urlscan.io logo urlscan.io
SecurityTrails logo

www.myofficeboca.net.turkpayroll.com Open in urlscan Pro
68.66.226.81  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.myofficeboca.net.turkpayroll.com/
Submission: On June 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 58 HTTP transactions. The main IP is 68.66.226.81, located in United States and belongs to A2HOSTING, US. The main domain is www.myofficeboca.net.turkpayroll.com.
TLS certificate: Issued by R3 on May 26th 2024. Valid for: 3 months.
This is the only time www.myofficeboca.net.turkpayroll.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 68.66.226.81 55293 (A2HOSTING)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.64.176 54113 (FASTLY)
2 159.65.56.174 14061 (DIGITALOC...)
5 20.246.218.104 8075 (MICROSOFT...)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 151.101.128.176 54113 (FASTLY)
2 2a03:2880:f17... 32934 (FACEBOOK)
23 2620:1ec:bdf::45 8075 (MICROSOFT...)
58 11
12    68.66.226.81 (United States)

ASN55293 (A2HOSTING, US)
PTR: az1-ts2.a2hosting.com
www.myofficeboca.net.turkpayroll.com
www.myofficeboca.net
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    151.101.64.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
2    159.65.56.174 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
app.aminos.ai
5    20.246.218.104 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.cognitoforms.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    151.101.128.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
23    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
static.cognitoforms.com
Apex Domain
Subdomains		 Transfer
28 cognitoforms.com
www.cognitoforms.com — Cisco Umbrella Rank: 47114
static.cognitoforms.com — Cisco Umbrella Rank: 69059
332 KB
11 turkpayroll.com
www.myofficeboca.net.turkpayroll.com
414 KB
3 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1556
3 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
3 KB
2 gstatic.com
fonts.gstatic.com
16 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
73 KB
2 aminos.ai
app.aminos.ai — Cisco Umbrella Rank: 908256
230 KB
1 myofficeboca.net
www.myofficeboca.net Failed
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
824 B
58 9
Domain Requested by
23 static.cognitoforms.com www.cognitoforms.com
11 www.myofficeboca.net.turkpayroll.com www.myofficeboca.net.turkpayroll.com
5 www.cognitoforms.com www.myofficeboca.net.turkpayroll.com
static.cognitoforms.com
www.cognitoforms.com
3 js.stripe.com www.myofficeboca.net.turkpayroll.com
js.stripe.com
2 www.facebook.com www.myofficeboca.net.turkpayroll.com
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net www.myofficeboca.net.turkpayroll.com
connect.facebook.net
2 app.aminos.ai www.myofficeboca.net.turkpayroll.com
app.aminos.ai
1 www.myofficeboca.net www.myofficeboca.net.turkpayroll.com
1 fonts.googleapis.com www.myofficeboca.net.turkpayroll.com
58 10

This site contains links to these domains. Also see Links.

Domain
myofficeboca.com
app.hellosign.com
wa.me
goo.gl
www.facebook.com
Subject Issuer Validity Valid
autodiscover.myofficeboca.net
R3		 2024-05-26 -
2024-08-24		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-05-22 -
2024-08-22		 3 months crt.sh
app.aminos.ai
R11		 2024-06-09 -
2024-09-07		 3 months crt.sh
*.cognitoforms.com
Go Daddy Secure Certificate Authority - G2		 2023-07-08 -
2024-08-08		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-25 -
2024-06-23		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.myofficeboca.net.turkpayroll.com/
Frame ID: DFE2B821ED999424EBD7914F43489DCE
Requests: 53 HTTP requests in this frame

Frame: https://js.stripe.com/v3/buy-button-app-2625066c491fbdeb24f5c2e2be89fead82c58f20.html
Frame ID: 1DB5DB5F1F3BD8F8C0DB501C23E27671
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/buy-button-app-2625066c491fbdeb24f5c2e2be89fead82c58f20.html
Frame ID: 0EF576BEF816BF7CA1AB5C6A5A3FE383
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Don't miss out on amazing! Elevate Your Business Game with Virtual Office in Boca Raton

