www.charmsoffice.com Open in urlscan Pro
2606:4700::6811:9542 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.charmsoffice.com/
Submission: On February 12 via api (February 12th 2021, 2:37:18 pm UTC) from DE

Summary HTTP 44 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 16 domains to perform 44 HTTP transactions. The main IP is 2606:4700::6811:9542, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.charmsoffice.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 16th 2020. Valid for: a year.

This is the only time www.charmsoffice.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	2606:4700::68... 2606:4700::6811:9542	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
4	68.232.35.12 68.232.35.12	15133 (EDGECAST) (EDGECAST)
2	52.45.42.22 52.45.42.22	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:10c... 2a02:26f0:10c:582::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	2620:119:50e4... 2620:119:50e4:101::6cae:b55	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
44	15

20 2606:4700::6811:9542 (United States)

ASN13335 (CLOUDFLARENET, US)

www.charmsoffice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.232.35.12 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.42.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-42-22.compute-1.amazonaws.com

seal-dallas.bbb.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:582::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e4:101::6cae:b55 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	charmsoffice.com www.charmsoffice.com	2 MB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	gstatic.com fonts.gstatic.com	37 KB
3	bizible.com cdn.bizible.com	34 KB
2	facebook.com www.facebook.com	558 B
2	facebook.net connect.facebook.net	94 KB
2	bing.com bat.bing.com	9 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	bbb.org seal-dallas.bbb.org	920 B
1	bizibly.com cdn.bizibly.com	202 B
1	google.de www.google.de	505 B
1	google.com www.google.com	505 B
1	doubleclick.net stats.g.doubleclick.net	449 B
1	licdn.com snap.licdn.com	2 KB
1	googletagmanager.com www.googletagmanager.com	44 KB
1	googleapis.com fonts.googleapis.com	1 KB
44	16

	Domain	Requested by
20	www.charmsoffice.com	www.charmsoffice.com
3	fonts.gstatic.com	fonts.googleapis.com
3	cdn.bizible.com	www.charmsoffice.com cdn.bizible.com
2	www.facebook.com	www.charmsoffice.com
2	px.ads.linkedin.com	1 redirects www.charmsoffice.com
2	connect.facebook.net	www.charmsoffice.com connect.facebook.net
2	bat.bing.com	www.googletagmanager.com www.charmsoffice.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	seal-dallas.bbb.org	www.charmsoffice.com
1	cdn.bizibly.com	www.charmsoffice.com
1	www.google.de	www.charmsoffice.com
1	www.google.com	www.charmsoffice.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.linkedin.com	1 redirects
1	snap.licdn.com	www.googletagmanager.com
1	www.googletagmanager.com	www.charmsoffice.com
1	fonts.googleapis.com	www.charmsoffice.com
44	17

This site contains links to these domains. Also see Links.

Domain
charms.vancopayments.com
www.youtube.com
www.vancopayments.com
www.bbb.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
io.bizible.com DigiCert SHA2 Secure Server CA	`2020-12-14` - `2021-11-15`	a year	crt.sh
*.bbb.org GeoTrust RSA CA 2018	`2020-05-15` - `2022-07-03`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-01-19` - `2021-07-19`	6 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.charmsoffice.com/
Frame ID: 41627CE45844543D703AF865AEC912E7
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

44
Requests

100 %
HTTPS

88 %
IPv6

16
Domains

17
Subdomains

15
IPs

5
Countries

2419 kB
Transfer

3305 kB
Size

14
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://charms.vancopayments.com/resource-center
Title: Resources

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=wFV8cGDsApw
Title: Director Overview Video

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=PAvoR8CgCwg
Title: Member Overview Video

Search URL Search Domain Scan URL

URL: https://www.vancopayments.com/privacy
Title: Privacy Statement

Search URL Search Domain Scan URL

URL: https://www.vancopayments.com/
Title: Vanco

Search URL Search Domain Scan URL

URL: http://www.bbb.org/dallas/business-reviews/computer-software-publishers-and-developers/dorian-business-systems-in-rowlett-tx-90383885#bbblogo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1256636&time=1613140620634&url=https%3A%2F%2Fwww.charmsoffice.com%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1256636%26time%3D1613140620634%26url%3Dhttps%253A%252F%252Fwww.charmsoffice.com%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1256636&time=1613140620634&url=https%3A%2F%2Fwww.charmsoffice.com%2F&liSync=true

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.charmsoffice.com/ 17 KB
5 KB 194ms
176ms Document
text/html 2606:4700::6811:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.charmsoffice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bc8a1d241bb61ca831f8b3e053f90ecba337e409534bc350e4e7f45ce491cf4

