officestogo.com Open in urlscan Pro
2606:4700::6812:1d96 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://officestogocanada.com/
Effective URL:
https://officestogo.com/
Submission: On June 03 via api (June 3rd 2021, 1:23:29 pm UTC) from KR

Summary HTTP 23 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 23 HTTP transactions. The main IP is 2606:4700::6812:1d96, located in United States and belongs to CLOUDFLARENET, US. The main domain is officestogo.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 19th 2021. Valid for: a year.

This is the only time officestogo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	209.17.116.163 209.17.116.163	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
1 6	2606:4700::68... 2606:4700::6812:1c96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2606:4700::68... 2606:4700::6812:1d96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	3

1 209.17.116.163 (United States) 1 redirects

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)

officestogocanada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:1c96 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

officestogo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700::6812:1d96 (United States)

ASN13335 (CLOUDFLARENET, US)

officestogo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	officestogo.com 1 redirects officestogo.com	206 KB
1	officestogocanada.com 1 redirects officestogocanada.com	204 B
23	2

	Domain	Requested by
24	officestogo.com	1 redirects officestogo.com
1	officestogocanada.com	1 redirects
23	2

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
officestogo.com Cloudflare Inc ECC CA-3	`2021-05-19` - `2022-05-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://officestogo.com/
Frame ID: 019D06C26C1E4A445B48C4CE4CF9F486
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://officestogocanada.com/ HTTP 301
http://officestogo.com/ HTTP 301
https://officestogo.com/ Page URL
https://officestogo.com/ Page URL
https://officestogo.com/ Page URL
https://officestogo.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

23
Requests

100 %
HTTPS

67 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

205 kB
Transfer

332 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/5xx-error-landing/
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://officestogocanada.com/ HTTP 301
http://officestogo.com/ HTTP 301
https://officestogo.com/ Page URL
https://officestogo.com/ Page URL
https://officestogo.com/ Page URL
https://officestogo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://officestogocanada.com/ HTTP 301
http://officestogo.com/ HTTP 301
https://officestogo.com/

23 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

503

/ Show response
officestogo.com/
Redirect Chain

http://officestogocanada.com/
http://officestogo.com/
https://officestogo.com/

9 KB
10 KB

38ms
17ms

Document
text/html

2606:4700::6812:1c96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://officestogo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

096a2ae4a9503739db0c96d70b75e37de337a37b70dd0a02cb5363eefacbb86b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: officestogo.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 13:23:12 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id: 0a73a3dea300000609fb82a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 65993c110a5f0609-FRA

Redirect headers

Date: Thu, 03 Jun 2021 13:23:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 03 Jun 2021 14:23:12 GMT
Location: https://officestogo.com/
cf-request-id: 0a73a3de7900004e13d2909000000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 65993c10cb7c4e13-FRA

GET
H2 200 v1 Show response
officestogo.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 38 KB
14 KB 132ms
132ms Script
text/javascript 2606:4700::6812:1c96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://officestogo.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65993c110a5f0609
Requested by: Host: officestogo.com
URL: https://officestogo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 914e01c5f16ff1693de0351f276e390a05a33022ed564056c9024a4bf4ea275b

Request headers

:path: /cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65993c110a5f0609
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: officestogo.com
referer: https://officestogo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://officestogo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 13:23:12 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, must-revalidate
cf-ray: 65993c113b3e0609-FRA
cf-request-id: 0a73a3dec70000060901084000000001

GET
H2 200 transparent.gif
officestogo.com/cdn-cgi/images/trace/jschal/js/ 42 B
101 B 23ms
22ms Image
image/gif 2606:4700::6812:1c96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://officestogo.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=65993c110a5f0609

Requested by

Host: officestogo.com
URL: https://officestogo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/jschal/js/transparent.gif?ray=65993c110a5f0609
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: officestogo.com
referer: https://officestogo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://officestogo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 13:23:12 GMT
x-content-type-options: nosniff
last-modified: Fri, 28 May 2021 10:22:32 GMT
server: cloudflare
etag: "60b0c468-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 65993c113b430609-FRA
vary: Accept-Encoding
content-length: 42
expires: Thu, 03 Jun 2021 15:23:12 GMT