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

58
Requests

90 %
HTTPS

50 %
IPv6

9
Domains

10
Subdomains

11
IPs

3
Countries

1074 kB
Transfer

3175 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.myofficeboca.net.turkpayroll.com/ 		37 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.myofficeboca.net.turkpayroll.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
68.66.226.81 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ts2.a2hosting.com
Software
LiteSpeed / PHP/7.4.33
Resource Hash
bc05d1292ed6f5599afa8b419a59cb394ecb2c715f9d98d3583d1a50ef0971eb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 16 Jun 2024 06:44:32 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.4.33
stacks.css
www.myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/ 		1 KB
456 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/stacks.css?rwcache=738449097
Requested by
Host: www.myofficeboca.net.turkpayroll.com
URL: https://www.myofficeboca.net.turkpayroll.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
68.66.226.81 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ts2.a2hosting.com
Software
LiteSpeed /
Resource Hash
c12f66e47da8e8d16c444c3923ec1592f895dc378d6e5960954ec46a8bc56c4d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.myofficeboca.net.turkpayroll.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 06:44:32 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Sun, 26 May 2024 20:45:16 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
344
expires
Sun, 23 Jun 2024 06:44:32 GMT
bootstrap.min.css
www.myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/ 		227 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/bootstrap.min.css?rwcache=738449097
Requested by
Host: www.myofficeboca.net.turkpayroll.com
URL: https://www.myofficeboca.net.turkpayroll.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
68.66.226.81 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ts2.a2hosting.com
Software
LiteSpeed /
Resource Hash
66ac704488e8836391b7c6146b461bbcc9902f5a3e8506658dca4a66c9fc9f3a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.myofficeboca.net.turkpayroll.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 06:44:32 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Sun, 26 May 2024 20:45:48 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
28271
expires
Sun, 23 Jun 2024 06:44:32 GMT
stacks_page_page0.css
www.myofficeboca.net.turkpayroll.com/files/ 		291 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.myofficeboca.net.turkpayroll.com/files/stacks_page_page0.css?rwcache=738449097
Requested by
Host: www.myofficeboca.net.turkpayroll.com
URL: https://www.myofficeboca.net.turkpayroll.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
68.66.226.81 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ts2.a2hosting.com
Software
LiteSpeed /
Resource Hash
bdae7a11cea4e5176cba3b6b748c2ec963c083c25f05fb440f16c891a40d73e2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.myofficeboca.net.turkpayroll.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 06:44:32 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Sun, 26 May 2024 20:45:55 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
39752
expires
Sun, 23 Jun 2024 06:44:32 GMT
jquery-2.2.4.min.js
www.myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/jquery-2.2.4.min.js?rwcache=738449097
Requested by
Host: www.myofficeboca.net.turkpayroll.com
URL: https://www.myofficeboca.net.turkpayroll.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
68.66.226.81 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ts2.a2hosting.com
Software
LiteSpeed /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.myofficeboca.net.turkpayroll.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 06:44:32 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Sun, 26 May 2024 20:45:58 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
29167
expires
Sun, 23 Jun 2024 06:44:32 GMT
font-awesome.min.css
www.myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/font-awesome.min.css?rwcache=738449097
Requested by
Host: www.myofficeboca.net.turkpayroll.com
URL: https://www.myofficeboca.net.turkpayroll.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
68.66.226.81 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ts2.a2hosting.com
Software
LiteSpeed /
Resource Hash
fd00bbafd075c724d48213b6ad9f6091984ab5ada86a11f77241f316ce25cf19
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.myofficeboca.net.turkpayroll.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 06:44:32 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Sun, 26 May 2024 20:45:12 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
6649
expires
Sun, 23 Jun 2024 06:44:32 GMT
bootstrap.bundle.min.js
www.myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/ 		79 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/bootstrap.bundle.min.js?rwcache=738449097
Requested by
Host: www.myofficeboca.net.turkpayroll.com
URL: https://www.myofficeboca.net.turkpayroll.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
68.66.226.81 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ts2.a2hosting.com
Software
LiteSpeed /
Resource Hash
f200de74197ce4d398afa19a632d72c0b41d8c7396b229b64744a9a4b88897eb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.myofficeboca.net.turkpayroll.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 06:44:32 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Sun, 26 May 2024 20:45:43 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
22861
expires
Sun, 23 Jun 2024 06:44:32 GMT
stacks_page_page0.js
www.myofficeboca.net.turkpayroll.com/files/ 		74 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.myofficeboca.net.turkpayroll.com/files/stacks_page_page0.js?rwcache=738449097
Requested by
Host: www.myofficeboca.net.turkpayroll.com
URL: https://www.myofficeboca.net.turkpayroll.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
68.66.226.81 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ts2.a2hosting.com
Software
LiteSpeed /
Resource Hash
7a63bc6c966ea05378cf44b06e242afae5e2900294816b76d2a3c846cf97fd23
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.myofficeboca.net.turkpayroll.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 06:44:32 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Sun, 26 May 2024 20:46:01 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
20052
expires
Sun, 23 Jun 2024 06:44:32 GMT
css
fonts.googleapis.com/ 		1 KB
824 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:400,700,
Requested by
Host: www.myofficeboca.net.turkpayroll.com
URL: https://www.myofficeboca.net.turkpayroll.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f9f4b743e9eb8730c606cf5776e89fde8d9c8694426490579941b6a8e91135e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 16 Jun 2024 06:44:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 16 Jun 2024 06:44:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 16 Jun 2024 06:44:32 GMT
drag-and-drop-logo-4-FD6.png
www.myofficeboca.net.turkpayroll.com/files/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.myofficeboca.net.turkpayroll.com/files/drag-and-drop-logo-4-FD6.png
Requested by
Host: www.myofficeboca.net.turkpayroll.com
URL: https://www.myofficeboca.net.turkpayroll.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
68.66.226.81 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ts2.a2hosting.com
Software
LiteSpeed /
Resource Hash
12e33a7b05a17696bf44ecfedb75f7af3c136abe9d8d4bfaa489d72e609cc114
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.myofficeboca.net.turkpayroll.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 06:44:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
last-modified
Sun, 26 May 2024 20:45:05 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
15504
expires
Sun, 23 Jun 2024 06:44:32 GMT
buy-button.js
js.stripe.com/v3/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/buy-button.js
Requested by
Host: www.myofficeboca.net.turkpayroll.com
URL: https://www.myofficeboca.net.turkpayroll.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f7d240daa88fddf56de3c14d5fd702c5429a44fc85d9dcff3f930c293ee39f70
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 16 Jun 2024 06:44:33 GMT
via
1.1 varnish
age
55
x-cache
HIT
content-length
3163
x-request-id
db24e9c8-2980-454a-b083-0b5f65d56530
x-served-by
cache-fra-etou8220115-FRA
last-modified
Fri, 14 Jun 2024 20:00:49 GMT
server
Fastly
etag
"cf29736c131177883dd5e3460daa22da"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
chat_plugin.js
app.aminos.ai/js/ 		822 KB
229 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.aminos.ai/js/chat_plugin.js
Requested by
Host: www.myofficeboca.net.turkpayroll.com
URL: https://www.myofficeboca.net.turkpayroll.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.56.174 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
22c99930d1401bbc519578cc8ebe49142610a191fb39e8642e5c009c9bce5e26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 06:44:32 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Sun, 09 Jun 2024 14:50:44 GMT
server
nginx-rc
etag
W/"6665c144-cd840"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Tue, 16 Jul 2024 06:44:32 GMT
seamless.js
www.cognitoforms.com/f/ 		69 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cognitoforms.com/f/seamless.js
Requested by
Host: www.myofficeboca.net.turkpayroll.com
URL: https://www.myofficeboca.net.turkpayroll.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.246.218.104 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1ce7af209763c2b0fe84268e413e27e57beb1b146712ceacdd07b3168259b96c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*; connect-src 'self' https://* wss:; media-src 'self' https://* blob:; font-src 'self' https://* data:; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:; worker-src blob:;