Request headers

:method: GET
:authority: www.charmsoffice.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:37:00 GMT
content-type: text/html; Charset=UTF-8
set-cookie: __cfduid=dd248e1353008a23f44acededb520d3c11613140620; expires=Sun, 14-Mar-21 14:37:00 GMT; path=/; domain=.charmsoffice.com; HttpOnly; SameSite=Lax; Secure ASPSESSIONIDAGBQSATD=GOIFJECDOGBMAOCADNPOFNDP; secure; path=/; SameSite=None; Secure __cflb=0H28uwYv9yte7yAfVDvVWnJqnrmFj5mU2gnn5kihtjo; SameSite=None; Secure; path=/; expires=Fri, 12-Feb-21 15:07:00 GMT; HttpOnly
cache-control: no-cache
pragma: no-cache
expires: Fri, 12 Feb 2021 14:36:00 GMT
vary: Accept-Encoding
sn: Charms2
cf-cache-status: DYNAMIC
cf-request-id: 0838458bbe0000c2ae808a9000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 62070b8c6ec5c2ae-FRA
content-encoding: br

GET
H2 200 bootstrap.min.css
www.charmsoffice.com/bower_components/bootstrap/dist/css/ 118 KB
18 KB 25ms
24ms Stylesheet
text/css 2606:4700::6811:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.charmsoffice.com/bower_components/bootstrap/dist/css/bootstrap.min.css
Requested by: Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:37:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Apr 2016 16:03:10 GMT
server: cloudflare
age: 5830
etag: W/"d0a090221e9bd11:0"
sn: Charms1
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/css
cache-control: public, max-age=300
cf-ray: 62070b8d8845c2ae-FRA
cf-request-id: 0838458c730000c2ae39a12000000001
expires: Fri, 12 Feb 2021 14:42:00 GMT

GET
H2 200 blue.css
www.charmsoffice.com/Fcss/plugins/icheck/square/ 1 KB
415 B 28ms
26ms Stylesheet
text/css 2606:4700::6811:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.charmsoffice.com/Fcss/plugins/icheck/square/blue.css
Requested by: Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93b936007132c4ab42a5a5a9d0aae790c1489be282a078f6d9c20b1eda94358c

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:37:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 5831
cf-polished: origSize=1485
sn: Charms1
last-modified: Mon, 16 May 2016 21:41:06 GMT
cf-request-id: 0838458c770000c2ae39a13000000001
cf-bgj: minify
server: cloudflare
etag: W/"e52df2a6bbafd11:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 62070b8d8846c2ae-FRA
expires: Fri, 12 Feb 2021 14:42:00 GMT

GET
H2 200 owl.carousel.css
www.charmsoffice.com/bower_components/owlcarousel/owl-carousel/ 1 KB
543 B 18ms
17ms Stylesheet
text/css 2606:4700::6811:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.charmsoffice.com/bower_components/owlcarousel/owl-carousel/owl.carousel.css
Requested by: Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eee2832920de823a77ade71ddf71f135ef58d3d7aa14c2e48036e1faec3c2762

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:37:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 5831
cf-polished: origSize=1476
sn: Charms2
last-modified: Wed, 20 Apr 2016 16:03:30 GMT
cf-request-id: 0838458c730000c2ae120b2000000001
cf-bgj: minify
server: cloudflare
etag: W/"1f45e52e1e9bd11:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 62070b8d8847c2ae-FRA
expires: Fri, 12 Feb 2021 14:42:00 GMT

GET
H2 200 owl.theme.css
www.charmsoffice.com/bower_components/owlcarousel/owl-carousel/ 1 KB
449 B 26ms
25ms Stylesheet
text/css 2606:4700::6811:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.charmsoffice.com/bower_components/owlcarousel/owl-carousel/owl.theme.css
Requested by: Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 412752ed1c97f0aef8acf02f8ced68186ecdf81b8182f11c981b1e3436748c52

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:37:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 5831
cf-polished: origSize=1665
sn: Charms2
last-modified: Wed, 20 Apr 2016 16:03:30 GMT
cf-request-id: 0838458c730000c2ae12954000000001
cf-bgj: minify
server: cloudflare
etag: W/"5d86c02e1e9bd11:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 62070b8d8849c2ae-FRA
expires: Fri, 12 Feb 2021 14:42:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 36ms
15ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%7COpen+Sans%3A400&ver=4.0.1

Requested by

Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4604cac63f9be42d4193708c3cf31ff5b65656e9186dbf64e42d6ad83559d609