GET
H2 200 transparent.gif
officestogo.com/cdn-cgi/images/trace/jschal/nojs/ 42 B
220 B 9ms
8ms Image
image/gif 2606:4700::6812:1c96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://officestogo.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=65993c110a5f0609

Requested by

Host: officestogo.com
URL: https://officestogo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=65993c110a5f0609
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: officestogo.com
referer: https://officestogo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://officestogo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 13:23:12 GMT
x-content-type-options: nosniff
last-modified: Fri, 28 May 2021 10:22:32 GMT
server: cloudflare
etag: "60b0c468-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 65993c113b490609-FRA
vary: Accept-Encoding
content-length: 42
expires: Thu, 03 Jun 2021 15:23:12 GMT

POST
H2 200 97a3bfdd481bfe0 Show response
officestogo.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.9474963884865756:1622725512:0af42e834a3c9ffa60648ef07fb63c55f89176f56af93706747a7622f449e032/65993c110a5f0609/ 31 KB
24 KB 199ms
199ms XHR
text/plain 2606:4700::6812:1c96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://officestogo.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.9474963884865756:1622725512:0af42e834a3c9ffa60648ef07fb63c55f89176f56af93706747a7622f449e032/65993c110a5f0609/97a3bfdd481bfe0
Requested by: Host: officestogo.com
URL: https://officestogo.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65993c110a5f0609
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1c96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 388d65f89e91442ed4cca2240fbd8456d9aa7d86799823aed9cf6840739dbaf8

Request headers

sec-fetch-mode: cors
origin: https://officestogo.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: cf_chl_prog=e
content-length: 1918
:path: /cdn-cgi/challenge-platform/h/g/flow/ov1/0.9474963884865756:1622725512:0af42e834a3c9ffa60648ef07fb63c55f89176f56af93706747a7622f449e032/65993c110a5f0609/97a3bfdd481bfe0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: officestogo.com
referer: https://officestogo.com/
:scheme: https
sec-fetch-site: same-origin
cf-challenge: 97a3bfdd481bfe0
:method: POST
Referer: https://officestogo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge: 97a3bfdd481bfe0
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 03 Jun 2021 13:23:12 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
set-cookie: cf_chl_seq_97a3bfdd481bfe0=1d634249c090326;SameSite=Strict;Secure;HttpOnly
cf-ray: 65993c125e9c0609-FRA
cf-request-id: 0a73a3df7900000609440c7000000001

POST
H2 200 97a3bfdd481bfe0 Show response
officestogo.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.9474963884865756:1622725512:0af42e834a3c9ffa60648ef07fb63c55f89176f56af93706747a7622f449e032/65993c110a5f0609/ 2 KB
2 KB 275ms
259ms XHR
text/plain 2606:4700::6812:1d96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://officestogo.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.9474963884865756:1622725512:0af42e834a3c9ffa60648ef07fb63c55f89176f56af93706747a7622f449e032/65993c110a5f0609/97a3bfdd481bfe0
Requested by: Host: officestogo.com
URL: https://officestogo.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65993c110a5f0609
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d076efe373f59db54a1eea42b405e5b064dd87cf3a594768c1a8981bcec10a1d

Request headers

sec-fetch-mode: cors
origin: https://officestogo.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: cf_chl_seq_97a3bfdd481bfe0=1d634249c090326; cf_chl_prog=b0
content-length: 18047
:path: /cdn-cgi/challenge-platform/h/g/flow/ov1/0.9474963884865756:1622725512:0af42e834a3c9ffa60648ef07fb63c55f89176f56af93706747a7622f449e032/65993c110a5f0609/97a3bfdd481bfe0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: officestogo.com
referer: https://officestogo.com/
:scheme: https
sec-fetch-site: same-origin
cf-challenge: 97a3bfdd481bfe0
:method: POST
Referer: https://officestogo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge: 97a3bfdd481bfe0
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 03 Jun 2021 13:23:13 GMT
content-encoding: gzip
server: cloudflare
cf_chl_out: P+8kxeZd98DYCV2d/uMjO1IXJ1AXLl0B/9iJwoFP5UGRq80wi2dFHE3bqQNTs47NmOejiwap7bkieHHfdYrT2GI/s85LgICF5SSNaOtDatOm+dOtcjMBTtA5iQ/yNmnHcz6+xiUlNn5K88FrKmV45/Cy2Qsx2wf36DbrCjbgUj+fObzHLcwSeYsHgn+2rlfqUnueF1doDVBh+YOd8jQR98/N+S/tcKJX+KVSFv1CdoNwVDSsLrkfqRHszQHg1Gru$6hlXv2ynano92vbg9uC1Zg==
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain;charset=UTF-8
set-cookie: cf_chl_seq_97a3bfdd481bfe0=;Expires=Wed, 02 Jun 2021 13:23:13 GMT;SameSite=Strict;Secure;HttpOnly
cf-ray: 65993c177bbe4e9d-FRA
cf-request-id: 0a73a3e2ae00004e9d9d8d5000000001