Strict-Transport-Security max-age=35136000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 06:44:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=35136000; includeSubDomains
x-role-instance
cogwprdb0001KI
content-security-policy
default-src 'self' https://*; connect-src 'self' https://* wss:; media-src 'self' https://* blob:; font-src 'self' https://* data:; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:; worker-src blob:;
p3p
CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
content-length
17798
request-context
appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
pragma
no-cache
x-server-time
2024-06-16T06:44:33.599Z
referrer-policy
origin-when-cross-origin
etag
1e1629215ce9df8ec7990d408d21cc9f
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-SessionToken,X-Server-Time, Request-Context
cache-control
no-cache, must-revalidate
x-request-time
3ms
expires
-1
consolidated.css
www.myofficeboca.net/rw_common/themes/FDY/ 		0
0
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.myofficeboca.net.turkpayroll.com
URL: https://www.myofficeboca.net.turkpayroll.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.myofficeboca.net.turkpayroll.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 16 Jun 2024 06:44:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58024
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=12, mss=1297, tbw=2815, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
57oVQ1gkVa/7CR18r/0SPxb5Y0Uw5PLMsiykzo4/XH5QphlZCvrtg9snTvBCbna/mQ4SK7i2Pu0jrP7BpD3gaQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
drag-and-drop-img-560.png
www.myofficeboca.net.turkpayroll.com/files/ 		170 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.myofficeboca.net.turkpayroll.com/files/drag-and-drop-img-560.png
Requested by
Host: www.myofficeboca.net.turkpayroll.com
URL: https://www.myofficeboca.net.turkpayroll.com/files/stacks_page_page0.css?rwcache=738449097
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
68.66.226.81 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ts2.a2hosting.com
Software
LiteSpeed /
Resource Hash
d3bcd1e1eb17895a0ade507cd3c481d93138b207a206ae9b759933711f70a649
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.myofficeboca.net.turkpayroll.com/files/stacks_page_page0.css?rwcache=738449097
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 06:44:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
last-modified
Sun, 26 May 2024 20:45:34 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
174339
expires
Sun, 23 Jun 2024 06:44:33 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,700,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.myofficeboca.net.turkpayroll.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 05:31:15 GMT
x-content-type-options
nosniff
age
263598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 05:31:15 GMT
fontawesome-webfont.woff2
www.myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.myofficeboca.net.turkpayroll.com
URL: https://www.myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/font-awesome.min.css?rwcache=738449097
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
68.66.226.81 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ts2.a2hosting.com
Software
LiteSpeed /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.myofficeboca.net.turkpayroll.com/rw_common/plugins/stacks/font-awesome.min.css?rwcache=738449097
Origin
https://www.myofficeboca.net.turkpayroll.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 06:44:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
last-modified
Sun, 26 May 2024 20:46:03 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
font/woff2
accept-ranges
bytes
content-length
77160
buy-button-app-2625066c491fbdeb24f5c2e2be89fead82c58f20.html
js.stripe.com/v3/ Frame 1DB5 		0
0
buy-button-app-2625066c491fbdeb24f5c2e2be89fead82c58f20.html
js.stripe.com/v3/ Frame 1DB5 		0
0
buy-button-app-2625066c491fbdeb24f5c2e2be89fead82c58f20.html
js.stripe.com/v3/ Frame 1DB5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/buy-button-app-2625066c491fbdeb24f5c2e2be89fead82c58f20.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/buy-button.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://r.stripe.com https://errors.stripe.com https://merchant-ui-api.stripe.com; default-src 'none'; font-src 'self' https://js.stripe.com; form-action 'none'; frame-src 'self' https://js.stripe.com; img-src 'self' https://js.stripe.com https://stripe-camo.global.ssl.fastly.net https://d1wqzb5bdbcre6.cloudfront.net https://files.stripe.com https://img.stripecdn.com; script-src 'self' https://js.stripe.com; style-src 'self' https://js.stripe.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
125011
cache-control
max-age=604800, stale-while-revalidate=900
content-encoding
br
content-length
366
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://r.stripe.com https://errors.stripe.com https://merchant-ui-api.stripe.com; default-src 'none'; font-src 'self' https://js.stripe.com; form-action 'none'; frame-src 'self' https://js.stripe.com; img-src 'self' https://js.stripe.com https://stripe-camo.global.ssl.fastly.net https://d1wqzb5bdbcre6.cloudfront.net https://files.stripe.com https://img.stripecdn.com; script-src 'self' https://js.stripe.com; style-src 'self' https://js.stripe.com; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://r.stripe.com https://errors.stripe.com https://merchant-ui-api.stripe.com; default-src 'none'; font-src 'self' https://js.stripe.com; form-action 'none'; frame-src 'self' https://js.stripe.com; img-src 'self' https://js.stripe.com https://stripe-camo.global.ssl.fastly.net https://d1wqzb5bdbcre6.cloudfront.net https://files.stripe.com https://img.stripecdn.com; script-src 'self' https://js.stripe.com; style-src 'self' https://js.stripe.com; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 16 Jun 2024 06:44:33 GMT
etag
"178180911e2cb3ef18b51973c761c060"
last-modified
Fri, 14 Jun 2024 20:00:49 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
21
x-content-type-options
nosniff
x-request-id
7802aad4-51c9-4b5c-b642-57d23159e519
x-served-by
cache-fra-etou8220023-FRA
buy-button-app-2625066c491fbdeb24f5c2e2be89fead82c58f20.html
js.stripe.com/v3/ Frame 0EF5 		0
0
buy-button-app-2625066c491fbdeb24f5c2e2be89fead82c58f20.html
js.stripe.com/v3/ Frame 0EF5 		0
0
buy-button-app-2625066c491fbdeb24f5c2e2be89fead82c58f20.html
js.stripe.com/v3/ Frame 0EF5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/buy-button-app-2625066c491fbdeb24f5c2e2be89fead82c58f20.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/buy-button.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://r.stripe.com https://errors.stripe.com https://merchant-ui-api.stripe.com; default-src 'none'; font-src 'self' https://js.stripe.com; form-action 'none'; frame-src 'self' https://js.stripe.com; img-src 'self' https://js.stripe.com https://stripe-camo.global.ssl.fastly.net https://d1wqzb5bdbcre6.cloudfront.net https://files.stripe.com https://img.stripecdn.com; script-src 'self' https://js.stripe.com; style-src 'self' https://js.stripe.com; report-uri https://q.stripe.com/csp-report
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
125011
cache-control
max-age=604800, stale-while-revalidate=900
content-encoding
br
content-length
366
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://r.stripe.com https://errors.stripe.com https://merchant-ui-api.stripe.com; default-src 'none'; font-src 'self' https://js.stripe.com; form-action 'none'; frame-src 'self' https://js.stripe.com; img-src 'self' https://js.stripe.com https://stripe-camo.global.ssl.fastly.net https://d1wqzb5bdbcre6.cloudfront.net https://files.stripe.com https://img.stripecdn.com; script-src 'self' https://js.stripe.com; style-src 'self' https://js.stripe.com; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://r.stripe.com https://errors.stripe.com https://merchant-ui-api.stripe.com; default-src 'none'; font-src 'self' https://js.stripe.com; form-action 'none'; frame-src 'self' https://js.stripe.com; img-src 'self' https://js.stripe.com https://stripe-camo.global.ssl.fastly.net https://d1wqzb5bdbcre6.cloudfront.net https://files.stripe.com https://img.stripecdn.com; script-src 'self' https://js.stripe.com; style-src 'self' https://js.stripe.com; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 16 Jun 2024 06:44:33 GMT
etag
"178180911e2cb3ef18b51973c761c060"
last-modified
Fri, 14 Jun 2024 20:00:49 GMT
server
Fastly
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
21
x-content-type-options
nosniff
x-request-id
7802aad4-51c9-4b5c-b642-57d23159e519
x-served-by
cache-fra-etou8220023-FRA
1107143453767544
connect.facebook.net/signals/config/ 		66 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1107143453767544?v=2.9.158&r=stable&domain=www.myofficeboca.net.turkpayroll.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
db6feea74ec864d557db4c996b4ad15a1d55e3290ffb379dd7d0bf97b33922ec
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 16 Jun 2024 06:44:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=65, mss=1297, tbw=63593, tp=-1, tpl=-1, uplat=137, ullat=0
pragma
public
x-fb-debug
WcUXRm450XQysGCYtr6YIShyIz5QAABeJW09cfdvFcAxixH7q08TEWCWFFIoEhVJ9MO1cXHRS+eHTeWF6COSww==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
javascript.js
www.myofficeboca.net/rw_common/themes/FDY/ 		0
0
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,700,
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.myofficeboca.net.turkpayroll.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 09:07:51 GMT
x-content-type-options
nosniff
age
250602
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 09:07:51 GMT
truncated
/ 		44 B
44 B 		Other
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52734ffc9ed5c328ac20a2b1bd1177ade6dd2a4279d2445547fffdd5d1f5e2c4

