1to1help.net Open in urlscan Pro
15.207.173.106 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://1to1help.net/
Effective URL:
https://1to1help.net/
Submission: On January 03 via manual (January 3rd 2023, 11:30:17 am UTC) from IN — Scanned from DE

Summary HTTP 94 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 22 IPs in 6 countries across 18 domains to perform 94 HTTP transactions. The main IP is 15.207.173.106, located in Mumbai, India and belongs to AMAZON-02, US. The main domain is 1to1help.net.
TLS certificate: Issued by Amazon on December 29th 2022. Valid for: a year.

This is the only time 1to1help.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.7.39.143 3.7.39.143	16509 (AMAZON-02) (AMAZON-02)
16	15.207.173.106 15.207.173.106	16509 (AMAZON-02) (AMAZON-02)
27	99.86.247.152 99.86.247.152	16509 (AMAZON-02) (AMAZON-02)
1	99.86.247.13 99.86.247.13	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:80e::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:11a... 2a02:26f0:11a::217:9a4a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	199.232.16.157 199.232.16.157	54113 (FASTLY) (FASTLY)
2	2620:1ec:4e:1... 2620:1ec:4e:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
2	2600:9000:206... 2600:9000:206f:2800:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:400d:808::2003	15169 (GOOGLE) (GOOGLE)
3	20.84.22.197 20.84.22.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
94	22

1 3.7.39.143 (Mumbai, India) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-7-39-143.ap-south-1.compute.amazonaws.com

1to1help.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 15.207.173.106 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-207-173-106.ap-south-1.compute.amazonaws.com

1to1help.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 99.86.247.152 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-247-152.vie50.r.cloudfront.net

d1lvcjuoszleku.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.247.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-247-13.vie50.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80e::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:11a::217:9a4a (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:4e:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:2800:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.84.22.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

f.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	cloudfront.net d1lvcjuoszleku.cloudfront.net d3e54v103j8qbb.cloudfront.net	443 KB
17	1to1help.net 1 redirects 1to1help.net	207 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1536 f.clarity.ms — Cisco Umbrella Rank: 11605 c.clarity.ms — Cisco Umbrella Rank: 2283	21 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 103 region1.google-analytics.com — Cisco Umbrella Rank: 2124	40 KB
6	google.com www.google.com — Cisco Umbrella Rank: 16	25 KB
5	gstatic.com www.gstatic.com	536 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	233 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	195 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	201 KB
2	google.de www.google.de — Cisco Umbrella Rank: 3658	564 B
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 840 px4.ads.linkedin.com — Cisco Umbrella Rank: 7528	1 KB
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1787	376 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 179	464 B
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1579	5 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 444	557 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 981	393 B
1	t.co t.co — Cisco Umbrella Rank: 633	377 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1013	15 KB
94	18

	Domain	Requested by
27	d1lvcjuoszleku.cloudfront.net	1to1help.net d1lvcjuoszleku.cloudfront.net
17	1to1help.net	1 redirects 1to1help.net
6	www.google.com	1to1help.net www.gstatic.com www.google.com
5	www.gstatic.com	www.google.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.facebook.com	1to1help.net
3	f.clarity.ms	www.clarity.ms
3	connect.facebook.net	1to1help.net connect.facebook.net
3	www.googletagmanager.com	1to1help.net www.googletagmanager.com
2	c.clarity.ms	1 redirects
2	www.google.de	1to1help.net
2	cdn.linkedin.oribi.io	snap.licdn.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.clarity.ms	1to1help.net www.clarity.ms
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
1	c.bing.com	1 redirects
1	px4.ads.linkedin.com	1to1help.net
1	px.ads.linkedin.com	1 redirects
1	analytics.twitter.com	1to1help.net
1	t.co	1to1help.net
1	static.ads-twitter.com	1to1help.net
1	d3e54v103j8qbb.cloudfront.net	1to1help.net
94	23

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
www.linkedin.com

Subject Issuer	Validity	Valid
1to1help.net Amazon	`2022-12-29` - `2024-01-27`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-12` - `2023-01-10`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://1to1help.net/
Frame ID: F7225352A02C1556A67FDD767BBF6301
Requests: 87 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LftwV0UAAAAAK8iVr_uk55PPJOaD1DZOXPonE_Y&co=aHR0cHM6Ly8xdG8xaGVscC5uZXQ6NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=ptnal3dxwk4m
Frame ID: CB4E6356FE2FFBEC9645783B3433CF38
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LftwV0UAAAAAK8iVr_uk55PPJOaD1DZOXPonE_Y
Frame ID: A412B567E5809BF326977DA50B91C608
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

1to1help - Employee Assistance Program India

Page URL History Show full URLs

http://1to1help.net/ HTTP 301
https://1to1help.net/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

94
Requests

94 %
HTTPS

58 %
IPv6

18
Domains

23
Subdomains

22
IPs

6
Countries

1693 kB
Transfer

4019 kB
Size

22
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/1to1help/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/1to1help

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/1to1help-net-pvt--ltd-/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://1to1help.net/ HTTP 301
https://1to1help.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3746274&time=1672745410945&url=https%3A%2F%2F1to1help.net%2F HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3746274&time=1672745410945&url=https%3A%2F%2F1to1help.net%2F&e_ipv6=AQKeQVW6IyvO_AAAAYV3ZWHxmdqVf4p5YWO2kozAhJwXLsO5lJrTdQ2mWgnK1Y1BibpVEIOLQUorEjXo5GDbQotC7ziMfQ

Request Chain 79

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=8814AB2722D547B38A66538D7B16B647&RedC=c.clarity.ms&MXFR=24A103844093679530EF110A449369BA HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=8814AB2722D547B38A66538D7B16B647&MUID=3FB70FC87CE769F9097C1D467D6C6839

94 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

Primary Request / Show response
1to1help.net/
Redirect Chain

http://1to1help.net/
https://1to1help.net/

73 KB
18 KB

455ms
174ms

Document
text/html

15.207.173.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://1to1help.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.207.173.106 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-207-173-106.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

f0032d4e99ab2acc8d62c2625028393cd7ed4dda7996600716f755d6788521d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 03 Jan 2023 11:30:10 GMT
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 134
Content-Type: text/html
Date: Tue, 03 Jan 2023 11:30:09 GMT
Location: https://1to1help.net:443/
Server: awselb/2.0

GET
H/1.1 200
OK normalize.min.css
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/CSS/ 2 KB
1 KB 153ms
51ms Stylesheet
text/css 99.86.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/CSS/normalize.min.css
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-152.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 360c353c3f69f009e7c0164f255782e277b1fe7ed11fc8a4fce18b9dc89d542d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: xJY.Rm5Fg9Ps91usiiNiCJFz3gk8Cya2
Content-Encoding: br
Via: 1.1 9c157874a076ffdde5f5a44c4371f3a0.cloudfront.net (CloudFront)
Date: Tue, 03 Jan 2023 03:30:37 GMT
X-Amz-Cf-Pop: VIE50-C1
Age: 28773
Transfer-Encoding: chunked
x-amz-meta-sha256: 360c353c3f69f009e7c0164f255782e277b1fe7ed11fc8a4fce18b9dc89d542d
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 29 Jul 2022 04:52:25 GMT
Server: AmazonS3
ETag: W/"9d8787d45a379f9e1182f6a3ffbf0877"
Vary: Accept-Encoding
Content-Type: text/css
X-Amz-Cf-Id: g7mQMsAlZjX__1BQfUOuiVSG7dUOmiUSDKc2UVjEzZhOrFxSJy-NTQ==
x-amz-meta-s3b-last-modified: 20220711T105026Z

GET
H/1.1 200
OK slick.min.css
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/CSS/ 1 KB
1 KB 221ms
119ms Stylesheet
text/css 99.86.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/CSS/slick.min.css
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-152.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: caf46c90f4c85259ea326f121c4ae6d20e113f9efeb9756dabe4f8b374d087d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:32:47 GMT
x-amz-version-id: 0Kvw06ISIM9tSyK3z8pc3NaiTnLidjW6
Content-Encoding: gzip
Via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 82644
Transfer-Encoding: chunked
x-amz-meta-sha256: caf46c90f4c85259ea326f121c4ae6d20e113f9efeb9756dabe4f8b374d087d1
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 29 Jul 2022 04:52:25 GMT
Server: AmazonS3
ETag: W/"9f3143fc1a72e4315ce2e5c0c4d13334"
Vary: Accept-Encoding
Content-Type: text/css
X-Amz-Cf-Id: UZTx5t6RNyyO8KjFg_5sS1LNb7UwXEQH_w7wrr54p_RwGd6DINqN9g==
x-amz-meta-s3b-last-modified: 20220711T105108Z

GET
H/1.1 200
OK slick-theme.min.css
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/CSS/ 2 KB
1 KB 151ms
49ms Stylesheet
text/css 99.86.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/CSS/slick-theme.min.css
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-152.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c4812332aab3bd15033fe99f69a60b480a0dab28a0a506ee4dd825174064793f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 03 Jan 2023 03:30:38 GMT
x-amz-version-id: Qn1lMbF19iLZw39v1LqwVXutA2XSu3zt
Content-Encoding: br
Via: 1.1 9a736972b021a4b2382c29923f73ce8a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 28772
Transfer-Encoding: chunked
x-amz-meta-sha256: c4812332aab3bd15033fe99f69a60b480a0dab28a0a506ee4dd825174064793f
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 29 Jul 2022 04:52:25 GMT
Server: AmazonS3
ETag: W/"31f115f7cfef719e0e1095d380bb01be"
Vary: Accept-Encoding
Content-Type: text/css
X-Amz-Cf-Id: E9sbAEK2u3cIXp-zc9GqSV2wAbHeG7S9ZNFAQqAESXwN2RxgB85aGQ==
x-amz-meta-s3b-last-modified: 20220711T105144Z