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 14:37:00 GMT
server: ESF
date: Fri, 12 Feb 2021 14:37:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Feb 2021 14:37:00 GMT

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 86 KB
33 KB 69ms
16ms Script
application/x-javascript 68.232.35.12
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.12 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA7) /
Resource Hash: 3a5f3c7c89b3d4360a26621efb6cfb77a2028abbb6329042cf2efcb2c3de1b24

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:37:00 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 23:26:14 GMT
server: ECS (amb/6BA7)
age: 51154
etag: "ff2bb2040d71:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 33769

GET
H2 200 carousel.css
www.charmsoffice.com/Fcss/ 6 KB
2 KB 18ms
17ms Stylesheet
text/css 2606:4700::6811:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.charmsoffice.com/Fcss/carousel.css
Requested by: Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9dd0388cb2bebdd71ed0d150b8faedb528249df053251356416616d76faaa66

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:37:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 5831
cf-polished: origSize=9028
sn: Charms1
last-modified: Thu, 04 Aug 2016 21:09:06 GMT
cf-request-id: 0838458c730000c2ae823e3000000001
cf-bgj: minify
server: cloudflare
etag: W/"578e626f94eed11:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 62070b8d884cc2ae-FRA
expires: Fri, 12 Feb 2021 14:42:00 GMT

GET
H2 200 charms.css
www.charmsoffice.com/Fcss/ 119 KB
18 KB 34ms
33ms Stylesheet
text/css 2606:4700::6811:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.charmsoffice.com/Fcss/charms.css
Requested by: Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89f16bf99f532de8287ca188d057d6f45634a6dea90c204f6fcb0db85aee1ccc

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:37:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 5831
cf-polished: origSize=156784
sn: Charms1
last-modified: Fri, 03 Mar 2017 17:05:52 GMT
cf-request-id: 0838458c740000c2ae8bb60000000001
cf-bgj: minify
server: cloudflare
etag: W/"56c7286a4094d21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=300
cf-ray: 62070b8d884dc2ae-FRA
expires: Fri, 12 Feb 2021 14:42:00 GMT

GET
H2 200 charms-vanco.png
www.charmsoffice.com/images/ 10 KB
10 KB 23ms
21ms Image
image/png 2606:4700::6811:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.charmsoffice.com/images/charms-vanco.png
Requested by: Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1eb0c070fbeaf21b586648145597ea732a19252d563a032ca1a7e64c0a21a9d

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:37:00 GMT
cf-cache-status: HIT
age: 5830
cf-polished: origSize=18107
sn: Charms2
last-modified: Wed, 17 Oct 2018 15:54:45 GMT
content-length: 9845
cf-request-id: 0838458c7a0000c2ae32bb3000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "80905eb93166d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 62070b8d8859c2ae-FRA
expires: Fri, 12 Feb 2021 14:42:00 GMT

GET
H2 200 image001.png
www.charmsoffice.com/images/ 205 KB
205 KB 45ms
42ms Image
image/png 2606:4700::6811:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.charmsoffice.com/images/image001.png
Requested by: Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f53e3541713071dadfe14691822df0dc954fb241465723d2047da4a291d5da4

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:37:00 GMT
cf-cache-status: HIT
age: 5830
cf-polished: origSize=219208
sn: Charms2
last-modified: Mon, 09 Apr 2018 11:06:39 GMT
content-length: 210017
cf-request-id: 0838458c7d0000c2ae13293000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "4e1d82d5f2cfd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 62070b8d885bc2ae-FRA
expires: Fri, 12 Feb 2021 14:42:00 GMT

GET
H2 200 image002.png
www.charmsoffice.com/images/ 757 KB
758 KB 30ms
27ms Image
image/png 2606:4700::6811:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.charmsoffice.com/images/image002.png
Requested by: Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2c0d2a780da3ba7e6c0f00639e8923312b53a7fcbe6ad76b4ef9c1c48f40e3f

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:37:00 GMT
cf-cache-status: HIT
age: 5830
cf-polished: origSize=960891
sn: Charms2
last-modified: Mon, 09 Apr 2018 11:06:39 GMT
content-length: 775407
cf-request-id: 0838458c7a0000c2ae4790b000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "49184d5f2cfd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 62070b8d985dc2ae-FRA
expires: Fri, 12 Feb 2021 14:42:00 GMT

GET
H2 200 image007.png
www.charmsoffice.com/images/ 369 KB
370 KB 24ms
22ms Image
image/png 2606:4700::6811:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.charmsoffice.com/images/image007.png
Requested by: Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fd90a4ce6c5d02d52e7d52afc57fcddf96341584deda4bf5da0921a6a4c2cbf