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
/
www.facebook.com/tr/ 		0
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1107143453767544&ev=PageView&dl=https%3A%2F%2Fwww.myofficeboca.net.turkpayroll.com%2F&rl=&if=false&ts=1718520273915&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718520273912.63047321994482412&cs_est=true&ler=empty&cdl=API_unavailable&it=1718520273638&coo=false&rqm=GET
Requested by
Host: www.myofficeboca.net.turkpayroll.com
URL: https://www.myofficeboca.net.turkpayroll.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1297, tbw=2841, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 16 Jun 2024 06:44:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1107143453767544&ev=PageView&dl=https%3A%2F%2Fwww.myofficeboca.net.turkpayroll.com%2F&rl=&if=false&ts=1718520273915&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718520273912.63047321994482412&cs_est=true&ler=empty&cdl=API_unavailable&it=1718520273638&coo=false&rqm=FGET
Requested by
Host: www.myofficeboca.net.turkpayroll.com
URL: https://www.myofficeboca.net.turkpayroll.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xf588cfe5c3682ec0","source_keys":["1","2"]},{"key_piece":"0xb9590d91fa17903e","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Sun, 16 Jun 2024 06:44:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7380988376329945289", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=14, mss=1297, tbw=3160, tp=-1, tpl=-1, uplat=220, ullat=0
pragma
no-cache
x-fb-debug
0VzOuyXc2fGVssW4yjwlnp7weNV+ljQCKSG1oDf4fhht6n7Wrren1pQzbmp3+gaVcROQMsEDYBg5lpLX7vIL5A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7380988376329945289"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
16448
app.aminos.ai/api/bot_info/ 		54 B
930 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.aminos.ai/api/bot_info/16448
Requested by
Host: app.aminos.ai
URL: https://app.aminos.ai/js/chat_plugin.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.56.174 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
3badc36c0070a45c212cbda5d0e60814eb2aeeef7c980745d31e49c6d7da0fe3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 06:44:34 GMT
content-encoding
br
server
nginx-rc
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
private, must-revalidate
expires
-1
27.e98d1369d14d2b1586c2.js
static.cognitoforms.com/form/modern/ 		115 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/27.e98d1369d14d2b1586c2.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3d13494fece71cfd3d65a1037360b2c6d6dee4f0022a00ce25b902e10fd18f1e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 16 Jun 2024 06:44:34 GMT
content-encoding
br
last-modified
Wed, 12 Jun 2024 20:55:14 GMT
vary
Accept-Encoding
x-azure-ref
20240616T064434Z-r1695cb74692bnxrp28gudf8fs00000002vg00000001hp6w
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d0091f28-801e-0012-8096-bdd7ed000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
4761670
114.0c5775db0fe51be9e589.js
static.cognitoforms.com/form/modern/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/114.0c5775db0fe51be9e589.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
47938ba13e4f180286efffcc1d0ce2b2937273354bd4ae048e840032f59d3d0f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 16 Jun 2024 06:44:34 GMT
content-encoding
br
last-modified
Thu, 13 Jun 2024 18:10:06 GMT
vary
Accept-Encoding
x-azure-ref
20240616T064434Z-r1695cb74692bnxrp28gudf8fs00000002vg00000001hp6x
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e0cbda9f-901e-0031-1a30-be4d2e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
4761670
203.24ec54c3d416d1410a41.js
static.cognitoforms.com/form/modern/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/203.24ec54c3d416d1410a41.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3ee7ba6b4b8fff2816f2217eecccc0a3776e9015bcb4753283deec524e791675