GET
H/1.1 200
OK webflow.min.css
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/CSS/ 27 KB
8 KB 155ms
51ms Stylesheet
text/css 99.86.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/CSS/webflow.min.css
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-152.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2debfee313fdef21c0cf332b192e896330e3553b5b667a740b0a5852b74c6fbf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:32:47 GMT
x-amz-version-id: T3APBMr7Xr45L.1HEl_BYB3dRggd4gej
Content-Encoding: gzip
Via: 1.1 2a3d03f915cb6d29f35b8f9edd3b1956.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 82644
Transfer-Encoding: chunked
x-amz-meta-sha256: 2debfee313fdef21c0cf332b192e896330e3553b5b667a740b0a5852b74c6fbf
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 29 Jul 2022 04:52:25 GMT
Server: AmazonS3
ETag: W/"dd763e22d14eee64397184827e6938df"
Vary: Accept-Encoding
Content-Type: text/css
X-Amz-Cf-Id: MvJy02cauxgTONvgvLxiqjsP5CEWkt25e6VmNvGCQuI5RvKRaIMejg==
x-amz-meta-s3b-last-modified: 20220711T105215Z

GET
H/1.1 200
OK 1to1help-net.webflow.min.css
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/CSS/ 92 KB
15 KB 156ms
52ms Stylesheet
text/css 99.86.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/CSS/1to1help-net.webflow.min.css
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-152.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05bcd6ed7e7719a29452d3c3ebdf20a9a4fc7a8b30ba22e862a5346482ea18b6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:32:47 GMT
x-amz-version-id: Fjw2v8_.WBChKUpFwEielQkK8XWrbkdl
Content-Encoding: gzip
Via: 1.1 f1944380c787841c28b16df91c1ec34e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 82644
Transfer-Encoding: chunked
x-amz-meta-sha256: 05bcd6ed7e7719a29452d3c3ebdf20a9a4fc7a8b30ba22e862a5346482ea18b6
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 29 Jul 2022 04:52:25 GMT
Server: AmazonS3
ETag: W/"9f0981093f54d8f3726f13b719570b57"
Vary: Accept-Encoding
Content-Type: text/css
X-Amz-Cf-Id: 2cal61g-Xg5AaZJ7wn2muz_XDoiBi0ahELJWilvgg9fThhGNTXYnJA==
x-amz-meta-s3b-last-modified: 20220711T104711Z

GET
H/1.1 200 icon-phone-white.svg
1to1help.net/assets/theme/Files/images/ 301 B
804 B 144ms
140ms Image
image/svg+xml 15.207.173.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1to1help.net/assets/theme/Files/images/icon-phone-white.svg

Requested by

Host: 1to1help.net
URL: https://1to1help.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.207.173.106 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-207-173-106.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

f52105a8f9b74001a5c06311a38ba2cdd9afaf7eb5f18dc7079f52cd1a737e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1to1help.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 11:30:10 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Dec 2022 08:15:48 GMT
Server: Apache
ETag: W/"301-1671696948968"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 301
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 icon-mail-white.svg
1to1help.net/assets/theme/Files/images/ 365 B
868 B 418ms
140ms Image
image/svg+xml 15.207.173.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1to1help.net/assets/theme/Files/images/icon-mail-white.svg

Requested by

Host: 1to1help.net
URL: https://1to1help.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.207.173.106 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-207-173-106.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

dfa131ff78fdcff4140eaeffa6380fec9fa1ada21e1562e77a2ed2e1fcbca51b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1to1help.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 11:30:10 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Dec 2022 08:15:49 GMT
Server: Apache
ETag: W/"365-1671696949256"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 365
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 1to1help.png
1to1help.net/assets/theme/Files/images/ 41 KB
42 KB 424ms
143ms Image
image/png 15.207.173.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1to1help.net/assets/theme/Files/images/1to1help.png

Requested by

Host: 1to1help.net
URL: https://1to1help.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.207.173.106 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-207-173-106.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

633a591d426c57470c5b8fff073cfeb3318f7942ff030658a08c6a61da1ec4c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1to1help.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 11:30:10 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Dec 2022 08:15:49 GMT
Server: Apache
ETag: W/"42123-1671696949692"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42123
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 icon-dropdown-arrow-dark.svg
1to1help.net/assets/theme/Files/images/ 165 B
668 B 428ms
145ms Image
image/svg+xml 15.207.173.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1to1help.net/assets/theme/Files/images/icon-dropdown-arrow-dark.svg

Requested by

Host: 1to1help.net
URL: https://1to1help.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.207.173.106 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-207-173-106.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

a6070a58ecab8f235341a91457361a49be572f54a07a03114ea5f003d745471d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1to1help.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 11:30:10 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Dec 2022 08:15:49 GMT
Server: Apache
ETag: W/"165-1671696949436"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 165
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 152533.png
1to1help.net/assets/theme/Files/images/ 7 KB
7 KB 430ms
146ms Image
image/png 15.207.173.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1to1help.net/assets/theme/Files/images/152533.png

Requested by

Host: 1to1help.net
URL: https://1to1help.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.207.173.106 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-207-173-106.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

a35e13c7fd95820be5f5d63f8382385d1372cd1609c445ed509b804a24cf8630

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1to1help.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 11:30:10 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Dec 2022 08:15:48 GMT
Server: Apache
ETag: W/"7012-1671696948980"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7012
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 icon-menu-dark.svg
1to1help.net/assets/theme/Files/images/ 440 B
943 B 431ms
145ms Image
image/svg+xml 15.207.173.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1to1help.net/assets/theme/Files/images/icon-menu-dark.svg

Requested by

Host: 1to1help.net
URL: https://1to1help.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.207.173.106 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-207-173-106.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

92a65b241e7884662f83c7b09572090536750d33b8f3a39647b37b0a7ef79c84

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1to1help.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 11:30:10 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Dec 2022 08:15:48 GMT
Server: Apache
ETag: W/"440-1671696948968"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 440
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 Request%20cal%20%20back.png
1to1help.net/assets/theme/Files/images/ 11 KB
11 KB 277ms
141ms Image
image/png 15.207.173.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1to1help.net/assets/theme/Files/images/Request%20cal%20%20back.png

Requested by

Host: 1to1help.net
URL: https://1to1help.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.207.173.106 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-207-173-106.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

f7f4441e097d2af52e34559f7771b003beb85a50b0c40a59a52a0a52444108a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1to1help.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 11:30:10 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Dec 2022 08:15:49 GMT
Server: Apache
ETag: W/"11258-1671696949532"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11258
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK favorite.png
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/ 13 KB
14 KB 51ms
49ms Image
image/png 99.86.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/favorite.png
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-152.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fd24e124bba91c0917c2d5527ffeb9155a37dae7ea056067a36b27f13c63d923

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:32:47 GMT
x-amz-version-id: nLmJ1hCQ.zfjcpO9U_UBrtUNW7QtuxOL
Via: 1.1 2a3d03f915cb6d29f35b8f9edd3b1956.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 82644
x-amz-meta-sha256: fd24e124bba91c0917c2d5527ffeb9155a37dae7ea056067a36b27f13c63d923
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 13373
Last-Modified: Wed, 16 Nov 2022 04:57:41 GMT
Server: AmazonS3
ETag: "ed25ae02a5193fb7b08af41ea163ee70"
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: iLOa78U-IC9doDgoVMDIplpjxAZM6tvSaCEKVvhCUreV8dogp-UeXA==
x-amz-meta-s3b-last-modified: 20220502T112221Z

GET
H/1.1 200
OK expert11.png
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/ 15 KB
15 KB 49ms
48ms Image
image/png 99.86.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/expert11.png
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-152.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 385a6e14b188c6b1c100c33290c1a56da3a351415228a90215ff874b45af7757

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:32:47 GMT
x-amz-version-id: Pipk4bG.8pmwtd47YMjXSNK.hudqRLXM
Via: 1.1 9c157874a076ffdde5f5a44c4371f3a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 82644
x-amz-meta-sha256: 385a6e14b188c6b1c100c33290c1a56da3a351415228a90215ff874b45af7757
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 15182
Last-Modified: Wed, 16 Nov 2022 04:57:41 GMT
Server: AmazonS3
ETag: "1d2397e3d5b4752f5e6686126edfb7cb"
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: 3nLUEVA4bSUiefY8HAsbr5nziYkD5P28_fPkt2jowuvaFR4UzNe9JA==
x-amz-meta-s3b-last-modified: 20220508T151055Z

GET
H/1.1 200
OK share.png
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/ 16 KB
17 KB 50ms
50ms Image
image/png 99.86.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/share.png
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-152.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 76cadfe89bce6c7e3406efe5994169d7766029de054a22e1f072499f1c77ddb9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:32:47 GMT
x-amz-version-id: pCWzg4e5fsHI6asMI4MsPvTpF3nK1PV4
Via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 82644
x-amz-meta-sha256: 76cadfe89bce6c7e3406efe5994169d7766029de054a22e1f072499f1c77ddb9
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 16346
Last-Modified: Wed, 16 Nov 2022 04:58:14 GMT
Server: AmazonS3
ETag: "1fe219049945d7b80f9e44789e6ae422"
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: Uhy7DhvNPBcnOeceCfWaBekofV_dSTfwP0cza6CQkCzW0gDgg1DunQ==
x-amz-meta-s3b-last-modified: 20220502T112221Z