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:37:00 GMT
cf-cache-status: HIT
age: 5830
cf-polished: status=cannot_optimize
sn: Charms3
last-modified: Mon, 09 Apr 2018 11:06:39 GMT
content-length: 378051
cf-request-id: 0838458c7b0000c2ae849b3000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cff486d5f2cfd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 62070b8d9860c2ae-FRA
expires: Fri, 12 Feb 2021 14:42:00 GMT

GET
H2 200 image003.png
www.charmsoffice.com/images/ 577 KB
578 KB 30ms
28ms Image
image/png 2606:4700::6811:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.charmsoffice.com/images/image003.png
Requested by: Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e01df00da8bd1e92f1192d82d20bac465dc8c9d869f746034adcf1c21abcea08

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:37:00 GMT
cf-cache-status: HIT
age: 5829
cf-polished: origSize=764330
sn: Charms1
last-modified: Mon, 09 Apr 2018 11:06:39 GMT
content-length: 591044
cf-request-id: 0838458c7b0000c2ae708dc000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "49184d5f2cfd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 62070b8d9863c2ae-FRA
expires: Fri, 12 Feb 2021 14:42:00 GMT

GET
H2 200 logo-login.png
www.charmsoffice.com/images/ 2 KB
2 KB 29ms
27ms Image
image/png 2606:4700::6811:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.charmsoffice.com/images/logo-login.png
Requested by: Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2046a625ec054250edb0babf954e0a6ed0a7494c23cea0bcce264475bde1f170

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:37:00 GMT
cf-cache-status: HIT
age: 5829
cf-polished: origSize=32918
sn: Charms1
last-modified: Mon, 25 Apr 2016 21:01:57 GMT
content-length: 2146
cf-request-id: 0838458c7b0000c2ae73371000000001
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "f88b2fb4359fd11:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 62070b8d9866c2ae-FRA
expires: Fri, 12 Feb 2021 14:42:00 GMT

GET
H2 200 dorian-business-systems-90383885.png
seal-dallas.bbb.org/logo/ruhzbus/ 95 B
425 B 327ms
111ms Image
image/png 52.45.42.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://seal-dallas.bbb.org/logo/ruhzbus/dorian-business-systems-90383885.png
Requested by: Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.42.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-42-22.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 1743b80176c7a9b725d2e472694b728ae510bbdae78ee5d33d58278221f552d9

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:37:00 GMT
last-modified: Fri, 12 Feb 2021 04:32:47 GMT
server: Apache
p3p: CP="ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV"
etag: baae77a879c2a3c0713f77c3e87eeca3
node: One-EC2-Seal
content-type: image/png
content-disposition: inline; filename="seal-for-90383885.png"
cachefilename: 83064da9164d50fe794f0ed0d0988209.png
content-length: 95
cachehit: YES
expires: Fri, 12 Feb 2021 16:32:47 GMT

GET
H2 200 jquery.min.js Show response
www.charmsoffice.com/bower_components/jquery/dist/ 84 KB
29 KB 50ms
47ms Script
application/javascript 2606:4700::6811:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.charmsoffice.com/bower_components/jquery/dist/jquery.min.js
Requested by: Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b6de0d4db7876d1183a3edb47ebd3bbbf93f153f5de1ba6645049348628109a

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:37:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Apr 2016 16:03:25 GMT
server: cloudflare
age: 5830
etag: W/"f592c12b1e9bd11:0"
sn: Charms1
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 62070b8d8853c2ae-FRA
cf-request-id: 0838458c790000c2ae4d0ce000000001
expires: Fri, 12 Feb 2021 14:42:00 GMT

GET
H2 200 jquery-ui.min.js Show response
www.charmsoffice.com/bower_components/jquery-ui/ 235 KB
59 KB 43ms
40ms Script
application/javascript 2606:4700::6811:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.charmsoffice.com/bower_components/jquery-ui/jquery-ui.min.js
Requested by: Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:37:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Apr 2016 16:02:56 GMT
server: cloudflare
age: 5830
etag: W/"7b7ca41a1e9bd11:0"
sn: Charms1
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 62070b8d8855c2ae-FRA
cf-request-id: 0838458c7b0000c2ae77a22000000001
expires: Fri, 12 Feb 2021 14:42:00 GMT