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 16 Jun 2024 06:44:34 GMT
content-encoding
br
last-modified
Thu, 13 Jun 2024 18:10:07 GMT
vary
Accept-Encoding
x-azure-ref
20240616T064434Z-r1695cb74692bnxrp28gudf8fs00000002vg00000001hp6v
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d8e59e09-c01e-003c-13d0-bd85fa000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
4761670
truncated
/ 		497 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05d055c4cb935414f1cc2eb7ffec3f85f541991a10899c53baf31a1e630a78fd

Request headers

Referer
Origin
https://www.myofficeboca.net.turkpayroll.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
favicon-32x32.png
www.myofficeboca.net/resources/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.myofficeboca.net/resources/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
68.66.226.81 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ts2.a2hosting.com
Software
LiteSpeed /
Resource Hash
d0193c33d5e864aec9c1c47a611ca445c043983d989cd7caa2849d54281550d9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 06:44:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
last-modified
Sun, 26 May 2024 20:45:57 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
1826
expires
Sun, 23 Jun 2024 06:44:34 GMT
177.3b5ba3af41efbf7e0f3b.js
static.cognitoforms.com/form/modern/ 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/177.3b5ba3af41efbf7e0f3b.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
354b11d042e16b1548f806eed69ebc40ade72d16ed08359135202a882e297b76

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 16 Jun 2024 06:44:34 GMT
content-encoding
br
last-modified
Thu, 13 Jun 2024 18:10:07 GMT
vary
Accept-Encoding
x-azure-ref
20240616T064434Z-r1695cb74692bnxrp28gudf8fs00000002vg00000001hp7d
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5396645b-401e-0050-4ed0-bd6e6d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
4761670
199.98db2e8e1d77b72d79c0.js
static.cognitoforms.com/form/modern/ 		37 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/199.98db2e8e1d77b72d79c0.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b636082f1ab199d86df4c0049547fba1d6115d7dbfa81b320634c3a08fc11e2c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 16 Jun 2024 06:44:34 GMT
content-encoding
br
last-modified
Thu, 13 Jun 2024 18:10:07 GMT
vary
Accept-Encoding
x-azure-ref
20240616T064434Z-r1695cb74692bnxrp28gudf8fs00000002vg00000001hp7e
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d8e5a007-c01e-003c-64d0-bd85fa000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
4761670
66.e1dac0ae5fb425f2ae30.js
static.cognitoforms.com/form/modern/ 		51 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/66.e1dac0ae5fb425f2ae30.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
866574aa6ca7145a56ab0f983bffd818ccd0cc47fc664f17eb783d11a1923339