GET
H/1.1 200
OK classified.png
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/ 8 KB
8 KB 50ms
50ms Image
image/png 99.86.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/classified.png
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-152.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5f6c184eda3a9a7aa7fa449892995dab607ab877d543743710e88a608879995

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:32:48 GMT
x-amz-version-id: SfWJd1SKnBzPU2lscewCfN3wbaiaUjo1
Via: 1.1 9a736972b021a4b2382c29923f73ce8a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 82643
x-amz-meta-sha256: d5f6c184eda3a9a7aa7fa449892995dab607ab877d543743710e88a608879995
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 7757
Last-Modified: Wed, 16 Nov 2022 04:57:34 GMT
Server: AmazonS3
ETag: "e89f495e556b80f8a340a49d62dc041b"
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: F_3-Qi5w2Q9V-Ze3BaWCItBav_fwjLMyeZsjWshHNmdAVu5YM2KEjA==
x-amz-meta-s3b-last-modified: 20220502T112221Z

GET
H/1.1 200
OK WhatwedoOpt2-p-500.jpeg
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/ 66 KB
67 KB 49ms
49ms Image
image/jpeg 99.86.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/WhatwedoOpt2-p-500.jpeg
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-152.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f2c12b3e3ea954158bb1eb4feeff71866ec56167c43c61d9ecaf5e2ff6ff67e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 03 Jan 2023 04:21:01 GMT
x-amz-version-id: lE9W_UzSwIRLG_D2l8ow5q2YNmkY9EDu
Via: 1.1 9a736972b021a4b2382c29923f73ce8a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 25750
x-amz-meta-sha256: 9f2c12b3e3ea954158bb1eb4feeff71866ec56167c43c61d9ecaf5e2ff6ff67e
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 67630
Last-Modified: Wed, 16 Nov 2022 04:57:03 GMT
Server: AmazonS3
ETag: "46e1a10ed980afec3a6f60ec0cc2ef17"
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: EE601H0O4bwKM0BZQ12CarWlutWZs7Xia8xTNjYZYvnULUK_TW9zlg==
x-amz-meta-s3b-last-modified: 20220502T112221Z

GET
H/1.1 200
OK eap500x.png
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/ 9 KB
9 KB 52ms
52ms Image
image/png 99.86.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/eap500x.png
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-152.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 959eab668853bba0f966da03e44c46749ea4e52949a1cef1936bdf0b4a64f2bf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:32:48 GMT
x-amz-version-id: w49LHulI1hSSTaGlxydvq33v5_yWgYTD
Via: 1.1 f1944380c787841c28b16df91c1ec34e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 82643
x-amz-meta-sha256: 959eab668853bba0f966da03e44c46749ea4e52949a1cef1936bdf0b4a64f2bf
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 8753
Last-Modified: Wed, 16 Nov 2022 04:57:40 GMT
Server: AmazonS3
ETag: "b1d37a054725f60f5a1916ff23d272d2"
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: SsFcFvcy416ZSAswoqUBp_NgGsvQT8sWjKs4IkbYe9eE_Yqg7wZe7g==
x-amz-meta-s3b-last-modified: 20220502T112221Z

GET
H/1.1 200
OK icon-quote.svg
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/ 392 B
1 KB 64ms
64ms Image
image/svg+xml 99.86.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/icon-quote.svg
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-152.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2887eb3575b4b0083639042fe4561bdfe50fba78e8690d299ad8d4a7d1af7b8f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:32:50 GMT
x-amz-version-id: 1HfPZHKiQSs0ZYcl2_Zy3vEISaRGGO53
Via: 1.1 9c157874a076ffdde5f5a44c4371f3a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 82641
x-amz-meta-sha256: 2887eb3575b4b0083639042fe4561bdfe50fba78e8690d299ad8d4a7d1af7b8f
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 392
Last-Modified: Wed, 16 Nov 2022 04:57:53 GMT
Server: AmazonS3
ETag: "ec470cb5c6159cc7310cd6a8d498c469"
Content-Type: image/svg+xml
Accept-Ranges: bytes
X-Amz-Cf-Id: pMUBwVW1J-gJJZhnW5kdW5ZbJq62OdbzbWX8dTD6K8uuC3WyyN_LEA==
x-amz-meta-s3b-last-modified: 20220502T112221Z

GET
H/1.1 200
OK 1.jpg
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/ 11 KB
11 KB 89ms
89ms Image
image/jpeg 99.86.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/1.jpg
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-152.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc7578a6a7c544435424749ca840a09c9ffac9bf4c3b701a2c150fa00006db52

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:32:50 GMT
x-amz-version-id: m7S4XxpL2JAvq7T04mcxzH0NPdRGBjTA
Via: 1.1 2a3d03f915cb6d29f35b8f9edd3b1956.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 82641
x-amz-meta-sha256: dc7578a6a7c544435424749ca840a09c9ffac9bf4c3b701a2c150fa00006db52
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 10839
Last-Modified: Wed, 16 Nov 2022 04:57:07 GMT
Server: AmazonS3
ETag: "85c0f61948da6cf4c95dd81c4d268a7a"
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: PnqC0BfmubzLAA9KjkSr8T5x8MtrQvxiuuddzPHeE0PKU9qh3OI7ew==
x-amz-meta-s3b-last-modified: 20220502T112221Z

GET
H/1.1 200
OK 0.jpg
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/ 9 KB
10 KB 51ms
50ms Image
image/jpeg 99.86.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/0.jpg
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-152.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df7c3f69a95c817073caf9946cacf2e00bf0baceac2c96c4017cb16a57b53e35

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:32:51 GMT
x-amz-version-id: fN15403_tDRNWZa7k3F9uw0GQUH5bQki
Via: 1.1 9a736972b021a4b2382c29923f73ce8a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 82640
x-amz-meta-sha256: df7c3f69a95c817073caf9946cacf2e00bf0baceac2c96c4017cb16a57b53e35
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 9565
Last-Modified: Wed, 16 Nov 2022 04:57:07 GMT
Server: AmazonS3
ETag: "0af78192ed15e22d6af943d3326c4f29"
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: bHgeumAJe_gBD_t7edbUmI__Al24SRs1bbhV8RzdV9yo6ggyj1nTyg==
x-amz-meta-s3b-last-modified: 20220502T112221Z

GET
H/1.1 200
OK square-08-p-500.jpeg
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/ 9 KB
10 KB 48ms
48ms Image
image/jpeg 99.86.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/square-08-p-500.jpeg
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-152.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 75e983127de425538aced9d4114271241d4a96c4c56baad4b91bf63073994d38

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 03 Jan 2023 02:53:03 GMT
x-amz-version-id: k3Fl0tBPMC4btyP59oydGHDu5bWYKVJ1
Via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 31028
x-amz-meta-sha256: 75e983127de425538aced9d4114271241d4a96c4c56baad4b91bf63073994d38
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 9149
Last-Modified: Wed, 16 Nov 2022 04:58:16 GMT
Server: AmazonS3
ETag: "eb86ae795038ab12831958a280df89dd"
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: xYMdViTMJnMe-j7rK1rRhLqLa6JMcU9eYTQC-YPcJOhYxYU-rwoCYg==
x-amz-meta-s3b-last-modified: 20220502T112221Z

GET
H/1.1 200
OK icon-vdieo-play-white.svg
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/ 179 B
830 B 57ms
51ms Image
image/svg+xml 99.86.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/icon-vdieo-play-white.svg
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-152.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 973595bf78d5ddabe1d478e13b9cbe6b69f9b77e5f3b06dbadba560156785594

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:32:52 GMT
x-amz-version-id: IDKN_BSdHZDvMIVF7oTSL1mDsc2e_4PS
Via: 1.1 f1944380c787841c28b16df91c1ec34e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 82639
x-amz-meta-sha256: 973595bf78d5ddabe1d478e13b9cbe6b69f9b77e5f3b06dbadba560156785594
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 179
Last-Modified: Wed, 16 Nov 2022 04:57:55 GMT
Server: AmazonS3
ETag: "ab68cd31ce7b055b282dd639623029f7"
Content-Type: image/svg+xml
Accept-Ranges: bytes
X-Amz-Cf-Id: kc6na9ElCsVLlPwa0frK0dpS2giC6QMoGr3y4xaw65rMz4cxsc6sYg==
x-amz-meta-s3b-last-modified: 20220502T112221Z

GET
H/1.1 200 instagram.svg
1to1help.net/assets/theme/Files/images/ 3 KB
3 KB 146ms
146ms Image
image/svg+xml 15.207.173.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1to1help.net/assets/theme/Files/images/instagram.svg

Requested by

Host: 1to1help.net
URL: https://1to1help.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.207.173.106 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-207-173-106.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

a28f88998ce9c6cefd8cb3d113fc4a51c7b349d0ffc13af8b552438f494c7c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1to1help.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 11:30:10 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Dec 2022 08:15:49 GMT
Server: Apache
ETag: W/"2834-1671696949052"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2834
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 facebook.png
1to1help.net/assets/theme/Files/images/ 625 B
1 KB 155ms
138ms Image
image/png 15.207.173.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1to1help.net/assets/theme/Files/images/facebook.png

Requested by

Host: 1to1help.net
URL: https://1to1help.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.207.173.106 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-207-173-106.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