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 503 / Show response
officestogo.com/ 9 KB
9 KB 19ms
19ms Document
text/html 2606:4700::6812:1d96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://officestogo.com/

Requested by

Host: officestogo.com
URL: https://officestogo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a354b8a8b6cded87381af2bae975915042109d88a5d4d63b103a4a0123d1ccc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: officestogo.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://officestogo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: cf_chl_prog=F10
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://officestogo.com/

Response headers

date: Thu, 03 Jun 2021 13:23:16 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id: 0a73a3eef500004e9dcd809000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 65993c2b1a334e9d-FRA

GET
H2 200 v1 Show response
officestogo.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 38 KB
14 KB 31ms
31ms Script
text/javascript 2606:4700::6812:1d96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://officestogo.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65993c2b1a334e9d
Requested by: Host: officestogo.com
URL: https://officestogo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 914e01c5f16ff1693de0351f276e390a05a33022ed564056c9024a4bf4ea275b

Request headers

:path: /cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65993c2b1a334e9d
pragma: no-cache
cookie: cf_chl_prog=F10
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: officestogo.com
referer: https://officestogo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://officestogo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 13:23:16 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, must-revalidate
cf-ray: 65993c2b4aa04e9d-FRA
cf-request-id: 0a73a3ef1200004e9d192cb000000001

GET
H2 200 transparent.gif
officestogo.com/cdn-cgi/images/trace/jschal/js/ 42 B
101 B 18ms
18ms Image
image/gif 2606:4700::6812:1d96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://officestogo.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=65993c2b1a334e9d

Requested by

Host: officestogo.com
URL: https://officestogo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/jschal/js/transparent.gif?ray=65993c2b1a334e9d
pragma: no-cache
cookie: cf_chl_prog=F10
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: officestogo.com
referer: https://officestogo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://officestogo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 13:23:16 GMT
x-content-type-options: nosniff
last-modified: Fri, 28 May 2021 10:22:32 GMT
server: cloudflare
etag: "60b0c468-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 65993c2b4aa34e9d-FRA
vary: Accept-Encoding
content-length: 42
expires: Thu, 03 Jun 2021 15:23:16 GMT

GET
H2 200 transparent.gif
officestogo.com/cdn-cgi/images/trace/jschal/nojs/ 42 B
220 B 17ms
17ms Image
image/gif 2606:4700::6812:1d96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://officestogo.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=65993c2b1a334e9d

Requested by

Host: officestogo.com
URL: https://officestogo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=65993c2b1a334e9d
pragma: no-cache
cookie: cf_chl_prog=F10
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: officestogo.com
referer: https://officestogo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://officestogo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 13:23:16 GMT
x-content-type-options: nosniff
last-modified: Fri, 28 May 2021 10:22:32 GMT
server: cloudflare
etag: "60b0c468-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 65993c2b4aa44e9d-FRA
vary: Accept-Encoding
content-length: 42
expires: Thu, 03 Jun 2021 15:23:16 GMT

