	1 redirects
1	fonts.googleapis.com	secure.livechatinc.com
1	secure.livechatinc.com	cdn.livechatinc.com
1	googleads.g.doubleclick.net	1 redirects
1	www.googletagmanager.com	www.ost2.com
1	www.4team.biz	www.ost2.com
1	tracking.4team.biz	1 redirects
71	25

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
d.4team.biz
www.safepstbackup.com
www.ostpstviewer.com
www.4team.biz
twitter.com
www.solutions-outlook.com
custom.solutions-outlook.com
partnercenter.microsoft.com
intentex.com

Subject Issuer	Validity	Valid
4team.biz Sectigo RSA Domain Validation Secure Server CA	`2021-09-20` - `2022-09-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-18` - `2022-08-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
livechat.com DigiCert ECC Secure Server CA	`2022-02-25` - `2023-03-01`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.4team.biz Sectigo RSA Domain Validation Secure Server CA	`2020-08-12` - `2022-08-12`	2 years	crt.sh

This page contains 5 frames:

Frame: https://d.4team.biz/files/ost2_setup.exe
Frame ID: F5577075ECE976383E44732D1F013040
Requests: 50 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F4TeamCorporation&width=131&layout=button_count&action=recommend&size=small&share=false&height=21&appId=418540456176648
Frame ID: 37952AAF68E8AB0EE83436A0EBE66658
Requests: 3 HTTP requests in this frame

Frame: https://www.ost2.com/subscribe.aspx
Frame ID: 2A882CF03A38DD04FDBDF9830BBBC137
Requests: 7 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=10998812&group=0&embedded=1&widget_version=3&unique_groups=0
Frame ID: 8FEDF56A8DB9F731CF0EDA4265CE000C
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2ab8ace19302c4%26domain%3Dwww.ost2.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.ost2.com%252Ff18c230324b3ea4%26relation%3Dparent.parent&container_width=0&font=&height=21&href=http%3A%2F%2Fwww.facebook.com%2F4TeamCorporation&layout=button_count&locale=en_US&sdk=joey&show_faces=false&width=115
Frame ID: 35908BC3EC4EFAC204BBE69F394944D6
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Thank you for downloading OST2

Page URL History Show full URLs

http://tracking.4team.biz/tracking/click?d=vyP9IF8OHPzMHc5t_vTjn0Od2I-XnEGFdxWQcrie7kMNSUma-zICqR1XwDw... HTTP 302
https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elasti... Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)
<input[^>]+name="__VIEWSTATE

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Page Statistics

71
Requests

97 %
HTTPS

60 %
IPv6

16
Domains

25
Subdomains

18
IPs

5
Countries

1162 kB
Transfer

3348 kB
Size

24
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/4TeamCorporation

Search URL Search Domain Scan URL

URL: https://d.4team.biz/files/ost2_setup.exe
Title: click here

Search URL Search Domain Scan URL

URL: http://www.safepstbackup.com/data-migration-service-from-outlook-and-exchange-to-office-365.aspx?utm_source=Ost2Website&utm_medium=ThankYou&utm_campaign=migration_tool_service

Search URL Search Domain Scan URL

URL: http://www.safepstbackup.com/

Search URL Search Domain Scan URL

URL: http://www.safepstbackup.com/download.aspx
Title: Download Now

Search URL Search Domain Scan URL

URL: http://www.ostpstviewer.com/

Search URL Search Domain Scan URL

URL: http://www.ostpstviewer.com/download.aspx
Title: Download now

Search URL Search Domain Scan URL

URL: http://www.4team.biz/member/orders.asp
Title: My Orders

Search URL Search Domain Scan URL

URL: http://www.4team.biz/eula.aspx
Title: Licensing (EULA)

Search URL Search Domain Scan URL

URL: http://www.4team.biz/member/default.asp
Title: My Account

Search URL Search Domain Scan URL

URL: http://twitter.com/4team
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.solutions-outlook.com/
Title: Blog

Search URL Search Domain Scan URL

URL: http://custom.solutions-outlook.com/Contact.asp
Title: Request Custom Solution

Search URL Search Domain Scan URL

URL: http://custom.solutions-outlook.com/Default.asp
Title: Microsoft OutlookPlug-in development

Search URL Search Domain Scan URL

URL: https://partnercenter.microsoft.com/en-us/pcv/solution-providers/4TeamCorporation_8f3139b7-1562-47c5-9b4a-69733c9e3428/c45387e1-49cc-49e0-a68c-2cfb52d19729
Title: Find us atMicrosoft Office Partner Center

Search URL Search Domain Scan URL

URL: http://intentex.com/

Search URL Search Domain Scan URL

URL: http://www.4team.biz/

Search URL Search Domain Scan URL

URL: http://www.4team.biz/termsandprivacy.aspx
Title: Privacy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tracking.4team.biz/tracking/click?d=vyP9IF8OHPzMHc5t_vTjn0Od2I-XnEGFdxWQcrie7kMNSUma-zICqR1XwDwRitw-17TjasEBtU1R8DgnKkmfV6rlQPH2ac-GzRvxq3NPy72ndk3a-v67ALxRCKYq8WtcW9p8BREibV1C6N19LlDz-fVUTeIPbKMb1HnCraZDcdDRAZbkQpOi8C1A2bshOoVw0jA1pGmn9pN3O51xNPltKxxQq1-GOm4881Dl9Yu9rDC7NBNSbYG7beU4WB8AzocG0zKPMDjQlRsqvre2VsJKpqo1 HTTP 302
https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://www.ost2.com/Subscribe.aspx HTTP 301
https://www.ost2.com/subscribe.aspx

Request Chain 43

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950524144/?random=1223379405&cv=9&fst=1660053586911&num=1&value=0&label=UwOqCPb0yv4BEPCxn8UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg880&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ost2.com%2Fthankyou.aspx%3Fpcode%3D803012392dj98yp%26utm_campaign%3DOST2_2.20%26utm_source%3Delastic%26utm_medium%3DOC%26utm_content%3DOC&tiba=Thank%20you%20for%20downloading%20OST2&auid=855454714.1660053587&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=UmjyYpmoPJWqmLAP-_Ci8Aw&sscte=1&crd=&eitems=ChAI8IvIlwYQlefi6vKwsLk5Eh0AWW6Kf9PoTZ2UFZTKvJDg0RucpGN3yPoNK1Le5Q HTTP 302
https://www.google.com/pagead/1p-conversion/950524144/?random=1223379405&cv=9&fst=1660053586911&num=1&value=0&label=UwOqCPb0yv4BEPCxn8UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg880&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ost2.com%2Fthankyou.aspx%3Fpcode%3D803012392dj98yp%26utm_campaign%3DOST2_2.20%26utm_source%3Delastic%26utm_medium%3DOC%26utm_content%3DOC&tiba=Thank%20you%20for%20downloading%20OST2&auid=855454714.1660053587&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=UmjyYpmoPJWqmLAP-_Ci8Aw&eitems=ChAI8IvIlwYQlefi6vKwsLk5Eh0AWW6Kfy8rzxz0TxUIHSjekZLqGJsCKgVdlH_p2A&random=3268011714&resp=GooglemKTybQhCsO HTTP 302
https://www.google.fr/pagead/1p-conversion/950524144/?random=1223379405&cv=9&fst=1660053586911&num=1&value=0&label=UwOqCPb0yv4BEPCxn8UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg880&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ost2.com%2Fthankyou.aspx%3Fpcode%3D803012392dj98yp%26utm_campaign%3DOST2_2.20%26utm_source%3Delastic%26utm_medium%3DOC%26utm_content%3DOC&tiba=Thank%20you%20for%20downloading%20OST2&auid=855454714.1660053587&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=UmjyYpmoPJWqmLAP-_Ci8Aw&eitems=ChAI8IvIlwYQlefi6vKwsLk5Eh0AWW6Kfy8rzxz0TxUIHSjekZLqGJsCKgVdlH_p2A&random=3268011714&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 64