16731300be9165a92a27ed82733f718154d58c9b28d523158fc358729b848b48

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1to1help.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 11:30:10 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Dec 2022 08:15:49 GMT
Server: Apache
ETag: W/"625-1671696949044"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 625
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 linkedin.svg
1to1help.net/assets/theme/Files/images/ 832 B
1 KB 145ms
142ms Image
image/svg+xml 15.207.173.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1to1help.net/assets/theme/Files/images/linkedin.svg

Requested by

Host: 1to1help.net
URL: https://1to1help.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.207.173.106 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-207-173-106.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

1d1f44d56481fbfb2f69d147b40a947f2c161ba85b4ef2ba90c44fbe93273f55

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1to1help.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 11:30:10 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Dec 2022 08:15:49 GMT
Server: Apache
ETag: W/"832-1671696949256"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 832
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK loading.gif
d1lvcjuoszleku.cloudfront.net/site/ 3 KB
4 KB 75ms
47ms Image
image/gif 99.86.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1lvcjuoszleku.cloudfront.net/site/loading.gif
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-152.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4cebd123558043b16dc10546de3658beb05070a9edadba5f3c2cca167c7d7fb3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:32:52 GMT
x-amz-version-id: Ali3OSYOoroshyLQERatACC6tff1IP4h
Via: 1.1 9c157874a076ffdde5f5a44c4371f3a0.cloudfront.net (CloudFront)
Last-Modified: Wed, 19 Jan 2022 06:00:58 GMT
Server: AmazonS3
X-Amz-Cf-Pop: VIE50-C1
Age: 82639
ETag: "5a478830ffb19b47d319e78f0d5f9260"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3281
X-Amz-Cf-Id: 5LkMwJouWvk5cNp2nT-bdulB2gPaBrW55uT_MIqfiYC3Gswe0iUteA==

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
30 KB 126ms
40ms Script
application/javascript 99.86.247.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=62297edebcc6831c8cc00cad
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-13.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
Origin: https://1to1help.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 22:15:46 GMT
content-encoding: br
via: 1.1 aa98922692c099827cdae6a16b894744.cloudfront.net (CloudFront)
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
age: 47668
x-amz-cf-pop: VIE50-C1
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
x-amz-cf-id: safFzBS6iMNFUvtW3gn0ba_Pb2Viq3GlpCa1eHZKWjky4icOh2BiaQ==

GET
H/1.1 200
OK loader.svg
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/ 1 KB
1 KB 58ms
52ms Image
image/svg+xml 99.86.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/loader.svg
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-152.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 432106e9a049008087ae848c29fa60fd871653ee04e0abf0f0d73327086b537a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:32:52 GMT
x-amz-version-id: 9FZ8QyXuLZRHGLjV5rI2hNK_yW55FFJS
Content-Encoding: gzip
Via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 82639
Transfer-Encoding: chunked
x-amz-meta-sha256: 432106e9a049008087ae848c29fa60fd871653ee04e0abf0f0d73327086b537a
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 04:58:04 GMT
Server: AmazonS3
ETag: W/"658785cc680d68529c3e16fc10e4b5c6"
Vary: Accept-Encoding
Content-Type: image/svg+xml
X-Amz-Cf-Id: 5KzNXKl3Z0jbc5kwTf3KZ_shMahMmO0423Axb0Thxf0NJGswmYdDvw==
x-amz-meta-s3b-last-modified: 20220502T112221Z

GET
H/1.1 200
OK webflow.min.js Show response
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/js/ 376 KB
75 KB 72ms
72ms Script
application/javascript 99.86.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/js/webflow.min.js
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-152.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e36bd3d77b10e66971bc04bf0213ca1ee5c9150182d1acdca01fb8ed89d387f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:32:48 GMT
x-amz-version-id: qt2vsTRs2aDfVM.iUoKvUmkaR1eTHu7Z
Content-Encoding: gzip
Via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 82643
Transfer-Encoding: chunked
x-amz-meta-sha256: 3e36bd3d77b10e66971bc04bf0213ca1ee5c9150182d1acdca01fb8ed89d387f
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 29 Jul 2022 04:52:55 GMT
Server: AmazonS3
ETag: W/"a1406f34262c3eb5e4eccca7bcec8908"
Vary: Accept-Encoding
Content-Type: application/javascript
X-Amz-Cf-Id: 8z718XXzIgYgBnTfyvthWud-6eo6zLCLgOsy5LSrzqxBB6wyMApr4w==
x-amz-meta-s3b-last-modified: 20220715T062025Z

GET
H/1.1 200
OK slick.min.js Show response
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/js/ 42 KB
11 KB 68ms
68ms Script
application/javascript 99.86.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/js/slick.min.js
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-152.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b99266c6a120cbdc30a9e8728048a7e6226fa8a46e1d2850411f97986b34fb6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:32:48 GMT
x-amz-version-id: uv1S9zrnNuZdF3gaRo5iQAB.inojvUrN
Content-Encoding: gzip
Via: 1.1 f1944380c787841c28b16df91c1ec34e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 82643
Transfer-Encoding: chunked
x-amz-meta-sha256: b99266c6a120cbdc30a9e8728048a7e6226fa8a46e1d2850411f97986b34fb6c
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 29 Jul 2022 04:52:55 GMT
Server: AmazonS3
ETag: W/"59440d9643b779c5cb348632a3d9e132"
Vary: Accept-Encoding
Content-Type: application/javascript
X-Amz-Cf-Id: 5ijldvJcIsrCiN2DOxCTdaKFtR5THqiZCbtd6LjRHZ7ntzNmpU4XTg==
x-amz-meta-s3b-last-modified: 20220715T062833Z

GET PlusJakartaText-Bold.otf
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/fonts/ 0
0

GET PlusJakartaText-Regular.otf
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/fonts/ 0
0

GET Sporting_Grotesque-Bold_web.woff
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/fonts/ 0
0

GET Sporting_Grotesque-Regular_web.woff
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/fonts/ 0
0

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845

Request headers

Referer
Origin: https://1to1help.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H/1.1 200
OK icon-chevron-right-dark.svg
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/ 235 B
886 B 50ms
49ms Image
image/svg+xml 99.86.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/icon-chevron-right-dark.svg
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-152.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: baab1512135afe5b615f3c98a677bca92ed3d338ea73fe5350999a97e5e286a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:32:49 GMT
x-amz-version-id: uIDI9wrwaX_orqa8jfkBNRxUut666g3q
Via: 1.1 9a736972b021a4b2382c29923f73ce8a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 82642
x-amz-meta-sha256: baab1512135afe5b615f3c98a677bca92ed3d338ea73fe5350999a97e5e286a6
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 235
Last-Modified: Wed, 16 Nov 2022 04:57:50 GMT
Server: AmazonS3
ETag: "531744cacfe2235aea8a3351a2aa2ede"
Content-Type: image/svg+xml
Accept-Ranges: bytes
X-Amz-Cf-Id: pjYMQHEvv-9jGEmarSLQIB50gQYhv3TAAOH17FegJ0aYGvEldzHCOg==
x-amz-meta-s3b-last-modified: 20220502T112221Z

GET
H/1.1 200
OK Asset-7500x.png
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/ 11 KB
12 KB 66ms
49ms Image
image/png 99.86.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/Asset-7500x.png
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-152.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3242bd39eaef5f3cd2dc878afeeb0e33ab8a1d226198336e5f739484637c5b86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:32:49 GMT
x-amz-version-id: ctvUwka91sf7AZBjiFd3WAyPuufb5mqB
Via: 1.1 f1944380c787841c28b16df91c1ec34e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 82642
x-amz-meta-sha256: 3242bd39eaef5f3cd2dc878afeeb0e33ab8a1d226198336e5f739484637c5b86
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 11186
Last-Modified: Wed, 16 Nov 2022 04:57:30 GMT
Server: AmazonS3
ETag: "9ef7c29f71c984b240584440d5e591a5"
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: 9TYSYNSbdx2u2NWoZ9S5bV6kRJgPS4LvLIXh6nDCYlcxfX15gt8nHg==
x-amz-meta-s3b-last-modified: 20220502T112221Z

GET
H/1.1 200
OK stu500x.png
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/ 9 KB
9 KB 66ms
59ms Image
image/png 99.86.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/stu500x.png
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-152.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 65970976298096a9b46091c3d4e23babcb0ff7bfcd82c83c75c291047787ea2f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:32:50 GMT
x-amz-version-id: ijdw3aLvt347Hm_3jkVIwUhkl8OL6Eha
Via: 1.1 315b8dfb52e5c49bd834510b0301e938.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 82641
x-amz-meta-sha256: 65970976298096a9b46091c3d4e23babcb0ff7bfcd82c83c75c291047787ea2f
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 8977
Last-Modified: Wed, 16 Nov 2022 04:58:17 GMT
Server: AmazonS3
ETag: "a51c5adb68950eb7833d924d853a5edc"
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: FSXOmjEkX0OwAGV4WBZm7ioo0bi6SqWePSafNnjfKGY746Ue0e2Bew==
x-amz-meta-s3b-last-modified: 20220502T112221Z