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 16 Jun 2024 06:44:34 GMT
content-encoding
br
last-modified
Thu, 13 Jun 2024 18:10:07 GMT
vary
Accept-Encoding
x-azure-ref
20240616T064434Z-r1695cb74692bnxrp28gudf8fs00000002vg00000001hp7f
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9c55ac7a-501e-0073-6d30-bef4ae000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
4761670
198.89e828fbe412d40c3982.js
static.cognitoforms.com/form/modern/ 		130 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/198.89e828fbe412d40c3982.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
586ca022f43fe82e790ffd385a53177e59db216849c7ca22642a8fe135f536bf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 16 Jun 2024 06:44:34 GMT
content-encoding
br
last-modified
Wed, 12 Jun 2024 20:55:14 GMT
vary
Accept-Encoding
x-azure-ref
20240616T064434Z-r1695cb74692bnxrp28gudf8fs00000002vg00000001hp7g
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7c741fd7-301e-0065-0496-bd0279000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
4761670
37.8683a6b91792f39f2629.js
static.cognitoforms.com/form/modern/ 		152 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/37.8683a6b91792f39f2629.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
85c2b7f6c779682a967d9eaa6f06c29537c7f9ae4572e3a0d8b4ba4204e69b5c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 16 Jun 2024 06:44:34 GMT
content-encoding
br
last-modified
Thu, 13 Jun 2024 18:10:07 GMT
vary
Accept-Encoding
x-azure-ref
20240616T064434Z-r1695cb74692bnxrp28gudf8fs00000002vg00000001hp7h
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ea0ab1ae-601e-000a-68d0-bd088a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
4761670
174.102810c00c7a6392c962.js
static.cognitoforms.com/form/modern/ 		149 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/174.102810c00c7a6392c962.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9159e66a34eefbca6793f0cfa0af7fca3c3dfaa78aeddd05fefa17909666d57b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 16 Jun 2024 06:44:34 GMT
content-encoding
br
last-modified
Fri, 14 Jun 2024 14:50:14 GMT
vary
Accept-Encoding
x-azure-ref
20240616T064434Z-r1695cb74692bnxrp28gudf8fs00000002vg00000001hp7k
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5ddda57e-a01e-0058-546b-be7462000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
4761670
23
www.cognitoforms.com/svc/load-form/new-session/0FwzPHs_IEuSTevu99kmYw/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cognitoforms.com/svc/load-form/new-session/0FwzPHs_IEuSTevu99kmYw/23?embedContext=seamless&omitPaymentToken=false
Requested by
Host: static.cognitoforms.com
URL: https://static.cognitoforms.com/form/modern/198.89e828fbe412d40c3982.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.246.218.104 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8842851d6744418f3eba92a8c0a017ffd6f0291c5ba732c7b6a78716ad6240da
Security Headers
Name Value
Strict-Transport-Security max-age=35136000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
pragma
no-cache
date
Sun, 16 Jun 2024 06:44:35 GMT
strict-transport-security
max-age=35136000; includeSubDomains
x-server-time
2024-06-16T06:44:35.373Z
x-role-instance
cogwprdb0001KM
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-SessionToken,X-Server-Time, Request-Context
cache-control
no-cache, no-store, must-revalidate
p3p
CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
x-request-time
77ms
content-length
2521
request-context
appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
23
www.cognitoforms.com/svc/load-form/new-session/0FwzPHs_IEuSTevu99kmYw/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.cognitoforms.com/svc/load-form/new-session/0FwzPHs_IEuSTevu99kmYw/23?embedContext=seamless&omitPaymentToken=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.246.218.104 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=35136000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.myofficeboca.net.turkpayroll.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-requested-with, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Request-Context
access-control-max-age
1728000
content-length
0
date
Sun, 16 Jun 2024 06:44:35 GMT
p3p
CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
request-context
appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
strict-transport-security
max-age=35136000; includeSubDomains
x-request-time
0ms
x-role-instance
cogwprdb0001KI
23
www.cognitoforms.com/svc/load-form/form-def/0FwzPHs_IEuSTevu99kmYw/ 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cognitoforms.com/svc/load-form/form-def/0FwzPHs_IEuSTevu99kmYw/23
Requested by
Host: static.cognitoforms.com
URL: https://static.cognitoforms.com/form/modern/37.8683a6b91792f39f2629.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.246.218.104 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
38c0c3afe93402e431e416c061340a64bde8dd564d6ed0068261647c655e264c
Security Headers
Name Value
Strict-Transport-Security max-age=35136000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
pragma
no-cache
date
Sun, 16 Jun 2024 06:44:35 GMT
content-encoding
gzip
x-server-time
2024-06-16T06:44:35.573Z
strict-transport-security
max-age=35136000; includeSubDomains
x-role-instance
cogwprdb0001KQ
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-SessionToken,X-Server-Time, Request-Context
cache-control
no-cache, no-store, must-revalidate
p3p
CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
x-request-time
168ms
content-length
7453
request-context
appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
opensanscondensed.css
www.cognitoforms.com/content/fonts/opensanscondensed/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cognitoforms.com/content/fonts/opensanscondensed/opensanscondensed.css
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/form-def/0FwzPHs_IEuSTevu99kmYw/23
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.246.218.104 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5470d8ba3d52e47b7719c9d91ff8bd76d2c502e8c93d05738a0c23956dd4d491
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*; connect-src 'self' https://* wss:; media-src 'self' https://* blob:; font-src 'self' https://* data:; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:; worker-src blob:;
Strict-Transport-Security max-age=35136000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 06:44:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=35136000; includeSubDomains
x-role-instance
cogwprdb0001KL
content-security-policy
default-src 'self' https://*; connect-src 'self' https://* wss:; media-src 'self' https://* blob:; font-src 'self' https://* data:; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:; worker-src blob:;
p3p
CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
content-length
609
request-context
appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
x-server-time
2024-06-16T06:44:35.858Z
referrer-policy
origin-when-cross-origin
last-modified
Thu, 13 Jun 2024 15:48:40 GMT
etag
"07c3f29a9bdda1:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
X-SessionToken,X-Server-Time, Request-Context
x-request-time
0ms
accept-ranges
bytes
69.87cb675daac1315f930b.js
static.cognitoforms.com/form/modern/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/69.87cb675daac1315f930b.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eb5d5896a3c157bb64220170a469f30035327b95b06f5d09f351345c823fd12c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 16 Jun 2024 06:44:35 GMT
content-encoding
br
last-modified
Thu, 13 Jun 2024 18:10:07 GMT
vary
Accept-Encoding
x-azure-ref
20240616T064435Z-r1695cb74692bnxrp28gudf8fs00000002vg00000001hpdq
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2910fd60-101e-005d-22d0-bda6b9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
4761670
39.0302816b47628bba4c32.js
static.cognitoforms.com/form/modern/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/39.0302816b47628bba4c32.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
29f4d76ba21af733ddff00739d98b8c089658ac0c857a6c9dcf45bb055ae083e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 16 Jun 2024 06:44:35 GMT
content-encoding
br
last-modified
Wed, 12 Jun 2024 20:55:14 GMT
vary
Accept-Encoding
x-azure-ref
20240616T064435Z-r1695cb74692bnxrp28gudf8fs00000002vg00000001hpdr
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
52283dc4-401e-0050-7e98-bd6e6d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
4761670
206.0e93cd53b2f91563ceaa.js
static.cognitoforms.com/form/modern/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/206.0e93cd53b2f91563ceaa.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30ea390e355cb3f1a6a4273912ab9af121e79960102a7d7d0cdb6f5d9cdf7a81

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 16 Jun 2024 06:44:35 GMT
content-encoding
br
last-modified
Thu, 13 Jun 2024 18:10:07 GMT
vary
Accept-Encoding
x-azure-ref
20240616T064435Z-r1695cb74692bnxrp28gudf8fs00000002vg00000001hpe6
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d413bca1-601e-000a-15c1-bd088a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
4761670
22.4079b1f6d28b66195e1c.js
static.cognitoforms.com/form/modern/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/22.4079b1f6d28b66195e1c.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cb22b95005902ce2085369a42e51f3bf31ce5eee3c52c152e12e96e78268e81d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 16 Jun 2024 06:44:35 GMT
content-encoding
br
last-modified
Wed, 12 Jun 2024 20:55:14 GMT
vary
Accept-Encoding
x-azure-ref
20240616T064435Z-r1695cb74692bnxrp28gudf8fs00000002vg00000001hpea
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
aebcab9c-a01e-0005-75a9-bd7ee6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
4761670
13.44050a98893af356d256.js
static.cognitoforms.com/form/modern/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/13.44050a98893af356d256.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
051578b32917a9d66350318dc4b7270656fc5c333d5ef0541623157a6047f544

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 16 Jun 2024 06:44:35 GMT
content-encoding
br
last-modified
Wed, 12 Jun 2024 20:55:13 GMT
vary
Accept-Encoding
x-azure-ref
20240616T064435Z-r1695cb74692bnxrp28gudf8fs00000002vg00000001hpeb
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f4e5d049-801e-002d-0998-bd1f4e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
4761670
123.dca6b20bd356ac8faab0.js
static.cognitoforms.com/form/modern/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/123.dca6b20bd356ac8faab0.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dc59b14d676a28661546eba2c90e97d1da36d89f2bf821ec089cd6a243240362

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 16 Jun 2024 06:44:35 GMT
content-encoding
br
last-modified
Wed, 12 Jun 2024 20:55:13 GMT
vary
Accept-Encoding
x-azure-ref
20240616T064435Z-r1695cb74692bnxrp28gudf8fs00000002vg00000001hpec
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
da78c2bc-801e-005f-1198-bd1801000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
4761670
1.7710b29580b4a9fb3336.js
static.cognitoforms.com/form/modern/ 		273 B
785 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/1.7710b29580b4a9fb3336.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
13a94242b556ef4c32988b9ebdad770a344422f347373e108ab4764343e45d51