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=7BF66E1220E04C18B85B13429009869D&RedC=c.clarity.ms&MXFR=218D7EA71C106FA93FF06F5C18106179 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=7BF66E1220E04C18B85B13429009869D&MUID=0016AB4F5D506C9928ADBAB45C656D71

71 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request thankyou.aspx Show response
www.ost2.com/
Redirect Chain

http://tracking.4team.biz/tracking/click?d=vyP9IF8OHPzMHc5t_vTjn0Od2I-XnEGFdxWQcrie7kMNSUma-zICqR1XwDwRitw-17TjasEBtU1R8DgnKkmfV6rlQPH2ac-GzRvxq3NPy72ndk3a-v67ALxRCKYq8WtcW9p8BREibV1C6N19LlDz-fVUTe...
https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC

22 KB
9 KB

958ms
251ms

Document
text/html

148.72.170.205
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 148.72.170.205 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: /
Resource Hash: 10c7ab5e3c677c22ccde6cb66285a4cdc45edd4bc559d3a6b590da035c15bf4f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 9055
Content-Type: text/html; charset=utf-8
Date: Tue, 09 Aug 2022 13:59:52 GMT
Server
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319

Redirect headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, X-ElasticEmail-ApiKey, X-ElasticEmail-BrowserToken, X-ElasticEmail-ImpersonateAs
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-ElasticEmail-BrowserToken, X-Total-Count, X-ElasticEmail-AccessToken
Cache-Control: private
Content-Length: 260
Content-Type: text/html; charset=utf-8
Date: Tue, 09 Aug 2022 13:59:37 GMT
Location: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
www.ost2.com/css/ 90 KB
24 KB 179ms
178ms Stylesheet
text/css 148.72.170.205
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
Requested by: Host: www.ost2.com
URL: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 148.72.170.205 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: /
Resource Hash: b01961838c9d8a1386993c11afef2b7071a477cd145e3d889ed007486aee909f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:59:53 GMT
Content-Encoding: gzip
Last-Modified: Sat, 16 Jul 2022 21:34:42 GMT
Server
ETag: "dc8c84dc5b99d81:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-cache,public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 24336

GET
H/1.1 200
OK combined_837F0554A6CB2D7A29D3C71CFA20CAB8.js Show response
www.ost2.com/include/ 127 KB
57 KB 301ms
300ms Script
application/javascript 148.72.170.205
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ost2.com/include/combined_837F0554A6CB2D7A29D3C71CFA20CAB8.js
Requested by: Host: www.ost2.com
URL: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 148.72.170.205 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: /
Resource Hash: c293da098dc6e2c6dd2326ecf26df2aa5fe808cb6fd05ea042165726ac03572f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:59:53 GMT
Content-Encoding: gzip
Last-Modified: Sat, 16 Jul 2022 21:30:03 GMT
Server
ETag: "44d9e9355b99d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache,public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 58088

GET
H/1.1 200
OK logo.png
www.ost2.com/i/ 4 KB
4 KB 131ms
130ms Image
image/png 148.72.170.205
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ost2.com/i/logo.png
Requested by: Host: www.ost2.com
URL: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 148.72.170.205 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: /
Resource Hash: ce26e5866ce45002cf18d670e5a6304777c771e365554d407417df0a323f3b3e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:59:53 GMT
Last-Modified: Wed, 08 Jul 2020 09:20:48 GMT
Server
ETag: "8c3a3811955d61:0"
Content-Type: image/png
Cache-Control: no-cache,public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 4036

GET
H/1.1 200
OK 4teamLogo.png
www.ost2.com/i/ 9 KB
9 KB 129ms
128ms Image
image/png 148.72.170.205
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ost2.com/i/4teamLogo.png
Requested by: Host: www.ost2.com
URL: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 148.72.170.205 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: /
Resource Hash: caa0c9d63625a36f9d097567cc3306ff0e9de5c8fb54a2ad6c30253ccd18b0a3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:59:53 GMT
Last-Modified: Wed, 08 Jul 2020 09:20:47 GMT
Server
ETag: "49fead10955d61:0"
Content-Type: image/png
Cache-Control: no-cache,public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 9272

GET
H/1.1 200
OK PST_Migration_Banner_lb.png
www.4team.biz/i/Banners/MigrationTool/ 9 KB
9 KB 705ms
130ms Image
image/png 148.72.170.205
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.4team.biz/i/Banners/MigrationTool/PST_Migration_Banner_lb.png
Requested by: Host: www.ost2.com
URL: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 148.72.170.205 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: /
Resource Hash: 03fbc776f5be008274054b95a377a7f58c83c85de44ad2563c068509de31dac2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:59:54 GMT
Last-Modified: Wed, 09 Nov 2016 15:38:17 GMT
Server
ETag: "98d89d4a9f3ad21:0"
Content-Type: image/png
Cache-Control: no-cache,max-age=86400
Accept-Ranges: bytes
Content-Length: 9111

GET
H/1.1 200
OK Banner_spb.png
www.ost2.com/i/ 21 KB
21 KB 731ms
128ms Image
image/png 148.72.170.205
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ost2.com/i/Banner_spb.png
Requested by: Host: www.ost2.com
URL: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 148.72.170.205 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: /
Resource Hash: f51ed7e8bb49b3a1f01c4b5ebfb960b5315fb0fa7f2d29845ac7a74fc40378f7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:59:54 GMT
Last-Modified: Wed, 08 Jul 2020 09:20:47 GMT
Server
ETag: "2095b010955d61:0"
Content-Type: image/png
Cache-Control: no-cache,public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 21462

GET
H/1.1 200
OK banner_ost-pst-viewer.png
www.ost2.com/i/ 13 KB
13 KB 737ms
132ms Image
image/png 148.72.170.205
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ost2.com/i/banner_ost-pst-viewer.png
Requested by: Host: www.ost2.com
URL: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 148.72.170.205 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: /
Resource Hash: 17501867c5575758f94ce6de91b9a83c9b3477df0d4e064f8e4baa86170f8686

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:59:54 GMT
Last-Modified: Wed, 08 Jul 2020 09:20:48 GMT
Server
ETag: "10572b11955d61:0"
Content-Type: image/png
Cache-Control: no-cache,public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 13557

GET
H/1.1 200
OK feedback_lightblue.png
www.ost2.com/i/color5/ 2 KB
2 KB 835ms
118ms Image
image/png 148.72.170.205
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ost2.com/i/color5/feedback_lightblue.png
Requested by: Host: www.ost2.com
URL: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 148.72.170.205 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: /
Resource Hash: 502b3a01779bb64531d8f6b7ea0c0665ebc78f6af08740e19c9da340599bda65

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:59:54 GMT
Last-Modified: Wed, 08 Jul 2020 09:20:47 GMT
Server
ETag: "bd5bd910955d61:0"
Content-Type: image/png
Cache-Control: no-cache,public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 1935

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 120ms
40ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.ost2.com
URL: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b14b20e00b98864ec587d9506949a75091d957bfe5bd0b5f1ac860c37097cce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: tvTAEFRxiUln91o7wcD9zQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: sTuFgeiQToEWK+AMBU66FzeYmjV6K/d64YZv2J/VLqaG+X3buAT4qZFUfqvbySHPr7zYG1VXeBWUFwrBcizKJA==
x-fb-trip-id: 720026100
x-fb-content-md5: e7237d8bf8461f936e033f87af736ab9
x-frame-options: DENY
date: Tue, 09 Aug 2022 13:59:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "f09682162125c6fc25052da6de52b405"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 09 Aug 2022 14:07:16 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 201 KB
73 KB 105ms
44ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KQDRM8Q