GET
H2 200 bootstrap.min.js Show response
www.charmsoffice.com/bower_components/bootstrap/dist/js/ 36 KB
9 KB 35ms
32ms Script
application/javascript 2606:4700::6811:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.charmsoffice.com/bower_components/bootstrap/dist/js/bootstrap.min.js
Requested by: Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:37:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Apr 2016 16:03:11 GMT
server: cloudflare
age: 5830
etag: W/"f5e81c231e9bd11:0"
sn: Charms1
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 62070b8d8857c2ae-FRA
cf-request-id: 0838458c7e0000c2ae622f3000000001
expires: Fri, 12 Feb 2021 14:42:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 118 KB
44 KB 44ms
23ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P6PMSHS

Requested by

Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a46382eea9e2637769c9ccc7d038133427d8d63a66841f576a7ba8387d1d576c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:37:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44222
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Feb 2021 14:37:00 GMT

GET
H2 404 glyphicons-halflings-regular.woff2
www.charmsoffice.com/bower_components/bootstrap/dist/fonts/ 0
0 30ms
25ms Font
text/plain 2606:4700::6811:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.charmsoffice.com/bower_components/bootstrap/dist/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/bower_components/bootstrap/dist/css/bootstrap.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: https://www.charmsoffice.com
Referer: https://www.charmsoffice.com/bower_components/bootstrap/dist/css/bootstrap.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:37:00 GMT
cf-cache-status: HIT
server: cloudflare
age: 94
sn: Charms3
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: public, max-age=300
cf-ray: 62070b8dd8c6c2ae-FRA
content-length: 0
cf-request-id: 0838458ca40000c2ae898e1000000001
expires: Fri, 12 Feb 2021 14:42:00 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 37ms
12ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%7COpen+Sans%3A400&ver=4.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.charmsoffice.com
Referer: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%7COpen+Sans%3A400&ver=4.0.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 12:56:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:25 GMT
server: sffe
age: 92434
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Fri, 11 Feb 2022 12:56:26 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 32ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%7COpen+Sans%3A400&ver=4.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.charmsoffice.com
Referer: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%7COpen+Sans%3A400&ver=4.0.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 06:30:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 547595
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Sun, 06 Feb 2022 06:30:25 GMT

GET
H2 404 fontawesome-webfont.woff2
www.charmsoffice.com/fonts/ 0
0 35ms
30ms Font
text/plain 2606:4700::6811:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.charmsoffice.com/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/Fcss/charms.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: https://www.charmsoffice.com
Referer: https://www.charmsoffice.com/Fcss/charms.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:37:00 GMT
cf-cache-status: HIT
server: cloudflare
age: 94
sn: Charms3
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: public, max-age=300
cf-ray: 62070b8dd8c7c2ae-FRA
content-length: 0
cf-request-id: 0838458ca50000c2ae4d0d1000000001
expires: Fri, 12 Feb 2021 14:42:00 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 29ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%7COpen+Sans%3A400&ver=4.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.charmsoffice.com
Referer: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%7COpen+Sans%3A400&ver=4.0.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 22:00:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 146181
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Thu, 10 Feb 2022 22:00:39 GMT

GET
H2 200 dorian-business-systems-90383885.js Show response
seal-dallas.bbb.org/logo/ 367 B
495 B 202ms
107ms Script
text/javascript 52.45.42.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://seal-dallas.bbb.org/logo/dorian-business-systems-90383885.js
Requested by: Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.42.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-42-22.compute-1.amazonaws.com
Software: Apache /
Resource Hash: a41aa2a273b7bcd14f00e3eb6cda263e91401a9b39cd067b404c646b9be608ce

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 12 Feb 2021 14:37:00 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Fri, 12 Feb 2021 05:05:46 GMT
server: Apache
etag: 467fb8d25ee2ffaff1b119629a4b2be2
node: Two-EC2-Seal
content-type: text/javascript
content-disposition: inline; filename="javascript-for-90383885.js"
cachefilename: 61254c9f8d5673373162f8dce08d24bf.js
content-length: 179
expires: Fri, 12 Feb 2021 17:05:46 GMT

GET
H2 200 glyphicons-halflings-regular.woff
www.charmsoffice.com/bower_components/bootstrap/dist/fonts/ 23 KB
23 KB 24ms
24ms Font
font/x-woff 2606:4700::6811:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.charmsoffice.com/bower_components/bootstrap/dist/fonts/glyphicons-halflings-regular.woff
Requested by: Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/bower_components/bootstrap/dist/css/bootstrap.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a26394f7ede100ca118eff2eda08596275a9839b959c226e15439557a5a80742