GET
H/1.1 200
OK icon-settings.svg
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/ 1 KB
1 KB 93ms
92ms Image
image/svg+xml 99.86.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/icon-settings.svg
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-152.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05279458a2982cc28935da2ca01c3d19c98f480570653f571d97aea408f615a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: I75Nhtc7XhbZ089diAOZw84CuXDExHjf
Content-Encoding: br
Via: 1.1 2a3d03f915cb6d29f35b8f9edd3b1956.cloudfront.net (CloudFront)
Date: Tue, 03 Jan 2023 05:26:13 GMT
X-Amz-Cf-Pop: VIE50-C1
Age: 21838
Transfer-Encoding: chunked
x-amz-meta-sha256: 05279458a2982cc28935da2ca01c3d19c98f480570653f571d97aea408f615a8
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 04:57:54 GMT
Server: AmazonS3
ETag: W/"d53f6988879a9a6d205f52ab729746b1"
Vary: Accept-Encoding
Content-Type: image/svg+xml
X-Amz-Cf-Id: Cha8l1sHd9koC2IYJYRRgWGd0f5rXxxE6Z-q9hqA4R4gT4VMFaj-bQ==
x-amz-meta-s3b-last-modified: 20220502T112221Z

GET
H/1.1 200
OK AdobeStock_268031604-mi-p-800.png
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/ 44 KB
45 KB 49ms
48ms Image
image/png 99.86.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/AdobeStock_268031604-mi-p-800.png
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-152.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b472a32859562a67a63b6659e29079e8c764ca913764458e40b0a7273b63078

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: XiluqQsoscBViFz.a5llN5iXFW0THq8N
Date: Tue, 03 Jan 2023 05:26:13 GMT
Via: 1.1 9c157874a076ffdde5f5a44c4371f3a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 21838
x-amz-meta-sha256: 7b472a32859562a67a63b6659e29079e8c764ca913764458e40b0a7273b63078
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 45193
Last-Modified: Wed, 16 Nov 2022 04:57:27 GMT
Server: AmazonS3
ETag: "f73fccda4a9dba5c47ba3e4540a3180d"
Vary: Accept-Encoding
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: U7qLQcHJiYLBAId62RcimL3JId5p6AV8I3S-LSpK_Wo_L-BRkrGuHw==
x-amz-meta-s3b-last-modified: 20220715T090035Z

GET
H/1.1 200
OK hqdefault.jpg
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/ 11 KB
12 KB 49ms
48ms Image
image/jpeg 99.86.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/hqdefault.jpg
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-152.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee47889fad03764889de5cd60dfe6e590bd318d9883e01145e316be81d54455e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 12:32:51 GMT
x-amz-version-id: uX1M6wl3EQRtJevLO3AxgENEv0g.WjrJ
Via: 1.1 9a736972b021a4b2382c29923f73ce8a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 82640
x-amz-meta-sha256: ee47889fad03764889de5cd60dfe6e590bd318d9883e01145e316be81d54455e
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 11552
Last-Modified: Wed, 16 Nov 2022 04:57:48 GMT
Server: AmazonS3
ETag: "9a99cf1c83fed848ae2199f1a331a0eb"
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: WFxv3iaFYqKd1U-KK5F7fuvWdv4dCAzae2SKvnUtAgsFr9oXOpsV3A==
x-amz-meta-s3b-last-modified: 20220502T112221Z

GET
H/1.1 200 1280px-Morneau_Shepell.svg-p-500.png
1to1help.net/assets/theme/Files/images/ 18 KB
18 KB 146ms
143ms Image
image/png 15.207.173.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1to1help.net/assets/theme/Files/images/1280px-Morneau_Shepell.svg-p-500.png

Requested by

Host: 1to1help.net
URL: https://1to1help.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.207.173.106 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-207-173-106.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

74896a03e9712da86a9a4d56cc49cd6345fc1e42fce83ccb446434669acf54f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1to1help.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 11:30:10 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Dec 2022 08:15:48 GMT
Server: Apache
ETag: W/"18162-1671696948976"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18162
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 tuv.png
1to1help.net/assets/theme/Files/images/ 27 KB
27 KB 143ms
141ms Image
image/png 15.207.173.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1to1help.net/assets/theme/Files/images/tuv.png

Requested by

Host: 1to1help.net
URL: https://1to1help.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.207.173.106 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-207-173-106.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

68dd84d37662788d6526dc1861531a1cf286c68674930f320fec06291aa44196

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1to1help.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 11:30:10 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Dec 2022 08:15:49 GMT
Server: Apache
ETag: W/"27180-1671696949684"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27180
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 PositiveSSL_tl_trans.png
1to1help.net/assets/theme/Files/images/ 30 KB
31 KB 283ms
280ms Image
image/png 15.207.173.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1to1help.net/assets/theme/Files/images/PositiveSSL_tl_trans.png

Requested by

Host: 1to1help.net
URL: https://1to1help.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.207.173.106 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-207-173-106.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

b9b27c6e38b25c6c9014fac2ba276e75be38abb1869b993bd6ec2d8895affe05

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1to1help.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 11:30:10 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Dec 2022 08:15:49 GMT
Server: Apache
ETag: W/"31036-1671696949460"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31036
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 WEC_icon.png
1to1help.net/assets/theme/Files/images/ 6 KB
6 KB 138ms
138ms Image
image/png 15.207.173.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1to1help.net/assets/theme/Files/images/WEC_icon.png

Requested by

Host: 1to1help.net
URL: https://1to1help.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.207.173.106 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-207-173-106.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

fce72caa4cd5172851f596f031038042428bb8b79821411a59b85fc248d8f42a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1to1help.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 11:30:10 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Dec 2022 08:15:49 GMT
Server: Apache
ETag: W/"5701-1671696949124"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5701
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 pattern-1.svg
1to1help.net/assets/theme/Files/images/ 37 KB
38 KB 142ms
142ms Image
image/svg+xml 15.207.173.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1to1help.net/assets/theme/Files/images/pattern-1.svg

Requested by

Host: 1to1help.net
URL: https://1to1help.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.207.173.106 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-207-173-106.ap-south-1.compute.amazonaws.com

Software

Apache /

Resource Hash

c8a90c77a9513134ab9db70395f93f1e81ab99db8f6fc4b7426c185f4cef507e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1to1help.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Jan 2023 11:30:11 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Dec 2022 08:15:49 GMT
Server: Apache
ETag: W/"38151-1671696949052"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38151
X-XSS-Protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 235 KB
83 KB 117ms
65ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NHH6RVP

Requested by

Host: 1to1help.net
URL: https://1to1help.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8427063a2ff1ab858ea2141bd0704927f54c0b78d2debba3aabb4edccaa308ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 11:30:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84966
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 Jan 2023 11:30:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 90ms
37ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-51595447-1

Requested by

Host: 1to1help.net
URL: https://1to1help.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

439dbfc0528241788f78fbd83f8d661cd735785326ae55162f7f768dd9f875d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 11:30:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43594
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 Jan 2023 11:30:10 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
965 B 153ms
60ms Script
text/javascript 2a00:1450:400d:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: 1to1help.net
URL: https://1to1help.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dfe02a2d93a93c68f34213c0b1f9c16f59edc3a652167733cc9a06b3ed7fdecd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 11:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 552
x-xss-protection: 1; mode=block
expires: Tue, 03 Jan 2023 11:30:10 GMT

GET
H/1.1 200
OK AdobeStock_56329804-p-500.jpeg
d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/ 52 KB
52 KB 49ms
49ms Image
image/jpeg 99.86.247.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/images/AdobeStock_56329804-p-500.jpeg
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.247.152 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-247-152.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 865e1dbc74905f239e7f60d0aaea9dafb9c9efd279c850f7234a81ef1ee05dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 1IgB97Y7D3RLirqBZ4asAhjqpHDdkxvL
Date: Tue, 03 Jan 2023 05:26:40 GMT
Via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 21810
x-amz-meta-sha256: 865e1dbc74905f239e7f60d0aaea9dafb9c9efd279c850f7234a81ef1ee05dfb
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 52964
Last-Modified: Wed, 16 Nov 2022 04:57:24 GMT
Server: AmazonS3
ETag: "45c7736328695c22a6ef9c820c91bb7f"
Vary: Accept-Encoding
Content-Type: image/jpeg
Accept-Ranges: bytes
X-Amz-Cf-Id: 1ly8ld4vlu6ZbNVtoa7KhOgy8JLmQlOYRijGPAesApmAQq8iSNtIjA==
x-amz-meta-s3b-last-modified: 20220502T112221Z

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 71ms
22ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-51595447-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 03 Jan 2023 11:24:37 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 333
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 03 Jan 2023 13:24:37 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1007 B
649 B 155ms
34ms Script
application/x-javascript 2a02:26f0:11a::217:9a4a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHH6RVP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a4a Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 03977ba375b0bf22db454b0a7813a24d4a5f7e51cc74bd2b3453a6a2aa3bcb23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 11:30:10 GMT
content-encoding: gzip
last-modified: Mon, 02 Jan 2023 15:53:24 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=16011
accept-ranges: bytes
content-length: 482

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 68ms
23ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 1to1help.net
URL: https://1to1help.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 03 Jan 2023 11:30:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: s+3EY3zsqzVkKV8VAYwfbBitKHHVqVBslMfJJur5c4setHMtGT/o6C8O7WQkMGppztAn0FThbgTGbEGK9fS31A==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 177ms
35ms Script
application/javascript 199.232.16.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 11:30:10 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-vie6366-VIE