Requested by

Host: www.ost2.com
URL: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a979c8281fe9f984a09a990a2b0645c675184c7217d60896d838cde8f07c2a4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:59:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74642
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Aug 2022 13:59:46 GMT

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 3795 30 KB
14 KB 195ms
118ms Document
text/html 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F4TeamCorporation&width=131&layout=button_count&action=recommend&size=small&share=false&height=21&appId=418540456176648

Requested by

Host: www.ost2.com
URL: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

13b84188778cb66f884f0d65906e0cd64bc9ea173cab20231625623768bf181c

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ost2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Tue, 09 Aug 2022 13:59:46 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 0szlQEjpVeeojSyXMELTkpp35Jr2NTDr2n3WlpU3HG0pG3AyBO529L2q/u7wCOejfCENkskQoy95TwVI6V0YIw==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H/1.1 200
OK hd.jpg
www.ost2.com/i/color5/ 15 KB
16 KB 846ms
118ms Image
image/jpeg 148.72.170.205
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ost2.com/i/color5/hd.jpg
Requested by: Host: www.ost2.com
URL: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 148.72.170.205 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: /
Resource Hash: 65195d97ca48468a31efc512c265f5f6b9f0dca6fdf9f2bcbb0cb06736de6ecf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:59:54 GMT
Last-Modified: Wed, 08 Jul 2020 09:20:48 GMT
Server
ETag: "c787e010955d61:0"
Content-Type: image/jpeg
Cache-Control: no-cache,public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 15857

GET
H/1.1 200
OK language.png
www.ost2.com/i/ 530 B
785 B 345ms
117ms Image
image/png 148.72.170.205
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ost2.com/i/language.png
Requested by: Host: www.ost2.com
URL: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 148.72.170.205 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: /
Resource Hash: 02f06ce9bcb611c38bcc8ee5aa38dfd50ccabb78207c00c99d22e5db88c090de

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:59:53 GMT
Last-Modified: Wed, 08 Jul 2020 09:20:48 GMT
Server
ETag: "8c3a3811955d61:0"
Content-Type: image/png
Cache-Control: no-cache,public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 530

GET
H/1.1 200
OK block_girl.png
www.ost2.com/i/ 8 KB
8 KB 236ms
122ms Image
image/png 148.72.170.205
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ost2.com/i/block_girl.png
Requested by: Host: www.ost2.com
URL: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 148.72.170.205 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: /
Resource Hash: 122865061bb99999fe89c1577ca55179344e3f3273b7697714edb6fd5c544e91

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:59:53 GMT
Last-Modified: Wed, 08 Jul 2020 09:20:48 GMT
Server
ETag: "bbbb2d11955d61:0"
Content-Type: image/png
Cache-Control: no-cache,public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 7708

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 304 KB
86 KB 83ms
40ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=167cd3287d6843d57043d77b2eea8309

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

486b53eaffe8c541a4ad7407f819ef9dae1f082e80beea4502b432c0bed60aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.ost2.com/
Origin: https://www.ost2.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: mBS3ZHU062P+8t7bF/xXsQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87737
x-fb-rlafr: 0
x-fb-debug: 4FRmf0KQLz5V7PdwNX635S5FIe0GCZMVZYQSucJmWUTXgpkY0spoWEBJ5MwyfR7GvitpO8j3CztPbaSsynACQg==
x-fb-content-md5: af3c8e78a8375e132adb139af9a1d545
x-frame-options: DENY
date: Tue, 09 Aug 2022 13:59:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "f0ed656f9f8cfb9d5fcc25e7172ddd98"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 09 Aug 2023 12:02:08 GMT

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 79 KB
24 KB 126ms
25ms Script
application/javascript 23.36.162.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: www.ost2.com
URL: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-25.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0933497f6d1f2b79b1d6de0f03f3cb41d8d422bd97c31736601ffb9f5a70c7f8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: 6BvUO3.kEYUk6fIgQRoojcbcLx_zd5AH
content-encoding: br
last-modified: Mon, 01 Aug 2022 09:50:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"42b5bf12e7126049058556adf18d2ac8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
date: Tue, 09 Aug 2022 13:59:46 GMT
content-length: 24270
x-amz-cf-id: QBTiGuYRRNDw2YLug_OL-F1RURPH3L_a0xHD6oYY7hmhwipoTKWEVQ==
expires: Tue, 09 Aug 2022 21:59:46 GMT

GET
H/1.1 200
OK buttons_sprite.png
www.ost2.com/i/color5/ 53 KB
54 KB 608ms
377ms Image
image/png 148.72.170.205
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ost2.com/i/color5/buttons_sprite.png
Requested by: Host: www.ost2.com
URL: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 148.72.170.205 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: /
Resource Hash: 8bc98f1aa27de258280d399e5c120da413bcccc458ef8118b97bc77ffc013ef0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:59:53 GMT
Last-Modified: Wed, 08 Jul 2020 09:20:47 GMT
Server
ETag: "324fbd10955d61:0"
Content-Type: image/png
Cache-Control: no-cache,public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 54599

GET
H/1.1 200
OK block2.png
www.ost2.com/i/ 15 KB
15 KB 457ms
235ms Image
image/png 148.72.170.205
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ost2.com/i/block2.png
Requested by: Host: www.ost2.com
URL: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 148.72.170.205 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: /
Resource Hash: 4f2d22816ea2cf91fc917b3f5ce90e388fd40fd26761bc38722dc3ec3d6a7868

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:59:53 GMT
Last-Modified: Wed, 08 Jul 2020 09:20:48 GMT
Server
ETag: "10572b11955d61:0"
Content-Type: image/png
Cache-Control: no-cache,public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 15200

GET
H/1.1 200
OK border.png
www.ost2.com/i/cart/ 186 B
441 B 366ms
135ms Image
image/png 148.72.170.205
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ost2.com/i/cart/border.png
Requested by: Host: www.ost2.com
URL: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 148.72.170.205 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: /
Resource Hash: e44e92299443eb4106a03878ca35fb9bd5082a75ceee11349ece264cfc861652

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:59:53 GMT
Last-Modified: Wed, 08 Jul 2020 09:20:48 GMT
Server
ETag: "bbbb2d11955d61:0"
Content-Type: image/png
Cache-Control: no-cache,public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 186

GET
H/1.1 200
OK iconlist_blue.png
www.ost2.com/i/color5/ 6 KB
6 KB 590ms
122ms Image
image/png 148.72.170.205
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ost2.com/i/color5/iconlist_blue.png
Requested by: Host: www.ost2.com
URL: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 148.72.170.205 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: /
Resource Hash: 2191d6675e99c42d9e6c4ccd2350b3852f1e4e77b9c7341f9cbe467656b4ab40

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:59:53 GMT
Last-Modified: Wed, 08 Jul 2020 09:20:48 GMT
Server
ETag: "e55de910955d61:0"
Content-Type: image/png
Cache-Control: no-cache,public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 6281

GET
H/1.1 200
OK download_arrow.gif
www.ost2.com/i/color5/ 192 B
438 B 583ms
126ms Image
image/gif 148.72.170.205
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ost2.com/i/color5/download_arrow.gif
Requested by: Host: www.ost2.com
URL: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 148.72.170.205 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: /
Resource Hash: 5f97c50ae6524005cf75800d76a6c0b796b7204c05385cc0ef4ec55a3249d65a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:59:53 GMT
Last-Modified: Wed, 08 Jul 2020 09:20:47 GMT
Server
ETag: "4f8ccf10955d61:0"
Content-Type: image/gif
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 192

GET
H/1.1 200
OK 4team_logo_blue.png
www.ost2.com/i/color5/ 3 KB
3 KB 346ms
118ms Image
image/png 148.72.170.205
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ost2.com/i/color5/4team_logo_blue.png
Requested by: Host: www.ost2.com
URL: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 148.72.170.205 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: /
Resource Hash: dd02ac90e4492e313d148c3ffe18f6e6996e5cd9c4f9f171564135f089674968