Request headers

Origin: https://www.charmsoffice.com
Referer: https://www.charmsoffice.com/bower_components/bootstrap/dist/css/bootstrap.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:37:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Apr 2016 16:03:10 GMT
server: cloudflare
age: 2328
etag: W/"ae73db221e9bd11:0"
sn: Charms2
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: font/x-woff
cache-control: public, max-age=300
cf-ray: 62070b8e5982c2ae-FRA
cf-request-id: 0838458cf70000c2ae90ba7000000001
expires: Fri, 12 Feb 2021 14:42:00 GMT

GET
H2 200 fontawesome-webfont.woff
www.charmsoffice.com/fonts/ 88 KB
89 KB 20ms
20ms Font
font/x-woff 2606:4700::6811:9542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.charmsoffice.com/fonts/fontawesome-webfont.woff?v=4.6.3
Requested by: Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/Fcss/charms.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adbc4f95eb6d7f2738959cf0ecbc374672fce47e856050a8e9791f457623ac2c

Request headers

Origin: https://www.charmsoffice.com
Referer: https://www.charmsoffice.com/Fcss/charms.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:37:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 27 Jul 2016 15:07:35 GMT
server: cloudflare
age: 2329
etag: W/"30787a9b18e8d11:0"
sn: Charms2
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: font/x-woff
cache-control: public, max-age=300
cf-ray: 62070b8e5986c2ae-FRA
cf-request-id: 0838458cf80000c2ae708e3000000001
expires: Fri, 12 Feb 2021 14:42:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6PMSHS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4313
date: Fri, 12 Feb 2021 13:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 12 Feb 2021 15:25:07 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
9 KB 47ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6PMSHS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:37:00 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 22:19:32 GMT
x-msedge-ref: Ref A: FE2FF46EBBB048A2B9D7EC336160C3CA Ref B: FRAEDGE1508 Ref C: 2021-02-12T14:37:00Z
etag: "0b27f152fa7d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8454

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 35ms
9ms Script
application/x-javascript 2a02:26f0:10c:582::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6PMSHS
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:582::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 14:37:00 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=21450
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
24 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: P+IlpS9AbXjaE+Gj2dyTtS29YMhwJ95MQmNuu1qmb07ca0mNhLm1oYDLFwQmVaylpy3DfeqT8Q6V7RmaCJ+ihw==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 12 Feb 2021 14:37:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 460303487834094 Show response
connect.facebook.net/signals/config/ 241 KB
70 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/460303487834094?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cae2014d473bb2c3b23c7f3e06295c1bc111280200e68b1eb293b832ff64553d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70587
x-fb-rlafr: 0
pragma: public
x-fb-debug: u1LVlZuhvY2ROIJRDJc3r7n1pI5mO0OhygKAMPBMWLPX8HxVMBb3uMsAHo63DfqQJ2EwEItBi3X8uTk+vLj3VA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 12 Feb 2021 14:37:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 103794814
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
210 B 14ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1915822202&t=pageview&_s=1&dl=https%3A%2F%2Fwww.charmsoffice.com%2F&ul=en-us&de=UTF-8&dt=**Charms%20Office%20Assistant&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=772247164&gjid=887525841&cid=760233424.1613140621&tid=UA-129121132-1&_gid=1660432304.1613140621&_r=1&gtm=2wg230P6PMSHS&z=447014313

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 14:37:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.charmsoffice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1256636&time=1613140620634&url=https%3A%2F%2Fwww.charmsoffice.com%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1256636%26time%3D1613140620634%26url%3Dhttps%253A%252F%252Fwww.charmsoffice.com%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1256636&time=1613140620634&url=https%3A%2F%2Fwww.charmsoffice.com%2F&liSync=true

0
81 B

113ms
113ms

Image
application/javascript

2620:119:50e4:101::6cae:b55
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1256636&time=1613140620634&url=https%3A%2F%2Fwww.charmsoffice.com%2F&liSync=true
Requested by: Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e4:101::6cae:b55 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:37:01 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: 4T/PINkGYxbwAN9gEisAAA==

Redirect headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: cU5vGdkGYxbAxYLGfisAAA==
pragma: no-cache
x-li-pop: afd-prod-lva1
x-msedge-ref: Ref A: 20471843B28B43118FF1914C0CF6B2D1 Ref B: FRAEDGE1508 Ref C: 2021-02-12T14:37:00Z
date: Fri, 12 Feb 2021 14:37:00 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1256636&time=1613140620634&url=https%3A%2F%2Fwww.charmsoffice.com%2F&liSync=true
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
411 B 19ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=460303487834094&ev=PageView&dl=https%3A%2F%2Fwww.charmsoffice.com%2F&rl=&if=false&ts=1613140620654&sw=1600&sh=1200&v=2.9.33&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1613140620652.707336825&it=1613140620615&coo=false&rqm=GET