GET
H2 200 cg6a8q9yo8 Show response
www.clarity.ms/tag/ 1 KB
1 KB 238ms
108ms Script
application/x-javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/cg6a8q9yo8?ref=gtm2
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7c20786c7bfcf63044098fbb29eefad3a85e6ad4b2000b50ef16b91c4c9db0bb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: application/x-javascript
date: Tue, 03 Jan 2023 11:30:10 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0whG0YwAAAAD5i4lnSgcySq+jzFfkLrXeRlJBMzFFREdFMDMwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 44ms
44ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4GHYNKGZ71&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHH6RVP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c839753db6d14177e8d7524037250d046e9b62f76af247db9f0e00044fcd847e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 11:30:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76358
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 03 Jan 2023 11:30:10 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 75ms
30ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1921107099&t=pageview&_s=1&dl=https%3A%2F%2F1to1help.net%2F&ul=en-us&de=UTF-8&dt=1to1help%20-%20Employee%20Assistance%20Program%20India&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1572026578&gjid=1825279111&cid=2118112948.1672745411&tid=UA-51595447-1&_gid=1117331100.1672745411&_r=1&gtm=2oubu0&z=908081314

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 11:30:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1to1help.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
335 B 83ms
31ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4GHYNKGZ71&gtm=2oebu0&_p=1921107099&cid=2118112948.1672745411&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672745410&sct=1&seg=0&dl=https%3A%2F%2F1to1help.net%2F&dt=1to1help%20-%20Employee%20Assistance%20Program%20India&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4GHYNKGZ71&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 11:30:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1to1help.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ 407 KB
163 KB 78ms
23ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://1to1help.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 11:27:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Jan 2024 11:27:16 GMT

GET
H3 200 643283310114888 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 108ms
82ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/643283310114888?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7afeb927cc5e947251245f18faf8943c3fa65b53d37067a8806ab8f7d6ee1eeb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 03 Jan 2023 11:30:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: iSo5HFqTxr6lxOfTYcZZnWSYsx94T3GKTzrsJ3j4O3Z3PJn3UMmheKyRA0LMIJmnudieVA1YV15jPpNa0VfA8Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 87ms
28ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-51595447-1&cid=2118112948.1672745411&jid=1572026578&gjid=1825279111&_gid=1117331100.1672745411&_u=YEBAAUAAAAAAACAAI~&z=779355198

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 03 Jan 2023 11:30:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1to1help.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 35ms
35ms Script
application/x-javascript 2a02:26f0:11a::217:9a4a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a4a Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3e6ef4f3484f029b4d1a989163d6bb29899184f008431adb932c43ff3543368a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 638, 638
date: Tue, 03 Jan 2023 11:30:10 GMT
content-encoding: gzip
last-modified: Sun, 01 Jan 2023 17:37:42 GMT
x-cdn: AKAM
x-edgeconnect-midmile-rtt: 0, 0
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=14603
accept-ranges: bytes
content-length: 4654

GET
H2 200 adsct
t.co/i/ 43 B
377 B 183ms
125ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=389028bf-1226-44b9-a71b-0faded5d7df4&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b39642ca-3eaf-419f-9a58-caff34c44392&tw_document_href=https%3A%2F%2F1to1help.net%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8nb4&type=javascript&version=2.3.29

Requested by

Host: 1to1help.net
URL: https://1to1help.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time: 104
date: Tue, 03 Jan 2023 11:30:10 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: cba3a4b6c9164410
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 6078e591a357173b276e9aa78225589852d264bc525f553cc90575af91b8f587
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 217ms
129ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=389028bf-1226-44b9-a71b-0faded5d7df4&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b39642ca-3eaf-419f-9a58-caff34c44392&tw_document_href=https%3A%2F%2F1to1help.net%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8nb4&type=javascript&version=2.3.29

Requested by

Host: 1to1help.net
URL: https://1to1help.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time: 108
date: Tue, 03 Jan 2023 11:30:10 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 01f070181b4f1aae
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 7cdf3c725f4b76ff98392bbac687fb71841384428a64703e66092540c0011651
content-length: 43

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-b/s/0.7.1/ 55 KB
19 KB 23ms
23ms Script
application/javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-b/s/0.7.1/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/cg6a8q9yo8?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 11:30:10 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
server: Microsoft-IIS/10.0
x-azure-ref-originshield: 0J4mzYwAAAADIygcaWQeJQJqt2X3msJI6RlJBMjMxMDUwNDE3MDI3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "1d913c18f6c839e"
x-azure-ref: 0whG0YwAAAAC1RDdBuDfsR5F3EnaMskx4RlJBMzFFREdFMDMwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/3746274/domain/1to1help.net/ Frame 0
0 93ms
22ms Preflight 2600:9000:206f:2800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3746274/domain/1to1help.net/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://1to1help.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
age: 84034
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Mon, 02 Jan 2023 12:09:37 GMT
via: 1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
x-amz-cf-id: jS0MzAe1JcsLrYSTCynuB1Vq3Ot4ukZhDIVMdi-MSzwk7ByrZb4IOQ==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3746274/domain/1to1help.net/ 36 B
376 B 29ms
28ms XHR
application/json 2600:9000:206f:2800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3746274/domain/1to1help.net/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 03 Jan 2023 11:13:59 GMT
content-encoding: gzip
via: 1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 972
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: 9-BpZd_uod4f4nnzSNvdfTZEhXMnXhC2ZrpMSYQRq2gHlCPeeLqxvQ==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3746274&time=1672745410945&url=https%3A%2F%2F1to1help.net%2F
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3746274&time=1672745410945&url=https%3A%2F%2F1to1help.net%2F&e_ipv6=AQKeQVW6IyvO_AAAAYV3ZWHxmdqVf4p5YWO2kozAhJwXLsO5lJrTdQ2mWgnK1Y1BibpVEIOLQUorE...

0
264 B

191ms
121ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3746274&time=1672745410945&url=https%3A%2F%2F1to1help.net%2F&e_ipv6=AQKeQVW6IyvO_AAAAYV3ZWHxmdqVf4p5YWO2kozAhJwXLsO5lJrTdQ2mWgnK1Y1BibpVEIOLQUorEjXo5GDbQotC7ziMfQ
Requested by: Host: 1to1help.net
URL: https://1to1help.net/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 11:30:11 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: CEA29330D4864182A2B0BE1FE04AA15B Ref B: FRAEDGE2013 Ref C: 2023-01-03T11:30:11Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXxWmQJYtHJRIdnUgZP/Q==

Redirect headers

date: Tue, 03 Jan 2023 11:30:10 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 123F1F18F79648AF99670701F2E2346B Ref B: FRAEDGE2021 Ref C: 2023-01-03T11:30:11Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3746274&time=1672745410945&url=https%3A%2F%2F1to1help.net%2F&e_ipv6=AQKeQVW6IyvO_AAAAYV3ZWHxmdqVf4p5YWO2kozAhJwXLsO5lJrTdQ2mWgnK1Y1BibpVEIOLQUorEjXo5GDbQotC7ziMfQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXxWmQGdGN5GAbxvHzpiA==

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 151ms
78ms Image
image/gif 2a00:1450:400d:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-51595447-1&cid=2118112948.1672745411&jid=1572026578&_u=YEBAAUAAAAAAACAAI~&z=106397066

Requested by

Host: 1to1help.net
URL: https://1to1help.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 11:30:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 177ms
82ms Image
image/gif 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-51595447-1&cid=2118112948.1672745411&jid=1572026578&_u=YEBAAUAAAAAAACAAI~&z=106397066

Requested by

Host: 1to1help.net
URL: https://1to1help.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 11:30:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame CB4E 43 KB
22 KB 72ms
72ms Document
text/html 2a00:1450:400d:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LftwV0UAAAAAK8iVr_uk55PPJOaD1DZOXPonE_Y&co=aHR0cHM6Ly8xdG8xaGVscC5uZXQ6NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=ptnal3dxwk4m

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8fcda6e41d3709f029828110972adeadf7e2df6f29963dd217a46c06c1746e0a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-91ZpHtvSfLMzqhSBKA2ypA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22955
content-security-policy: script-src 'report-sample' 'nonce-91ZpHtvSfLMzqhSBKA2ypA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 03 Jan 2023 11:30:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 collect Show response
f.clarity.ms/ 0
162 B 472ms
218ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://1to1help.net
date: Tue, 03 Jan 2023 11:30:11 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H3 200 1343705566051971 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 82ms
82ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1343705566051971?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1039d8e21ef9d43017c59a8d9fb935dcaaf99e9c5447a1a9774ae7f671a92f71

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 03 Jan 2023 11:30:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: WJpXgiu35SjQKtNS86iO8rLTzMRFAh9fOVAlSjfctzwvxSZPo7YgfISSJd8FdsU1qTT1o8d+CHw+YKRE5X2DTg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 69ms
22ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=643283310114888&ev=PageView&dl=https%3A%2F%2F1to1help.net%2F&rl=&if=false&ts=1672745411119&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672745411118.185617376&it=1672745410896&coo=false&rqm=GET

Requested by

Host: 1to1help.net
URL: https://1to1help.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 03 Jan 2023 11:30:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame CB4E 52 KB
24 KB 70ms
23ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LftwV0UAAAAAK8iVr_uk55PPJOaD1DZOXPonE_Y&co=aHR0cHM6Ly8xdG8xaGVscC5uZXQ6NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=ptnal3dxwk4m

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 08:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Jan 2024 08:50:42 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame CB4E 407 KB
163 KB 69ms
23ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 11:27:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Jan 2024 11:27:16 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 45ms
21ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1343705566051971&ev=PageView&dl=https%3A%2F%2F1to1help.net%2F&rl=&if=false&ts=1672745411214&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672745411118.185617376&it=1672745410896&coo=false&rqm=GET