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:59:53 GMT
Last-Modified: Wed, 08 Jul 2020 09:20:47 GMT
Server
ETag: "2095b010955d61:0"
Content-Type: image/png
Cache-Control: no-cache,public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 2727

GET
H/1.1 200
OK custom_solutions_outlook.png
www.ost2.com/i/color5/ 1 KB
1 KB 467ms
126ms Image
image/png 148.72.170.205
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ost2.com/i/color5/custom_solutions_outlook.png
Requested by: Host: www.ost2.com
URL: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 148.72.170.205 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: /
Resource Hash: e9c430faf05d214e822a0ed7947886c3979c8cdd2d98e89e2a42fb6cc7807da3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:59:53 GMT
Last-Modified: Wed, 08 Jul 2020 09:20:47 GMT
Server
ETag: "6776c410955d61:0"
Content-Type: image/png
Cache-Control: no-cache,public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 1037

GET
H/1.1 200
OK find_office_marketplace.png
www.ost2.com/i/color5/ 292 B
547 B 470ms
122ms Image
image/png 148.72.170.205
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ost2.com/i/color5/find_office_marketplace.png
Requested by: Host: www.ost2.com
URL: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 148.72.170.205 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: /
Resource Hash: 045389a47d33c6f60a21cbf4c3fc0190756e4ddd991eb757e846538fccb62cc1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:59:53 GMT
Last-Modified: Wed, 08 Jul 2020 09:20:47 GMT
Server
ETag: "bd5bd910955d61:0"
Content-Type: image/png
Cache-Control: no-cache,public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 292

GET
H/1.1 200
OK intentex-logo.png
www.ost2.com/i/color5/ 6 KB
6 KB 583ms
129ms Image
image/png 148.72.170.205
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ost2.com/i/color5/intentex-logo.png
Requested by: Host: www.ost2.com
URL: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 148.72.170.205 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: /
Resource Hash: 9748decf4855693b7e888f11951ba7df0d311a7ce90568b3afa65e452d016cdc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:59:53 GMT
Last-Modified: Wed, 08 Jul 2020 09:20:48 GMT
Server
ETag: "12bfeb10955d61:0"
Content-Type: image/png
Cache-Control: no-cache,public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 5820

GET
H/1.1 200
OK language2.png
www.ost2.com/i/ 355 B
610 B 453ms
118ms Image
image/png 148.72.170.205
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ost2.com/i/language2.png
Requested by: Host: www.ost2.com
URL: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 148.72.170.205 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: /
Resource Hash: 54d646a6facffb65b1a578b71aae91d622df210c309f4deefbddb6d3b54b8551

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:59:53 GMT
Last-Modified: Wed, 08 Jul 2020 09:20:48 GMT
Server
ETag: "8c3a3811955d61:0"
Content-Type: image/png
Cache-Control: no-cache,public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 355

GET
H/1.1

200
OK

subscribe.aspx Show response
www.ost2.com/ Frame 2A88
Redirect Chain

https://www.ost2.com/Subscribe.aspx
https://www.ost2.com/subscribe.aspx

4 KB
2 KB

123ms
120ms

Document
text/html

148.72.170.205
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ost2.com/subscribe.aspx
Requested by: Host: www.ost2.com
URL: https://www.ost2.com/include/combined_837F0554A6CB2D7A29D3C71CFA20CAB8.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 148.72.170.205 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: /
Resource Hash: b4159452319998fe256c509d4286be48472988830525dfd24b413c8ec633c490

Request headers

Referer: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 2288
Content-Type: text/html; charset=utf-8
Date: Tue, 09 Aug 2022 13:59:53 GMT
Server
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319

Redirect headers

Content-Length: 158
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 Aug 2022 13:59:53 GMT
Location: https://www.ost2.com/subscribe.aspx
Server

GET
H/1.1 200
OK fancybox-x.png
www.ost2.com/i/fancybox/ 203 B
458 B 574ms
118ms Image
image/png 148.72.170.205
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ost2.com/i/fancybox/fancybox-x.png
Requested by: Host: www.ost2.com
URL: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 148.72.170.205 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: /
Resource Hash: 2af34ef71e58658ae2358171b7508555cddd488dfb1bea735d0787a7ceaa4390

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:59:53 GMT
Last-Modified: Wed, 08 Jul 2020 09:20:48 GMT
Server
ETag: "18d83511955d61:0"
Content-Type: image/png
Cache-Control: no-cache,public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 203

GET
H/1.1 200
OK fancybox.png
www.ost2.com/i/fancybox/ 15 KB
15 KB 700ms
129ms Image
image/png 148.72.170.205
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ost2.com/i/fancybox/fancybox.png
Requested by: Host: www.ost2.com
URL: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 148.72.170.205 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: /
Resource Hash: 324b9d944e39c915922db7058a276bd708e68ea5d86762741f14864af2324607

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:59:54 GMT
Last-Modified: Wed, 08 Jul 2020 09:20:48 GMT
Server
ETag: "18d83511955d61:0"
Content-Type: image/png
Cache-Control: no-cache,public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 15287

GET
H/1.1 200
OK fancybox-y.png
www.ost2.com/i/fancybox/ 176 B
431 B 689ms
118ms Image
image/png 148.72.170.205
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ost2.com/i/fancybox/fancybox-y.png
Requested by: Host: www.ost2.com
URL: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 148.72.170.205 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: /
Resource Hash: 08e777880f53e0e527333f100692c9c57ab2d11bf7536a0070b523320f0835b2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/css/combined_19A1528FE7B4CB03A3436FFFDB2C81BB.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:59:54 GMT
Last-Modified: Wed, 08 Jul 2020 09:20:48 GMT
Server
ETag: "18d83511955d61:0"
Content-Type: image/png
Cache-Control: no-cache,public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 176

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 86ms
26ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQDRM8Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3466
date: Tue, 09 Aug 2022 13:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 09 Aug 2022 15:02:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 111ms
40ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQDRM8Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15160
x-xss-protection: 0
server: cafe
etag: 9823212955285023900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 09 Aug 2022 13:59:46 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 105ms
40ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQDRM8Q

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7368DAE736854E3AB21DB5B0DA96F07A Ref B: AMSEDGE1008 Ref C: 2022-08-09T13:59:46Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Tue, 09 Aug 2022 13:59:45 GMT
accept-ranges: bytes
content-length: 11367

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.3/customer/action/ 270 B
474 B 696ms
588ms Script
application/javascript 95.101.23.194
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=10998812&url=https%3A%2F%2Fwww.ost2.com%2Fthankyou.aspx%3Fpcode%3D803012392dj98yp%26utm_campaign%3DOST2_2.20%26utm_source%3Delastic%26utm_medium%3DOC%26utm_content%3DOC&channel_type=code&jsonp=__e46zwdfjsav

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.23.194 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-23-194.deploy.static.akamaitechnologies.com

Software

Resource Hash

92028fc57dc8749d841073ef8b60d0304c2d3807f05ba9fa52fd919f2eac9519

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.ost2.com/;
X-Frame-Options	allow-from https://www.ost2.com/

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://www.ost2.com/;
vary: Accept-Encoding
x-frame-options: allow-from https://www.ost2.com/
date: Tue, 09 Aug 2022 13:59:47 GMT
content-length: 270
legacy: 2023-06-30
content-type: application/javascript; charset=UTF-8

GET
H2 200 cS8skx2GDlY.js Show response
static.xx.fbcdn.net/rsrc.php/v3iZPf4/yr/l/fr_FR/ Frame 3795 534 KB
139 KB 125ms
42ms XHR
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iZPf4/yr/l/fr_FR/cS8skx2GDlY.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2F4TeamCorporation&width=131&layout=button_count&action=recommend&size=small&share=false&height=21&appId=418540456176648