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 16 Jun 2024 06:44:35 GMT
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4761670
content-length
273
x-ms-lease-status
unlocked
last-modified
Thu, 13 Jun 2024 18:10:06 GMT
etag
0x8DC8BD40E404B4B
x-azure-ref
20240616T064435Z-r1695cb74692bnxrp28gudf8fs00000002vg00000001hpef
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
aec58a51-f01e-0045-15d0-bd79de000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
0.0f6d4e130a6141c1dad3.js
static.cognitoforms.com/form/modern/ 		561 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/0.0f6d4e130a6141c1dad3.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
144a4a376cb9cfbe9e45b455f25a80306291698c0ed2c97f24aca292cb2b21e1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 16 Jun 2024 06:44:35 GMT
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4761670
content-length
561
x-ms-lease-status
unlocked
last-modified
Thu, 13 Jun 2024 18:10:06 GMT
etag
0x8DC8BD40E4B1499
x-azure-ref
20240616T064435Z-r1695cb74692bnxrp28gudf8fs00000002vg00000001hpeg
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
105595cf-001e-006e-0ad0-bdf912000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
2.6d8910cc2b9da19bdfaf.js
static.cognitoforms.com/form/modern/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/2.6d8910cc2b9da19bdfaf.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
238c7d1b1b295caadb6166f202d0284f653547a36dd07770e3efa3f563adc3b4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 16 Jun 2024 06:44:35 GMT
content-encoding
br
last-modified
Thu, 13 Jun 2024 18:10:07 GMT
vary
Accept-Encoding
x-azure-ref
20240616T064435Z-r1695cb74692bnxrp28gudf8fs00000002vg00000001hpeh
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8568ded2-201e-0046-50d0-bd98ba000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
4761670
9.fac04b95522c60a24785.js
static.cognitoforms.com/form/modern/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/9.fac04b95522c60a24785.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
89da017bf79927382fdcc6bdc062a35099e5b3e37a612c598a7b0da37865c6c2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 16 Jun 2024 06:44:35 GMT
content-encoding
br
last-modified
Wed, 12 Jun 2024 20:55:14 GMT
vary
Accept-Encoding
x-azure-ref
20240616T064435Z-r1695cb74692bnxrp28gudf8fs00000002vg00000001hpek
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a6e203bb-101e-0072-42a9-bdab72000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
4761670
3.28da91a52a535afae15d.js
static.cognitoforms.com/form/modern/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/3.28da91a52a535afae15d.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e1b0e3a2e5a3bf414239e46390b0e0c2859caa67530a509246525bbfa097460a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 16 Jun 2024 06:44:35 GMT
content-encoding
br
last-modified
Thu, 13 Jun 2024 18:10:07 GMT
vary
Accept-Encoding
x-azure-ref
20240616T064435Z-r1695cb74692bnxrp28gudf8fs00000002vg00000001hpem
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
aec58a69-f01e-0045-28d0-bd79de000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
4761670
17.d0096b8b4128a623a2b5.js
static.cognitoforms.com/form/modern/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/17.d0096b8b4128a623a2b5.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7dfa02d68e1df0ff551b8b3e42a9612f448ec3db7a70e43831d6f5a9d4e805c0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 16 Jun 2024 06:44:35 GMT
content-encoding
br
last-modified
Thu, 13 Jun 2024 18:10:06 GMT
vary
Accept-Encoding
x-azure-ref
20240616T064435Z-r1695cb74692bnxrp28gudf8fs00000002vg00000001hpen
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6820ff5b-001e-006e-603c-bef912000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
4761670
130.5f2bc106a29cf4eaaf5c.js
static.cognitoforms.com/form/modern/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/130.5f2bc106a29cf4eaaf5c.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d19bf029f6157da94c5a754fbf174e5026a776b4a3910f6ba2023d612b6cb319

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 16 Jun 2024 06:44:35 GMT
content-encoding
br
last-modified
Thu, 13 Jun 2024 18:10:06 GMT
vary
Accept-Encoding
x-azure-ref
20240616T064435Z-r1695cb74692bnxrp28gudf8fs00000002vg00000001hpep
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b3972451-101e-002f-522a-bea1f6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
4761670
128.c185ba9d01ca05608e93.js
static.cognitoforms.com/form/modern/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/128.c185ba9d01ca05608e93.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44568efe3b5bba4143180e8827425df62376918028b69237ebcb1d608034d6f1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 16 Jun 2024 06:44:35 GMT
content-encoding
br
last-modified
Wed, 12 Jun 2024 20:55:13 GMT
vary
Accept-Encoding
x-azure-ref
20240616T064435Z-r1695cb74692bnxrp28gudf8fs00000002vg00000001hpes
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
94038725-301e-0038-0ba9-bd08fd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
4761670

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.myofficeboca.net
URL
http://www.myofficeboca.net/rw_common/themes/FDY/consolidated.css
Domain
js.stripe.com
URL
https://js.stripe.com/v3/buy-button-app-2625066c491fbdeb24f5c2e2be89fead82c58f20.html
Domain
js.stripe.com
URL
https://js.stripe.com/v3/buy-button-app-2625066c491fbdeb24f5c2e2be89fead82c58f20.html
Domain
js.stripe.com
URL
https://js.stripe.com/v3/buy-button-app-2625066c491fbdeb24f5c2e2be89fead82c58f20.html
Domain
js.stripe.com
URL
https://js.stripe.com/v3/buy-button-app-2625066c491fbdeb24f5c2e2be89fead82c58f20.html
Domain
www.myofficeboca.net
URL
http://www.myofficeboca.net/rw_common/themes/FDY/javascript.js

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| fbq function| _fbq undefined| $ undefined| jQuery number| uidEvent object| bootstrap object| stacks function| jarallax function| WOW function| axios function| setImmediate function| clearImmediate function| Vue function| _ function| lodash object| CognitoConfiguration object| cfWebpackJsonp function| Cognito object| stks_in object| stks_out object| regeneratorRuntime function| vueRecaptchaApiLoaded object| core object| currentScript