Requested by

Host: 1to1help.net
URL: https://1to1help.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 03 Jan 2023 11:30:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame CB4E 102 B
134 B 57ms
57ms Other
text/javascript 2a00:1450:400d:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LftwV0UAAAAAK8iVr_uk55PPJOaD1DZOXPonE_Y&co=aHR0cHM6Ly8xdG8xaGVscC5uZXQ6NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=ptnal3dxwk4m
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 11:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 03 Jan 2023 11:30:11 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=8814AB2722D547B38A66538D7B16B647&RedC=c.clarity.ms&MXFR=24A103844093679530EF110A449369BA
https://c.clarity.ms/c.gif?CtsSyncId=8814AB2722D547B38A66538D7B16B647&MUID=3FB70FC87CE769F9097C1D467D6C6839

42 B
368 B

45ms
45ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=8814AB2722D547B38A66538D7B16B647&MUID=3FB70FC87CE769F9097C1D467D6C6839
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 11:30:11 GMT
last-modified: Mon, 12 Dec 2022 18:28:34 GMT
server: Microsoft-IIS/10.0
etag: "ea79178b57ed91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 03 Jan 2023 11:30:11 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8CF64B4F66794C7CBFE6B23B3F681D38 Ref B: FRA31EDGE0621 Ref C: 2023-01-03T11:30:11Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=8814AB2722D547B38A66538D7B16B647&MUID=3FB70FC87CE769F9097C1D467D6C6839
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
28ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1921107099&t=event&ni=1&_s=1&dl=https%3A%2F%2F1to1help.net%2F&ul=en-us&de=UTF-8&dt=1to1help%20-%20Employee%20Assistance%20Program%20India&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=25%25&_u=aEDAAUABAAAAACAAI~&jid=1635304817&gjid=108134651&cid=2118112948.1672745411&tid=UA-51595447-1&_gid=1117331100.1672745411&_r=1&gtm=2wgbu0NHH6RVP&z=942812206

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 11:30:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1to1help.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHH6RVP

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 03 Jan 2023 11:24:37 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 334
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 03 Jan 2023 13:24:37 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame A412 7 KB
1 KB 58ms
58ms Document
text/html 2a00:1450:400d:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LftwV0UAAAAAK8iVr_uk55PPJOaD1DZOXPonE_Y

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a2a5cd0e39cb814e1b605e9b3f10c8fa94e6c4fa21188d5bdcc81dbc86fa4f4b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s_6ge8M6mUjHVr_uv-LHtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1114
content-security-policy: script-src 'report-sample' 'nonce-s_6ge8M6mUjHVr_uv-LHtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 03 Jan 2023 11:30:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 86ms
29ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-51595447-1&cid=2118112948.1672745411&jid=1635304817&gjid=108134651&_gid=1117331100.1672745411&_u=aEDAAUABAAAAACAAI~&z=104512706

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 03 Jan 2023 11:30:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1to1help.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1921107099&t=event&_s=2&dl=https%3A%2F%2F1to1help.net%2F&ul=en-us&de=UTF-8&dt=1to1help%20-%20Employee%20Assistance%20Program%20India&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=Clarity&_u=aEDAAUABAAAAACAAI~&jid=&gjid=&cid=2118112948.1672745411&tid=UA-51595447-1&_gid=1117331100.1672745411&gtm=2oubu0&z=2032212123

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 02:42:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31636
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 21ms
21ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=643283310114888&ev=Microdata&dl=https%3A%2F%2F1to1help.net%2F&rl=&if=false&ts=1672745411621&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%221to1help%20-%20Employee%20Assistance%20Program%20India%22%2C%22meta%3Akeywords%22%3A%22employee%20wellness%20program%2C%20employee%20assistance%20program%20india%2C%20employee%20counselling%2C%20eap%20services%2C%20eap%20india%2C%20eap%20counselling%2C%20workplace%20counselling%22%2C%22meta%3Adescription%22%3A%22Our%20employee%20wellness%20program%20aims%20to%20bring%20positive%20changes%20in%20a%20working%20individuals%20life.%20We%20are%20the%20largest%20provider%20of%20Employee%20Assistance%20Program%20(EAP)%20in%20India.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Employee%20Wellness%20Program%2C%20Employee%20Assistance%20Program%20India%20%7C%201to1help%22%2C%22og%3Adescription%22%3A%22We%20enable%20you%20to%20bring%20positive%20changes%20in%20your%20life.%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%221to1help.net%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2F1to1help.net%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fpbs.twimg.com%2Fprofile_images%2F912277317774462976%2FhYOisCLZ_400x400.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1672745411118.185617376&it=1672745410896&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 03 Jan 2023 11:30:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 22ms
22ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1343705566051971&ev=Microdata&dl=https%3A%2F%2F1to1help.net%2F&rl=&if=false&ts=1672745411715&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%221to1help%20-%20Employee%20Assistance%20Program%20India%22%2C%22meta%3Akeywords%22%3A%22employee%20wellness%20program%2C%20employee%20assistance%20program%20india%2C%20employee%20counselling%2C%20eap%20services%2C%20eap%20india%2C%20eap%20counselling%2C%20workplace%20counselling%22%2C%22meta%3Adescription%22%3A%22Our%20employee%20wellness%20program%20aims%20to%20bring%20positive%20changes%20in%20a%20working%20individuals%20life.%20We%20are%20the%20largest%20provider%20of%20Employee%20Assistance%20Program%20(EAP)%20in%20India.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Employee%20Wellness%20Program%2C%20Employee%20Assistance%20Program%20India%20%7C%201to1help%22%2C%22og%3Adescription%22%3A%22We%20enable%20you%20to%20bring%20positive%20changes%20in%20your%20life.%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%221to1help.net%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2F1to1help.net%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fpbs.twimg.com%2Fprofile_images%2F912277317774462976%2FhYOisCLZ_400x400.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1672745411118.185617376&it=1672745410896&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 03 Jan 2023 11:30:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 80ms
79ms Image
image/gif 2a00:1450:400d:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-51595447-1&cid=2118112948.1672745411&jid=1635304817&_u=aEDAAUABAAAAACAAI~&z=1684724423

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 11:30:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 154ms
79ms Image
image/gif 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-51595447-1&cid=2118112948.1672745411&jid=1635304817&_u=aEDAAUABAAAAACAAI~&z=1684724423

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 11:30:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame A412 52 KB
24 KB 24ms
23ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LftwV0UAAAAAK8iVr_uk55PPJOaD1DZOXPonE_Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 08:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Jan 2024 08:50:42 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame A412 407 KB
163 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LftwV0UAAAAAK8iVr_uk55PPJOaD1DZOXPonE_Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 11:27:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Jan 2024 11:27:16 GMT

POST
H2 204 collect Show response
f.clarity.ms/ 0
48 B 108ms
107ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://1to1help.net
date: Tue, 03 Jan 2023 11:30:12 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

POST
H2 204 collect Show response
f.clarity.ms/ 0
48 B 108ms
108ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://1to1help.net
date: Tue, 03 Jan 2023 11:30:16 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 76ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4GHYNKGZ71&gtm=2oebu0&_p=1921107099&cid=2118112948.1672745411&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1672745410&sct=1&seg=0&dl=https%3A%2F%2F1to1help.net%2F&dt=1to1help%20-%20Employee%20Assistance%20Program%20India&en=Clarity&_ee=1&ep.eventCategory=Clarity&ep.eventAction=1npnex&ep.nonInteraction=true&ep.claritydimension=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fcg6a8q9yo8%2Fr9n5cr%2F1npnex&_et=703
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4GHYNKGZ71&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Jan 2023 11:30:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1to1help.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d1lvcjuoszleku.cloudfront.net
URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/fonts/PlusJakartaText-Bold.otf

Domain: d1lvcjuoszleku.cloudfront.net
URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/fonts/PlusJakartaText-Regular.otf

Domain: d1lvcjuoszleku.cloudfront.net
URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/fonts/Sporting_Grotesque-Bold_web.woff

Domain: d1lvcjuoszleku.cloudfront.net
URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/fonts/Sporting_Grotesque-Regular_web.woff

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
1to1help.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 9C3F313CFD9F7F7705DEE699ABBABB09
.1to1help.net/	1970-01-20 10:48:41	Name: _gcl_au Value: 1.1.1712804000.1672745411
.1to1help.net/	1970-01-20 08:40:31	Name: _gid Value: GA1.2.1117331100.1672745411
.1to1help.net/	1970-01-20 08:39:05	Name: _gat_gtag_UA_51595447_1 Value: 1
www.clarity.ms/	1970-01-20 17:24:41	Name: CLID Value: b0ece582ae59414b98d7b2f06929e1a5.20230103.20240103
.1to1help.net/	1970-01-20 17:24:41	Name: _clck Value: r9n5cr\|1\|f7y\|0
.t.co/	1970-01-20 18:15:05	Name: muc_ads Value: 03c63463-e7a3-4e42-9dd7-edf9950272f1
1to1help.net/	1970-01-20 08:40:31	Name: ln_or Value: eyIzNzQ2Mjc0IjoiZCJ9
.1to1help.net/	1970-01-20 10:48:41	Name: _fbp Value: fb.1.1672745411118.185617376
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:24:41	Name: bcookie Value: "v=2&0c5bd96e-4666-4eab-8bef-60f63b6ad7d4"
.linkedin.com/	1970-01-20 12:58:17	Name: li_gc Value: MTswOzE2NzI3NDU0MTE7MjswMjEiNfFphgY7cwkPYT7d93bIH3X6Z/qvoKVuysdECLp6YQ==
.linkedin.com/	1970-01-20 08:40:31	Name: lidc Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2524:u=1:x=1:i=1672745411:t=1672831811:v=2:sig=AQHtfRIiw7bxk1QaBXuhql_ihC3S60j7"
.twitter.com/	1970-01-20 18:15:05	Name: personalization_id Value: "v1_yX92syrn9YKhs95Pf1wIAA=="
.1to1help.net/	1970-01-20 18:15:05	Name: _ga Value: GA1.2.2118112948.1672745411
.1to1help.net/	1970-01-20 08:39:05	Name: _gat_UA-51595447-1 Value: 1
.1to1help.net/	1970-01-20 18:15:05	Name: _ga_4GHYNKGZ71 Value: GS1.1.1672745410.1.0.1672745411.0.0.0
.1to1help.net/	1970-01-20 08:40:31	Name: _clsk Value: 1npnex\|1672745411583\|1\|1\|f.clarity.ms/collect
.c.bing.com/	1970-01-20 18:00:41	Name: SRM_B Value: 3FB70FC87CE769F9097C1D467D6C6839
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 18:00:41	Name: MUID Value: 3FB70FC87CE769F9097C1D467D6C6839
.c.clarity.ms/	1970-01-20 08:39:06	Name: ANONCHK Value: 0