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e981600143912b15c16cc622837e514a111b7758a48cbfa9f168104b7db72c81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:59:46 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qV0wjNO+A0VeMi6AA+Tk8Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 142151
x-fb-rlafr: 0
x-fb-debug: kL9DXGgbnQjKcUe7axfeuVfKek5EB720+niCTuxvewjhXewtSsNZpjbNhJNu0YAdwKFkCCFMnxMSb8JPl2oNQQ==
x-fb-trip-id: 720026100
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 04 Aug 2023 21:59:40 GMT

GET
H2 200 GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 3795 272 B
493 B 39ms
38ms Image
image/png 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:59:46 GMT
x-content-type-options: nosniff
content-md5: lIjeC3eJAboxVqIOEs/Auw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 272
x-fb-rlafr: 0
x-fb-debug: 1nlGSA8GFwYVmd5b0Jqaeq8VjYHV0ojnP10nfJK2blulHrVK4umRp7FEBswx1ey3bS5yrYB+W9ME+JL4DcJ4sw==
x-fb-trip-id: 720026100
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 05 Aug 2023 02:02:40 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 86ms
33ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1325033141&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.ost2.com%2Fthankyou.aspx%3Fpcode%3D803012392dj98yp%26utm_campaign%3DOST2_2.20%26utm_source%3Delastic%26utm_medium%3DOC%26utm_content%3DOC&ul=en-us&de=UTF-8&dt=Thank%20you%20for%20downloading%20OST2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Downloads&ea=Downloaded%20File&el=%2Fthankyou.aspx%3Fpcode%3D803012392dj98yp%26utm_campaign%3DOST2_2.20%26utm_source%3Delastic%26utm_medium%3DOC%26utm_content%3DOC&_u=YEBAAEABAAAAAC~&jid=1778539780&gjid=503968886&cid=1009901048.1660053587&tid=UA-30051-59&_gid=676747735.1660053587&_r=1&gtm=2wg880KQDRM8Q&z=829053340

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ost2.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:59:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ost2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 74ms
26ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1325033141&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ost2.com%2Fthankyou.aspx%3Fpcode%3D803012392dj98yp%26utm_campaign%3DOST2_2.20%26utm_source%3Delastic%26utm_medium%3DOC%26utm_content%3DOC&ul=en-us&de=UTF-8&dt=Thank%20you%20for%20downloading%20OST2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAAC~&jid=&gjid=&cid=1009901048.1660053587&tid=UA-30051-59&_gid=676747735.1660053587&gtm=2wg880KQDRM8Q&z=1057654262

Requested by

Host: www.ost2.com
URL: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 02:23:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 41755
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 16018841.js Show response
bat.bing.com/p/action/ 1 KB
861 B 221ms
220ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/16018841.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

ecf863d4575df570c6e6cdaf2f9bfafd1f346313fbfbc3e7d6b264547f7e7c4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DE16033C9D3A4D1796E1AA7DA84F3511 Ref B: AMSEDGE1008 Ref C: 2022-08-09T13:59:46Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
date: Tue, 09 Aug 2022 13:59:46 GMT
content-length: 667

GET
H2 204 0
bat.bing.com/action/ 0
175 B 40ms
39ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=16018841&tm=gtm002&Ver=2&mid=eabb7347-9a1e-4c04-bafb-bcf9085bc944&sid=870f8eb017eb11eda0a9b9903530409c&vid=870fd7a017eb11ed8697df2cfcf63c06&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Thank%20you%20for%20downloading%20OST2&kw=free,%20download,%20ost2,%20ost%20to%20pst,%20convert%20ost&p=https%3A%2F%2Fwww.ost2.com%2Fthankyou.aspx%3Fpcode%3D803012392dj98yp%26utm_campaign%3DOST2_2.20%26utm_source%3Delastic%26utm_medium%3DOC%26utm_content%3DOC&r=&lt=1637&evt=pageLoad&sv=1&rn=823768

Requested by

Host: www.ost2.com
URL: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FDCB174110F549F8A3BD2ED00EF1ACB4 Ref B: AMSEDGE1008 Ref C: 2022-08-09T13:59:46Z
date: Tue, 09 Aug 2022 13:59:46 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/950524144/ 2 KB
1 KB 94ms
39ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/950524144/?random=1660053586911&cv=9&fst=1660053586911&num=1&value=0&label=UwOqCPb0yv4BEPCxn8UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg880&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ost2.com%2Fthankyou.aspx%3Fpcode%3D803012392dj98yp%26utm_campaign%3DOST2_2.20%26utm_source%3Delastic%26utm_medium%3DOC%26utm_content%3DOC&tiba=Thank%20you%20for%20downloading%20OST2&auid=855454714.1660053587&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

98e60d1c349183ec21a94ebb7c2780d101a5c83382d54930a6a8d54cf1aee673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1294
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK combined_B2C981F9E9F380B02A358BB033B408E3.css
www.ost2.com/css/ Frame 2A88 79 KB
21 KB 394ms
378ms Stylesheet
text/css 148.72.170.205
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ost2.com/css/combined_B2C981F9E9F380B02A358BB033B408E3.css
Requested by: Host: www.ost2.com
URL: https://www.ost2.com/subscribe.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 148.72.170.205 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: /
Resource Hash: 2e4fb23cd2521673d2df3dbc378f8482bd1d87c270435c375312e1f3d72481a6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/subscribe.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 13:59:53 GMT
Content-Encoding: gzip
Last-Modified: Sat, 16 Jul 2022 21:34:49 GMT
Server
ETag: "cf594ee05b99d81:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-cache,public,max-age=31536000
Accept-Ranges: bytes
Content-Length: 20835

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 70ms
23ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-30051-59&cid=1009901048.1660053587&jid=1778539780&gjid=503968886&_gid=676747735.1660053587&_u=YEBAAEAAAAAAAC~&z=182896638

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ost2.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 09 Aug 2022 13:59:47 GMT
content-type: text/plain
access-control-allow-origin: https://www.ost2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.fr/pagead/1p-conversion/950524144/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950524144/?random=1223379405&cv=9&fst=1660053586911&num=1&value=0&label=UwOqCPb0yv4BEPCxn8UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO...
https://www.google.com/pagead/1p-conversion/950524144/?random=1223379405&cv=9&fst=1660053586911&num=1&value=0&label=UwOqCPb0yv4BEPCxn8UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_...
https://www.google.fr/pagead/1p-conversion/950524144/?random=1223379405&cv=9&fst=1660053586911&num=1&value=0&label=UwOqCPb0yv4BEPCxn8UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...

42 B
154 B

41ms
41ms

Image
image/gif

2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-conversion/950524144/?random=1223379405&cv=9&fst=1660053586911&num=1&value=0&label=UwOqCPb0yv4BEPCxn8UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg880&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ost2.com%2Fthankyou.aspx%3Fpcode%3D803012392dj98yp%26utm_campaign%3DOST2_2.20%26utm_source%3Delastic%26utm_medium%3DOC%26utm_content%3DOC&tiba=Thank%20you%20for%20downloading%20OST2&auid=855454714.1660053587&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=UmjyYpmoPJWqmLAP-_Ci8Aw&eitems=ChAI8IvIlwYQlefi6vKwsLk5Eh0AWW6Kfy8rzxz0TxUIHSjekZLqGJsCKgVdlH_p2A&random=3268011714&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: www.ost2.com
URL: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC

Protocol

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:59:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:59:47 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.fr/pagead/1p-conversion/950524144/?random=1223379405&cv=9&fst=1660053586911&num=1&value=0&label=UwOqCPb0yv4BEPCxn8UD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg880&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.ost2.com%2Fthankyou.aspx%3Fpcode%3D803012392dj98yp%26utm_campaign%3DOST2_2.20%26utm_source%3Delastic%26utm_medium%3DOC%26utm_content%3DOC&tiba=Thank%20you%20for%20downloading%20OST2&auid=855454714.1660053587&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=UmjyYpmoPJWqmLAP-_Ci8Aw&eitems=ChAI8IvIlwYQlefi6vKwsLk5Eh0AWW6Kfy8rzxz0TxUIHSjekZLqGJsCKgVdlH_p2A&random=3268011714&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 111ms
50ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-30051-59&cid=1009901048.1660053587&jid=1778539780&_u=YEBAAEAAAAAAAC~&z=539522921

Requested by

Host: www.ost2.com
URL: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:59:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fr/ads/ 42 B
501 B 123ms
50ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-30051-59&cid=1009901048.1660053587&jid=1778539780&_u=YEBAAEAAAAAAAC~&z=539522921

Requested by

Host: www.ost2.com
URL: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:59:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 16018841 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 259ms
150ms Script
application/x-javascript 2620:1ec:27::cafe:1835
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/16018841
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/16018841.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1835 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 4b4f36717fb874b10fda8df10e2a2016915f62c1f3f5192f0ea7034ae722bbea

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:59:46 GMT
x-powered-by: ASP.NET
x-azure-ref: 0U2jyYgAAAAD+rIBh31i8T5DwqYXBOIfcV0FXMDFFREdFMDUyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
content-length: 1542
expires: -1

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 2A88 49 KB
20 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.ost2.com
URL: https://www.ost2.com/subscribe.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3467
date: Tue, 09 Aug 2022 13:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 09 Aug 2022 15:02:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-b/s/0.6.37/ 53 KB
23 KB 144ms
143ms Script
application/javascript 2620:1ec:27::cafe:1835
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-b/s/0.6.37/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/16018841
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1835 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 9e8ba124b0c73a351df657b54d58db545fe810e16c0d9b07824a64864792a20d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:59:46 GMT
content-encoding: br
etag: "1d8aa4ff65ff896"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0U2jyYgAAAACDS6oP+CwrQLz7q11cLMreV0FXMDFFREdFMDUyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
content-length: 23115
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ Frame 2A88 4 B
25 B 71ms
24ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-30051-59&cid=1009901048.1660053587&jid=368948181&gjid=705221897&_gid=676747735.1660053587&_u=ACCAiEABBAAAAE~&z=1362465501

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ost2.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 09 Aug 2022 13:59:47 GMT
content-type: text/plain
access-control-allow-origin: https://www.ost2.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 2A88 35 B
55 B 26ms
25ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=995929543&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ost2.com%2Fsubscribe.aspx&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=519x400&je=0&_u=ACCAiEABB~&jid=368948181&gjid=705221897&cid=1009901048.1660053587&tid=UA-30051-59&_gid=676747735.1660053587&z=736210576

Requested by

Host: www.ost2.com
URL: https://www.ost2.com/subscribe.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 02:23:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 41756
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ Frame 2A88 42 B
63 B 107ms
51ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-30051-59&cid=1009901048.1660053587&jid=368948181&_u=ACCAiEABBAAAAE~&z=1645275186

Requested by

Host: www.ost2.com
URL: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:59:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.fr/ads/ Frame 2A88 42 B
63 B 105ms
51ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-30051-59&cid=1009901048.1660053587&jid=368948181&_u=ACCAiEABBAAAAE~&z=1645275186

Requested by

Host: www.ost2.com
URL: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:59:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.3/customer/action/ 6 KB
2 KB 303ms
302ms Script
application/javascript 95.101.23.194
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=10998812&version=1341.5.5.2570.9.284.69.12.1.1.1.16&group_id=0&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.23.194 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-23-194.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bd86618e81ea81ad8739b49ec6f4e7bad584baa9575f38087f17ad4ff50c8210

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:59:47 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
cache-control: public, max-age=600
content-length: 2009
expires: Tue, 09 Aug 2022 14:09:47 GMT

POST
H2 204 collect Show response
f.clarity.ms/ 0
174 B 439ms
210ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b/s/0.6.37/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.ost2.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: https://www.ost2.com
date: Tue, 09 Aug 2022 13:59:47 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 open_chat Show response
secure.livechatinc.com/customer/action/ Frame 8FED 4 KB
2 KB 260ms
210ms Document
text/html 95.101.23.194
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=10998812&group=0&embedded=1&widget_version=3&unique_groups=0
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.23.194 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-23-194.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 54e81cbd05a850a19ca03979d5a408eac4df47d6cfa7cf1542b5d2b40432a6be

Request headers

Referer: https://www.ost2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: gzip
content-length: 1988
content-type: text/html; charset=utf-8
date: Tue, 09 Aug 2022 13:59:48 GMT
vary: Accept-Encoding

GET
H2 200 get_localization Show response
api.livechatinc.com/v3.3/customer/action/ 11 KB
4 KB 182ms
182ms Script
application/javascript 95.101.23.194
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.3/customer/action/get_localization?license_id=10998812&version=ff93808ef52c6dd040640c4853b854bd_933ca966e0a5e2e778d277d140e32e04&language=en&group_id=0&jsonp=__lc_localization
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.23.194 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-23-194.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 899af8e209b99b25416df710f1b9baa3c083f4e198a9661027dc6ad94f33a77f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:59:47 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
cache-control: public, max-age=600
content-length: 3820
expires: Tue, 09 Aug 2022 14:09:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8FED 5 KB
1 KB 83ms
30ms Stylesheet
text/css 2a00:1450:400e:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap

Requested by

Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=10998812&group=0&embedded=1&widget_version=3&unique_groups=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:811::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ce2e29fbc4e24edb01b73f09bb5a9e616af2cbc270c23d3b804e251ef247f13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 12:31:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 09 Aug 2022 13:59:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Aug 2022 13:59:48 GMT

GET
H2 200 0.5e39f535.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame 8FED 208 KB
65 KB 27ms
26ms Script
application/javascript 23.36.162.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/0.5e39f535.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=10998812&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-25.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2f07cf2d75a64fc496c3a956ae437d8dd283efb6e22e8e0bb22a0c5aefe32072

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: Nzgi13md.1CtYc.21LdDhJ5a6jTgBTVM
content-encoding: br
last-modified: Mon, 01 Aug 2022 09:50:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"c600293b742d482923faff2af0dc88da"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Tue, 09 Aug 2022 13:59:48 GMT
content-length: 65886
x-amz-cf-id: QXBniB7616FaUKmY5oL4PdDtkOpyDsp-SO5IS_bxz_8xc-tB-NI2UQ==
expires: Wed, 09 Aug 2023 13:59:48 GMT

GET
H2 200 2.288ab811.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame 8FED 218 KB
62 KB 52ms
51ms Script
application/javascript 23.36.162.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/2.288ab811.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=10998812&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-25.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f056a9a81a10045b0ea54105a42a825d7631fe09753efaf2bc2b5916e96b558c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: 9uci2BncrTKkALnRYjTqUZaXaFVDHsmg
content-encoding: br
last-modified: Mon, 20 Jun 2022 07:59:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: W/"9dbbb1e76379bfb7753f80f52e3c0f87"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Tue, 09 Aug 2022 13:59:48 GMT
content-length: 63059
x-amz-cf-id: PgdxCpncTwf6YJIxqDCrbaA4BuFB79sSAEKRmic5VA4qaQVi7oMkRQ==
expires: Wed, 09 Aug 2023 13:59:48 GMT