Requested by

Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:37:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 12 Feb 2021 14:37:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
449 B 42ms
15ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-129121132-1&cid=760233424.1613140621&jid=772247164&gjid=887525841&_gid=1660432304.1613140621&_u=YEBAAEAAAAAAAC~&z=523539723

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 12 Feb 2021 14:37:00 GMT
content-type: text/plain
access-control-allow-origin: https://www.charmsoffice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
505 B 49ms
29ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-129121132-1&cid=760233424.1613140621&jid=772247164&_u=YEBAAEAAAAAAAC~&z=1982437563

Requested by

Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 14:37:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 36ms
16ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-129121132-1&cid=760233424.1613140621&jid=772247164&_u=YEBAAEAAAAAAAC~&z=1982437563

Requested by

Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 14:37:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
303 B 16ms
16ms Image
image/gif 68.232.35.12
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=e4ee539fdeb74632c2a900598bf9fdd8&_biz_s=89672e&_biz_l=https%3A%2F%2Fwww.charmsoffice.com%2F&_biz_t=1613140620558&_biz_i=**Charms%20Office%20Assistant&_biz_n=0&rnd=644724&cdn_o=a&_biz_z=1613140620755
Requested by: Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.12 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B75) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 14:37:00 GMT
last-modified: Fri, 12 Feb 2021 01:58:28 GMT
server: ECS (amb/6B75)
age: 45513
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
202 B 17ms
16ms Image
image/gif 68.232.35.12
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizibly.com/u?_biz_u=e4ee539fdeb74632c2a900598bf9fdd8&_biz_s=89672e&_biz_l=https%3A%2F%2Fwww.charmsoffice.com%2F&_biz_t=1613140620759&_biz_i=**Charms%20Office%20Assistant&rnd=896326&cdn_o=a&_biz_z=1613140620759
Requested by: Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.12 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B97) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 14:37:00 GMT
last-modified: Fri, 12 Feb 2021 00:54:41 GMT
server: ECS (amb/6B97)
age: 49340
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 204 0
bat.bing.com/action/ 0
147 B 28ms
27ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=26056309&Ver=2&mid=73f04895-7a6b-451a-9b9f-28cf86d70e17&sid=c43d6b606d3f11eba806774d7438e789&vid=c43d8aa06d3f11ebb779ed8b813522a3&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=**Charms%20Office%20Assistant&p=https%3A%2F%2Fwww.charmsoffice.com%2F&r=&lt=560&evt=pageLoad&msclkid=N&sv=1&rn=643958
Requested by: Host: www.charmsoffice.com
URL: https://www.charmsoffice.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 12 Feb 2021 14:37:00 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: E564E0244D924D20A7101CC38A5E02FF Ref B: FRAEDGE1508 Ref C: 2021-02-12T14:37:00Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 79 B
516 B 123ms
123ms Script
text/javascript 68.232.35.12
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/xdc.js?_biz_u=e4ee539fdeb74632c2a900598bf9fdd8&_biz_h=-1906410348&cdn_o=a&jsVer=4.21.02.10
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.12 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBB) /
Resource Hash: f920491d697fadb52d78fdb399b4bab60ef9bb6f42b73daa90279a4a93ae63a2

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:36:59 GMT
content-encoding: gzip
server: ECS (amb/6BBB)
etag: B90ECD46
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: private, must-revalidate, max-age=21600
content-type: text/javascript; charset=utf-8
content-length: 183

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=460303487834094&ev=Microdata&dl=https%3A%2F%2Fwww.charmsoffice.com%2F&rl=&if=false&ts=1613140622157&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22**Charms%20Office%20Assistant%22%2C%22meta%3Adescription%22%3A%22Charms%20Office%20Assistant%20is%20the%20premiere%20management%2C%20financial%2C%20communication%20and%20assessment%20system%20used%20by%20successful%20programs%20everywhere.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1613140620652.707336825&it=1613140620615&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.charmsoffice.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 14:37:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 12 Feb 2021 14:37:02 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.charmsoffice.com/	1970-01-20 00:51:16	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.charmsoffice.com/	1970-01-19 16:29:04	Name: _uetvid Value: c43d8aa06d3f11ebb779ed8b813522a3
.charmsoffice.com/	1970-01-20 00:51:16	Name: _biz_pendingA Value: %5B%5D
.charmsoffice.com/	1970-01-19 16:07:07	Name: _uetsid Value: c43d6b606d3f11eba806774d7438e789
www.charmsoffice.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDAGBQSATD Value: GOIFJECDOGBMAOCADNPOFNDP
.charmsoffice.com/	1970-01-19 18:15:16	Name: _fbp Value: fb.1.1613140620652.707336825
.charmsoffice.com/	1970-01-19 16:48:52	Name: __cfduid Value: dd248e1353008a23f44acededb520d3c11613140620
.charmsoffice.com/	1970-01-20 09:36:52	Name: _ga Value: GA1.2.760233424.1613140621
.charmsoffice.com/	1970-01-20 00:51:16	Name: _biz_uid Value: e4ee539fdeb74632c2a900598bf9fdd8
.charmsoffice.com/	1970-01-19 16:05:40	Name: _gat_UA-129121132-1 Value: 1
.charmsoffice.com/	1970-01-19 16:07:07	Name: _gid Value: GA1.2.1660432304.1613140621
.charmsoffice.com/	1970-01-19 16:05:42	Name: _biz_sid Value: 89672e
.charmsoffice.com/	1970-01-20 00:51:16	Name: _biz_nA Value: 1
www.charmsoffice.com/	1970-01-19 16:05:42	Name: __cflb Value: 0H28uwYv9yte7yAfVDvVWnJqnrmFj5mU2gnn5kihtjo