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://1to1help.net/(Line 1592) Message: Access to font at 'https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/fonts/PlusJakartaText-Regular.otf' from origin 'https://1to1help.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/fonts/PlusJakartaText-Regular.otf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://1to1help.net/(Line 1872) Message: Access to font at 'https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/fonts/PlusJakartaText-Bold.otf' from origin 'https://1to1help.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/fonts/PlusJakartaText-Bold.otf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://1to1help.net/ Message: Access to font at 'https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/fonts/Sporting_Grotesque-Bold_web.woff' from origin 'https://1to1help.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/fonts/Sporting_Grotesque-Bold_web.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://1to1help.net/ Message: Access to font at 'https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/fonts/Sporting_Grotesque-Regular_web.woff' from origin 'https://1to1help.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://d1lvcjuoszleku.cloudfront.net/assets/theme/Files/fonts/Sporting_Grotesque-Regular_web.woff Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1to1help.net
analytics.twitter.com
c.bing.com
c.clarity.ms
cdn.linkedin.oribi.io
connect.facebook.net
d1lvcjuoszleku.cloudfront.net
d3e54v103j8qbb.cloudfront.net
f.clarity.ms
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
d1lvcjuoszleku.cloudfront.net
104.244.42.131
104.244.42.197
13.107.42.14
15.207.173.106
199.232.16.157
20.234.93.27
20.84.22.197
2001:4860:4802:34::36
2600:9000:206f:2800:2:53b2:240:93a1
2620:1ec:21::14
2620:1ec:4e:1::45
2620:1ec:c11::200
2a00:1450:4001:806::200e
2a00:1450:4001:809::2008
2a00:1450:4001:82f::2003
2a00:1450:400c:c00::9d
2a00:1450:400d:808::2003
2a00:1450:400d:80e::2004
2a02:26f0:11a::217:9a4a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.7.39.143
99.86.247.13
99.86.247.152
03977ba375b0bf22db454b0a7813a24d4a5f7e51cc74bd2b3453a6a2aa3bcb23
05279458a2982cc28935da2ca01c3d19c98f480570653f571d97aea408f615a8
05bcd6ed7e7719a29452d3c3ebdf20a9a4fc7a8b30ba22e862a5346482ea18b6
05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845
1039d8e21ef9d43017c59a8d9fb935dcaaf99e9c5447a1a9774ae7f671a92f71
16731300be9165a92a27ed82733f718154d58c9b28d523158fc358729b848b48
1d1f44d56481fbfb2f69d147b40a947f2c161ba85b4ef2ba90c44fbe93273f55
2887eb3575b4b0083639042fe4561bdfe50fba78e8690d299ad8d4a7d1af7b8f
2debfee313fdef21c0cf332b192e896330e3553b5b667a740b0a5852b74c6fbf
3242bd39eaef5f3cd2dc878afeeb0e33ab8a1d226198336e5f739484637c5b86
360c353c3f69f009e7c0164f255782e277b1fe7ed11fc8a4fce18b9dc89d542d
385a6e14b188c6b1c100c33290c1a56da3a351415228a90215ff874b45af7757
3e36bd3d77b10e66971bc04bf0213ca1ee5c9150182d1acdca01fb8ed89d387f
3e6ef4f3484f029b4d1a989163d6bb29899184f008431adb932c43ff3543368a
432106e9a049008087ae848c29fa60fd871653ee04e0abf0f0d73327086b537a
439dbfc0528241788f78fbd83f8d661cd735785326ae55162f7f768dd9f875d7
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4cebd123558043b16dc10546de3658beb05070a9edadba5f3c2cca167c7d7fb3
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
633a591d426c57470c5b8fff073cfeb3318f7942ff030658a08c6a61da1ec4c2
65970976298096a9b46091c3d4e23babcb0ff7bfcd82c83c75c291047787ea2f
68dd84d37662788d6526dc1861531a1cf286c68674930f320fec06291aa44196
74896a03e9712da86a9a4d56cc49cd6345fc1e42fce83ccb446434669acf54f1
75e983127de425538aced9d4114271241d4a96c4c56baad4b91bf63073994d38
7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81
76cadfe89bce6c7e3406efe5994169d7766029de054a22e1f072499f1c77ddb9
7afeb927cc5e947251245f18faf8943c3fa65b53d37067a8806ab8f7d6ee1eeb
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b472a32859562a67a63b6659e29079e8c764ca913764458e40b0a7273b63078
7c20786c7bfcf63044098fbb29eefad3a85e6ad4b2000b50ef16b91c4c9db0bb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8427063a2ff1ab858ea2141bd0704927f54c0b78d2debba3aabb4edccaa308ed
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
865e1dbc74905f239e7f60d0aaea9dafb9c9efd279c850f7234a81ef1ee05dfb
8fcda6e41d3709f029828110972adeadf7e2df6f29963dd217a46c06c1746e0a
92a65b241e7884662f83c7b09572090536750d33b8f3a39647b37b0a7ef79c84
959eab668853bba0f966da03e44c46749ea4e52949a1cef1936bdf0b4a64f2bf
973595bf78d5ddabe1d478e13b9cbe6b69f9b77e5f3b06dbadba560156785594
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f2c12b3e3ea954158bb1eb4feeff71866ec56167c43c61d9ecaf5e2ff6ff67e
a28f88998ce9c6cefd8cb3d113fc4a51c7b349d0ffc13af8b552438f494c7c7e
a2a5cd0e39cb814e1b605e9b3f10c8fa94e6c4fa21188d5bdcc81dbc86fa4f4b
a35e13c7fd95820be5f5d63f8382385d1372cd1609c445ed509b804a24cf8630
a6070a58ecab8f235341a91457361a49be572f54a07a03114ea5f003d745471d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b99266c6a120cbdc30a9e8728048a7e6226fa8a46e1d2850411f97986b34fb6c
b9b27c6e38b25c6c9014fac2ba276e75be38abb1869b993bd6ec2d8895affe05
baab1512135afe5b615f3c98a677bca92ed3d338ea73fe5350999a97e5e286a6
c4812332aab3bd15033fe99f69a60b480a0dab28a0a506ee4dd825174064793f
c839753db6d14177e8d7524037250d046e9b62f76af247db9f0e00044fcd847e
c8a90c77a9513134ab9db70395f93f1e81ab99db8f6fc4b7426c185f4cef507e
caf46c90f4c85259ea326f121c4ae6d20e113f9efeb9756dabe4f8b374d087d1
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d5f6c184eda3a9a7aa7fa449892995dab607ab877d543743710e88a608879995
da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf
dc7578a6a7c544435424749ca840a09c9ffac9bf4c3b701a2c150fa00006db52
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df7c3f69a95c817073caf9946cacf2e00bf0baceac2c96c4017cb16a57b53e35
dfa131ff78fdcff4140eaeffa6380fec9fa1ada21e1562e77a2ed2e1fcbca51b
dfe02a2d93a93c68f34213c0b1f9c16f59edc3a652167733cc9a06b3ed7fdecd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee47889fad03764889de5cd60dfe6e590bd318d9883e01145e316be81d54455e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0032d4e99ab2acc8d62c2625028393cd7ed4dda7996600716f755d6788521d7
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
f52105a8f9b74001a5c06311a38ba2cdd9afaf7eb5f18dc7079f52cd1a737e7e
f7f4441e097d2af52e34559f7771b003beb85a50b0c40a59a52a0a52444108a7
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fce72caa4cd5172851f596f031038042428bb8b79821411a59b85fc248d8f42a
fd24e124bba91c0917c2d5527ffeb9155a37dae7ea056067a36b27f13c63d923

1to1help.net Open in urlscan Pro 15.207.173.106 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

94 Requests

94 %HTTPS

58 %IPv6

18 Domains

23 Subdomains

22 IPs

6 Countries

1693 kBTransfer

4019 kBSize

22 Cookies

3 Outgoing links

Page URL History

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

1to1help.net Open in urlscan Pro
15.207.173.106 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

94 %
HTTPS

58 %
IPv6

18
Domains

23
Subdomains

22
IPs

6
Countries

1693 kB
Transfer

4019 kB
Size

22
Cookies

94 HTTP transactions
1 data transactions