GET
H2 200 iframe.2456a99b.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame 8FED 413 KB
111 KB 53ms
53ms Script
application/javascript 23.36.162.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/iframe.2456a99b.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=10998812&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-25.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2028b87e88c2d74ec916857ae7ea9e9941d17552748c3085290acd64e945164d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: 7MGUlBa35jdScpSH0dgadQ.rrwghay6j
content-encoding: br
last-modified: Mon, 01 Aug 2022 09:50:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"319ccab00dbae91c6f6939da0ccb95d6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Tue, 09 Aug 2022 13:59:48 GMT
content-length: 113418
x-amz-cf-id: -6wkJDUHk_Bbu7OxC-pQoG6rPkCihn9GeB3_fziTIY0qJkCXtmAr1g==
expires: Wed, 09 Aug 2023 13:59:48 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ Frame 8FED 13 KB
13 KB 94ms
32ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.livechatinc.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 17:47:57 GMT
x-content-type-options: nosniff
age: 72711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12860
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 17:47:57 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ Frame 8FED 12 KB
13 KB 89ms
27ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.livechatinc.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 16:22:46 GMT
x-content-type-options: nosniff
age: 77822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12684
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:28:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 16:22:46 GMT

GET
H3 200 like.php Show response
www.facebook.com/plugins/ Frame 3590 35 KB
13 KB 146ms
103ms Document
text/html 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2ab8ace19302c4%26domain%3Dwww.ost2.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.ost2.com%252Ff18c230324b3ea4%26relation%3Dparent.parent&container_width=0&font=&height=21&href=http%3A%2F%2Fwww.facebook.com%2F4TeamCorporation&layout=button_count&locale=en_US&sdk=joey&show_faces=false&width=115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=167cd3287d6843d57043d77b2eea8309

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

153c383b8cdd02ff3071e4cb33f09a696f678d75a27f2c27a0eff4e889971093

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ost2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Tue, 09 Aug 2022 13:59:48 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: gHfGVLadMjJis8P7xNl6Yub12++Fx0ratS8kjJbd5Vuj6fC54Os48cHV+QHTIwDDQ7xRz0pxmM9kTBFWwSWtKw==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=7BF66E1220E04C18B85B13429009869D&RedC=c.clarity.ms&MXFR=218D7EA71C106FA93FF06F5C18106179
https://c.clarity.ms/c.gif?CtsSyncId=7BF66E1220E04C18B85B13429009869D&MUID=0016AB4F5D506C9928ADBAB45C656D71

42 B
369 B

31ms
31ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=7BF66E1220E04C18B85B13429009869D&MUID=0016AB4F5D506C9928ADBAB45C656D71
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.ost2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:59:47 GMT
last-modified: Thu, 28 Jul 2022 20:41:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "82531c78c2a2d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:59:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C9AA069452E1464F912B4EB4BCEBAE5A Ref B: AMSEDGE1008 Ref C: 2022-08-09T13:59:48Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=7BF66E1220E04C18B85B13429009869D&MUID=0016AB4F5D506C9928ADBAB45C656D71
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 200 token Show response
accounts.livechatinc.com/customer/ Frame 8FED 138 B
1 KB 232ms
193ms XHR
application/json 95.101.23.194
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.livechatinc.com/customer/token
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/0.5e39f535.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.23.194 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-23-194.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 20198531e77cba1b4f8aa8b14387fa470d39166f8d6ec734b45e5d3b3ee5a55b

Request headers

Referer: https://secure.livechatinc.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Aug 2022 13:59:48 GMT
content-type: application/json
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 138
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 3590 299 B
353 B 76ms
36ms Image
image/png 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2ab8ace19302c4%26domain%3Dwww.ost2.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.ost2.com%252Ff18c230324b3ea4%26relation%3Dparent.parent&container_width=0&font=&height=21&href=http%3A%2F%2Fwww.facebook.com%2F4TeamCorporation&layout=button_count&locale=en_US&sdk=joey&show_faces=false&width=115

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:59:48 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 299
x-fb-rlafr: 0
x-fb-debug: KRRtiu5ATKwqmX6QOEg2PeE5p5qGjh+JuwqUFw3QrU6nDD/0wH8UBmvO47eLHOMVp7HE1er/kTVEEIKfIeWS2g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Sun, 06 Aug 2023 04:42:25 GMT

GET
H3 200 cS8skx2GDlY.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yT/l/en_US/ Frame 3590 533 KB
139 KB 41ms
40ms XHR
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yT/l/en_US/cS8skx2GDlY.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a5e67cdd4efcb6057b3819a8efc89cde68f1e3a4d3a2efd7e812b0771211989c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 13:59:48 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: VsuFn3ZI5j2iTMAhAxel5g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 142050
x-fb-rlafr: 0
x-fb-debug: DzngbSzJOKQa6UjTbZtY2p6HxdqU+SWzMrz3ylVlQZ8I9HF+ej+KjA2Zv7clzCou4Mh0gDXWQq3i592eKjoGBg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Fri, 04 Aug 2023 21:37:45 GMT

POST
H2 204 collect Show response
f.clarity.ms/ 0
25 B 97ms
96ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b/s/0.6.37/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.ost2.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: https://www.ost2.com
date: Tue, 09 Aug 2022 13:59:47 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H/1.1 200
OK ost2_setup.exe
d.4team.biz/files/ 0
0 788ms
330ms Document
application/x-msdownload 104.131.135.195
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://d.4team.biz/files/ost2_setup.exe

Requested by

Host: www.ost2.com
URL: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.131.135.195 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.10.3 / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.ost2.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Disposition: Attachment;filename=ost2_setup.exe
Content-Length: 15673288
Content-Type: application/x-msdownload
Date: Tue, 09 Aug 2022 13:59:50 GMT
Last-Modified: Thu, 14 Jul 2022 08:26:43 GMT
Server: nginx/1.10.3
Strict-Transport-Security: max-age=604800
X-Powered-By: Express