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
cdn.bizible.com
cdn.bizibly.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
px.ads.linkedin.com
seal-dallas.bbb.org
snap.licdn.com
stats.g.doubleclick.net
www.charmsoffice.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
2606:4700::6811:9542
2620:119:50e4:101::6cae:b55
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::200e
2a00:1450:4001:809::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2003
2a00:1450:4001:827::2004
2a00:1450:4001:829::200a
2a00:1450:400c:c04::9a
2a02:26f0:10c:582::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.45.42.22
68.232.35.12
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1743b80176c7a9b725d2e472694b728ae510bbdae78ee5d33d58278221f552d9
2046a625ec054250edb0babf954e0a6ed0a7494c23cea0bcce264475bde1f170
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2f53e3541713071dadfe14691822df0dc954fb241465723d2047da4a291d5da4
3a5f3c7c89b3d4360a26621efb6cfb77a2028abbb6329042cf2efcb2c3de1b24
3bc8a1d241bb61ca831f8b3e053f90ecba337e409534bc350e4e7f45ce491cf4
412752ed1c97f0aef8acf02f8ced68186ecdf81b8182f11c981b1e3436748c52
4604cac63f9be42d4193708c3cf31ff5b65656e9186dbf64e42d6ad83559d609
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
4fd90a4ce6c5d02d52e7d52afc57fcddf96341584deda4bf5da0921a6a4c2cbf
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
6b6de0d4db7876d1183a3edb47ebd3bbbf93f153f5de1ba6645049348628109a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89f16bf99f532de8287ca188d057d6f45634a6dea90c204f6fcb0db85aee1ccc
93b936007132c4ab42a5a5a9d0aae790c1489be282a078f6d9c20b1eda94358c
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a26394f7ede100ca118eff2eda08596275a9839b959c226e15439557a5a80742
a41aa2a273b7bcd14f00e3eb6cda263e91401a9b39cd067b404c646b9be608ce
a46382eea9e2637769c9ccc7d038133427d8d63a66841f576a7ba8387d1d576c
adbc4f95eb6d7f2738959cf0ecbc374672fce47e856050a8e9791f457623ac2c
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
cae2014d473bb2c3b23c7f3e06295c1bc111280200e68b1eb293b832ff64553d
d1eb0c070fbeaf21b586648145597ea732a19252d563a032ca1a7e64c0a21a9d
d2c0d2a780da3ba7e6c0f00639e8923312b53a7fcbe6ad76b4ef9c1c48f40e3f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e01df00da8bd1e92f1192d82d20bac465dc8c9d869f746034adcf1c21abcea08
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
eee2832920de823a77ade71ddf71f135ef58d3d7aa14c2e48036e1faec3c2762
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f920491d697fadb52d78fdb399b4bab60ef9bb6f42b73daa90279a4a93ae63a2
f9dd0388cb2bebdd71ed0d150b8faedb528249df053251356416616d76faaa66

www.charmsoffice.com Open in urlscan Pro 2606:4700::6811:9542 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

88 %IPv6

16 Domains

17 Subdomains

15 IPs

5 Countries

2419 kBTransfer

3305 kBSize

14 Cookies

6 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.charmsoffice.com Open in urlscan Pro
2606:4700::6811:9542 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

88 %
IPv6

16
Domains

17
Subdomains

15
IPs

5
Countries

2419 kB
Transfer

3305 kB
Size

14
Cookies

44 HTTP transactions
0 data transactions