2 Cookies

Domain/Path Name / Value
.turkpayroll.com/ Name: _fbp
Value: fb.1.1718520273912.63047321994482412
m.stripe.com/ Name: m
Value: d8704e27-f21a-4ed5-bc9d-e24b60d71c95ef0c10

3 Console Messages

Source Level URL
Text
security error URL: https://www.myofficeboca.net.turkpayroll.com/(Line 13)
Message:
Mixed Content: The page at 'https://www.myofficeboca.net.turkpayroll.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://www.myofficeboca.net/rw_common/themes/FDY/consolidated.css'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www.myofficeboca.net.turkpayroll.com/
Message:
Mixed Content: The page at 'https://www.myofficeboca.net.turkpayroll.com/' was loaded over HTTPS, but requested an insecure script 'http://www.myofficeboca.net/rw_common/themes/FDY/javascript.js'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://app.aminos.ai/api/bot_info/16448
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.aminos.ai
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
static.cognitoforms.com
www.cognitoforms.com
www.facebook.com
www.myofficeboca.net
www.myofficeboca.net.turkpayroll.com
js.stripe.com
www.myofficeboca.net
151.101.128.176
151.101.64.176
159.65.56.174
20.246.218.104
2620:1ec:bdf::45
2a00:1450:4001:829::200a
2a00:1450:4001:831::2003
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
68.66.226.81
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
051578b32917a9d66350318dc4b7270656fc5c333d5ef0541623157a6047f544
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
05d055c4cb935414f1cc2eb7ffec3f85f541991a10899c53baf31a1e630a78fd
12e33a7b05a17696bf44ecfedb75f7af3c136abe9d8d4bfaa489d72e609cc114
13a94242b556ef4c32988b9ebdad770a344422f347373e108ab4764343e45d51
144a4a376cb9cfbe9e45b455f25a80306291698c0ed2c97f24aca292cb2b21e1
1ce7af209763c2b0fe84268e413e27e57beb1b146712ceacdd07b3168259b96c
22c99930d1401bbc519578cc8ebe49142610a191fb39e8642e5c009c9bce5e26
238c7d1b1b295caadb6166f202d0284f653547a36dd07770e3efa3f563adc3b4
29f4d76ba21af733ddff00739d98b8c089658ac0c857a6c9dcf45bb055ae083e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30ea390e355cb3f1a6a4273912ab9af121e79960102a7d7d0cdb6f5d9cdf7a81
354b11d042e16b1548f806eed69ebc40ade72d16ed08359135202a882e297b76
38c0c3afe93402e431e416c061340a64bde8dd564d6ed0068261647c655e264c
3badc36c0070a45c212cbda5d0e60814eb2aeeef7c980745d31e49c6d7da0fe3
3d13494fece71cfd3d65a1037360b2c6d6dee4f0022a00ce25b902e10fd18f1e
3ee7ba6b4b8fff2816f2217eecccc0a3776e9015bcb4753283deec524e791675
44568efe3b5bba4143180e8827425df62376918028b69237ebcb1d608034d6f1
47938ba13e4f180286efffcc1d0ce2b2937273354bd4ae048e840032f59d3d0f
52734ffc9ed5c328ac20a2b1bd1177ade6dd2a4279d2445547fffdd5d1f5e2c4
5470d8ba3d52e47b7719c9d91ff8bd76d2c502e8c93d05738a0c23956dd4d491
586ca022f43fe82e790ffd385a53177e59db216849c7ca22642a8fe135f536bf
66ac704488e8836391b7c6146b461bbcc9902f5a3e8506658dca4a66c9fc9f3a
7a63bc6c966ea05378cf44b06e242afae5e2900294816b76d2a3c846cf97fd23
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7dfa02d68e1df0ff551b8b3e42a9612f448ec3db7a70e43831d6f5a9d4e805c0
85c2b7f6c779682a967d9eaa6f06c29537c7f9ae4572e3a0d8b4ba4204e69b5c
866574aa6ca7145a56ab0f983bffd818ccd0cc47fc664f17eb783d11a1923339
8842851d6744418f3eba92a8c0a017ffd6f0291c5ba732c7b6a78716ad6240da
89da017bf79927382fdcc6bdc062a35099e5b3e37a612c598a7b0da37865c6c2
9159e66a34eefbca6793f0cfa0af7fca3c3dfaa78aeddd05fefa17909666d57b
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b636082f1ab199d86df4c0049547fba1d6115d7dbfa81b320634c3a08fc11e2c
bc05d1292ed6f5599afa8b419a59cb394ecb2c715f9d98d3583d1a50ef0971eb
bdae7a11cea4e5176cba3b6b748c2ec963c083c25f05fb440f16c891a40d73e2
c12f66e47da8e8d16c444c3923ec1592f895dc378d6e5960954ec46a8bc56c4d
cb22b95005902ce2085369a42e51f3bf31ce5eee3c52c152e12e96e78268e81d
d0193c33d5e864aec9c1c47a611ca445c043983d989cd7caa2849d54281550d9
d19bf029f6157da94c5a754fbf174e5026a776b4a3910f6ba2023d612b6cb319
d3bcd1e1eb17895a0ade507cd3c481d93138b207a206ae9b759933711f70a649
db6feea74ec864d557db4c996b4ad15a1d55e3290ffb379dd7d0bf97b33922ec
dc59b14d676a28661546eba2c90e97d1da36d89f2bf821ec089cd6a243240362
e1b0e3a2e5a3bf414239e46390b0e0c2859caa67530a509246525bbfa097460a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb5d5896a3c157bb64220170a469f30035327b95b06f5d09f351345c823fd12c
f200de74197ce4d398afa19a632d72c0b41d8c7396b229b64744a9a4b88897eb
f7d240daa88fddf56de3c14d5fd702c5429a44fc85d9dcff3f930c293ee39f70
f9f4b743e9eb8730c606cf5776e89fde8d9c8694426490579941b6a8e91135e6
fd00bbafd075c724d48213b6ad9f6091984ab5ada86a11f77241f316ce25cf19