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.accounts.livechatinc.com/v2/customer/token	1970-01-20 14:43:33	Name: __lc_cid Value: 74122bed-9ccc-4f4f-77d3-cca85f74d5b0
.accounts.livechatinc.com/v2/customer/token	1970-01-20 14:43:33	Name: __lc_cst Value: 02f66d19b17a431da61bdabf5df35537773f618292287c1b03f96c0de33cc4e665228b1d3b6c7a4d13e77c418845b49987efda8c94849f72cef5e913f87d
.accounts.livechatinc.com/customer/token	1970-01-20 14:43:33	Name: __lc_cid Value: 74122bed-9ccc-4f4f-77d3-cca85f74d5b0
.accounts.livechatinc.com/customer/token	1970-01-20 14:43:33	Name: __lc_cst Value: 02f66d19b17a431da61bdabf5df35537773f618292287c1b03f96c0de33cc4e665228b1d3b6c7a4d13e77c418845b49987efda8c94849f72cef5e913f87d
www.ost2.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: czixevxpra0wvlvwz1k15tmp
www.ost2.com/	1970-01-20 06:12:21	Name: visit Value: trackCode=803012392dj98yp&SFVisit=8/9/2022 9:59:53 AM&FVisit=8/9/2022 9:59:53 AM&LVisit=8/9/2022 9:59:53 AM&CExpires=9/23/2022 9:59:53 AM
.ost2.com/	1970-01-20 07:17:09	Name: _gcl_au Value: 1.1.855454714.1660053587
.ost2.com/	1970-01-20 14:43:33	Name: initialTrafficSource Value: utmcsr=elastic\|utmcmd=OC\|utmccn=OST2_2.20\|utmcct=OC
.ost2.com/	1969-12-31 23:59:59	Name: __utmzzses Value: 1
.ost2.com/	1970-01-20 14:43:33	Name: _ga Value: GA1.2.1009901048.1660053587
.ost2.com/	1970-01-20 05:08:59	Name: _gid Value: GA1.2.676747735.1660053587
.ost2.com/	1970-01-20 05:07:33	Name: _gat_UA-30051-59 Value: 1
.bing.com/	1970-01-20 14:29:09	Name: MUID Value: 0016AB4F5D506C9928ADBAB45C656D71
.ost2.com/	1970-01-20 05:08:59	Name: _uetsid Value: 870f8eb017eb11eda0a9b9903530409c
.ost2.com/	1970-01-20 14:29:09	Name: _uetvid Value: 870fd7a017eb11ed8697df2cfcf63c06
.doubleclick.net/	1970-01-20 05:07:34	Name: test_cookie Value: CheckForPermission
www.clarity.ms/	1970-01-20 13:53:09	Name: CLID Value: 6abad80282274b9ba1d10d421a4d3dbf.20220809.20230809
.ost2.com/	1970-01-20 05:07:33	Name: _gat Value: 1
.ost2.com/	1970-01-20 13:53:09	Name: _clck Value: 1es95j5\|1\|f3v\|0
.ost2.com/	1970-01-20 05:08:59	Name: _clsk Value: 19px43o\|1660053588087\|1\|1\|f.clarity.ms/collect
.c.bing.com/	1970-01-20 14:29:09	Name: SRM_B Value: 0016AB4F5D506C9928ADBAB45C656D71
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 14:29:09	Name: MUID Value: 0016AB4F5D506C9928ADBAB45C656D71
.c.clarity.ms/	1970-01-20 05:07:34	Name: ANONCHK Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.ost2.com/thankyou.aspx?pcode=803012392dj98yp&utm_campaign=OST2_2.20&utm_source=elastic&utm_medium=OC&utm_content=OC(Line 111) Message: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.livechatinc.com
api.livechatinc.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.livechatinc.com
connect.facebook.net
d.4team.biz
f.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
secure.livechatinc.com
static.xx.fbcdn.net
stats.g.doubleclick.net
tracking.4team.biz
www.4team.biz
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fr
www.googleadservices.com
www.googletagmanager.com
www.ost2.com
104.131.135.195
142.250.186.66
148.72.170.205
20.234.93.27
20.84.22.197
23.36.162.25
2620:1ec:27::cafe:1835
2620:1ec:c11::200
2a00:1450:4001:801::2003
2a00:1450:4001:809::2004
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:82b::2003
2a00:1450:400c:c06::9b
2a00:1450:400e:811::200a
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
94.23.161.19
95.101.23.194
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
02f06ce9bcb611c38bcc8ee5aa38dfd50ccabb78207c00c99d22e5db88c090de
03fbc776f5be008274054b95a377a7f58c83c85de44ad2563c068509de31dac2
045389a47d33c6f60a21cbf4c3fc0190756e4ddd991eb757e846538fccb62cc1
08e777880f53e0e527333f100692c9c57ab2d11bf7536a0070b523320f0835b2
0933497f6d1f2b79b1d6de0f03f3cb41d8d422bd97c31736601ffb9f5a70c7f8
10c7ab5e3c677c22ccde6cb66285a4cdc45edd4bc559d3a6b590da035c15bf4f
122865061bb99999fe89c1577ca55179344e3f3273b7697714edb6fd5c544e91
13b84188778cb66f884f0d65906e0cd64bc9ea173cab20231625623768bf181c
153c383b8cdd02ff3071e4cb33f09a696f678d75a27f2c27a0eff4e889971093
17501867c5575758f94ce6de91b9a83c9b3477df0d4e064f8e4baa86170f8686
20198531e77cba1b4f8aa8b14387fa470d39166f8d6ec734b45e5d3b3ee5a55b
2028b87e88c2d74ec916857ae7ea9e9941d17552748c3085290acd64e945164d
2191d6675e99c42d9e6c4ccd2350b3852f1e4e77b9c7341f9cbe467656b4ab40
2af34ef71e58658ae2358171b7508555cddd488dfb1bea735d0787a7ceaa4390
2e4fb23cd2521673d2df3dbc378f8482bd1d87c270435c375312e1f3d72481a6
2f07cf2d75a64fc496c3a956ae437d8dd283efb6e22e8e0bb22a0c5aefe32072
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
324b9d944e39c915922db7058a276bd708e68ea5d86762741f14864af2324607
486b53eaffe8c541a4ad7407f819ef9dae1f082e80beea4502b432c0bed60aed
4b4f36717fb874b10fda8df10e2a2016915f62c1f3f5192f0ea7034ae722bbea
4ce2e29fbc4e24edb01b73f09bb5a9e616af2cbc270c23d3b804e251ef247f13
4f2d22816ea2cf91fc917b3f5ce90e388fd40fd26761bc38722dc3ec3d6a7868
502b3a01779bb64531d8f6b7ea0c0665ebc78f6af08740e19c9da340599bda65
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
54d646a6facffb65b1a578b71aae91d622df210c309f4deefbddb6d3b54b8551
54e81cbd05a850a19ca03979d5a408eac4df47d6cfa7cf1542b5d2b40432a6be
5f97c50ae6524005cf75800d76a6c0b796b7204c05385cc0ef4ec55a3249d65a
65195d97ca48468a31efc512c265f5f6b9f0dca6fdf9f2bcbb0cb06736de6ecf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
899af8e209b99b25416df710f1b9baa3c083f4e198a9661027dc6ad94f33a77f
8bc98f1aa27de258280d399e5c120da413bcccc458ef8118b97bc77ffc013ef0
92028fc57dc8749d841073ef8b60d0304c2d3807f05ba9fa52fd919f2eac9519
9748decf4855693b7e888f11951ba7df0d311a7ce90568b3afa65e452d016cdc
98e60d1c349183ec21a94ebb7c2780d101a5c83382d54930a6a8d54cf1aee673
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9e8ba124b0c73a351df657b54d58db545fe810e16c0d9b07824a64864792a20d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5e67cdd4efcb6057b3819a8efc89cde68f1e3a4d3a2efd7e812b0771211989c
a979c8281fe9f984a09a990a2b0645c675184c7217d60896d838cde8f07c2a4a
b01961838c9d8a1386993c11afef2b7071a477cd145e3d889ed007486aee909f
b14b20e00b98864ec587d9506949a75091d957bfe5bd0b5f1ac860c37097cce3
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
b4159452319998fe256c509d4286be48472988830525dfd24b413c8ec633c490
bd86618e81ea81ad8739b49ec6f4e7bad584baa9575f38087f17ad4ff50c8210
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
c293da098dc6e2c6dd2326ecf26df2aa5fe808cb6fd05ea042165726ac03572f
caa0c9d63625a36f9d097567cc3306ff0e9de5c8fb54a2ad6c30253ccd18b0a3
ce26e5866ce45002cf18d670e5a6304777c771e365554d407417df0a323f3b3e
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
dd02ac90e4492e313d148c3ffe18f6e6996e5cd9c4f9f171564135f089674968
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44e92299443eb4106a03878ca35fb9bd5082a75ceee11349ece264cfc861652
e981600143912b15c16cc622837e514a111b7758a48cbfa9f168104b7db72c81
e9c430faf05d214e822a0ed7947886c3979c8cdd2d98e89e2a42fb6cc7807da3
ecf863d4575df570c6e6cdaf2f9bfafd1f346313fbfbc3e7d6b264547f7e7c4c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f056a9a81a10045b0ea54105a42a825d7631fe09753efaf2bc2b5916e96b558c
f51ed7e8bb49b3a1f01c4b5ebfb960b5315fb0fa7f2d29845ac7a74fc40378f7

www.ost2.com Open in urlscan Pro 148.72.170.205 Public Scan

Summary

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

71 Requests

97 %HTTPS

60 %IPv6

16 Domains

25 Subdomains

18 IPs

5 Countries

1162 kBTransfer

3348 kBSize

24 Cookies

18 Outgoing links

Page URL History

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ost2.com Open in urlscan Pro
148.72.170.205 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

97 %
HTTPS

60 %
IPv6

16
Domains

25
Subdomains

18
IPs

5
Countries

1162 kB
Transfer

3348 kB
Size

24
Cookies

71 HTTP transactions
0 data transactions