POST
H2 200 aae1307f1ec1f7d Show response
officestogo.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.9474963884865756:1622725512:0af42e834a3c9ffa60648ef07fb63c55f89176f56af93706747a7622f449e032/65993c2b1a334e9d/ 35 KB
26 KB 403ms
402ms XHR
text/plain 2606:4700::6812:1d96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://officestogo.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.9474963884865756:1622725512:0af42e834a3c9ffa60648ef07fb63c55f89176f56af93706747a7622f449e032/65993c2b1a334e9d/aae1307f1ec1f7d
Requested by: Host: officestogo.com
URL: https://officestogo.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65993c2b1a334e9d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec4bd842726b342c811bc7a6ec69326f92cf42e32b08c439499c0a49d8f33d12

Request headers

sec-fetch-mode: cors
origin: https://officestogo.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: cf_chl_prog=e
content-length: 1944
:path: /cdn-cgi/challenge-platform/h/g/flow/ov1/0.9474963884865756:1622725512:0af42e834a3c9ffa60648ef07fb63c55f89176f56af93706747a7622f449e032/65993c2b1a334e9d/aae1307f1ec1f7d
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: officestogo.com
referer: https://officestogo.com/
:scheme: https
sec-fetch-site: same-origin
cf-challenge: aae1307f1ec1f7d
:method: POST
Referer: https://officestogo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge: aae1307f1ec1f7d
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 03 Jun 2021 13:23:16 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
set-cookie: cf_chl_seq_aae1307f1ec1f7d=25df39e0a3a6f73;SameSite=Strict;Secure;HttpOnly
cf-ray: 65993c2bbbeb4e9d-FRA
cf-request-id: 0a73a3ef5a00004e9d15178000000001

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 aae1307f1ec1f7d Show response
officestogo.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.9474963884865756:1622725512:0af42e834a3c9ffa60648ef07fb63c55f89176f56af93706747a7622f449e032/65993c2b1a334e9d/ 2 KB
2 KB 204ms
203ms XHR
text/plain 2606:4700::6812:1d96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://officestogo.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.9474963884865756:1622725512:0af42e834a3c9ffa60648ef07fb63c55f89176f56af93706747a7622f449e032/65993c2b1a334e9d/aae1307f1ec1f7d
Requested by: Host: officestogo.com
URL: https://officestogo.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65993c2b1a334e9d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b689239b082e5583267c8e9cffcb01001c994fcc908a2c41be35a226dd3a181

Request headers

sec-fetch-mode: cors
origin: https://officestogo.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: cf_chl_seq_aae1307f1ec1f7d=25df39e0a3a6f73; cf_chl_prog=a4
content-length: 18369
:path: /cdn-cgi/challenge-platform/h/g/flow/ov1/0.9474963884865756:1622725512:0af42e834a3c9ffa60648ef07fb63c55f89176f56af93706747a7622f449e032/65993c2b1a334e9d/aae1307f1ec1f7d
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: officestogo.com
referer: https://officestogo.com/
:scheme: https
sec-fetch-site: same-origin
cf-challenge: aae1307f1ec1f7d
:method: POST
Referer: https://officestogo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge: aae1307f1ec1f7d
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 03 Jun 2021 13:23:17 GMT
content-encoding: gzip
server: cloudflare
cf_chl_out: X60vnELMXGCiOPGwQw86K+LzrEFuZBb1SEQAZyT/OU1m8h3MhmjnL5CbiPX/t5egNJN6UEpjdQdcDmexRvZaE/fa8UovFDyn++Hloxnf+HIhKKJiSQP/QSGfdlVbo8IvQu4vl+EEgwtfDAjabK+Vj/o3u68DSFx3VYfEgaMYltO29NnLPGhna4/mrC9J/7wjqAbxo679IrOqqPab6EPYBz0K77OaruWEvCG1xtjzysxTdDFf5IXPsewlFlQaGB2d$UaV3QeV9XMF8bT8FlfN+ww==
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain;charset=UTF-8
set-cookie: cf_chl_seq_aae1307f1ec1f7d=;Expires=Wed, 02 Jun 2021 13:23:17 GMT;SameSite=Strict;Secure;HttpOnly
cf-ray: 65993c322e704e9d-FRA
cf-request-id: 0a73a3f35b00004e9d19358000000001

GET
H2 503 / Show response
officestogo.com/ 9 KB
9 KB 14ms
13ms Document
text/html 2606:4700::6812:1d96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://officestogo.com/

Requested by

Host: officestogo.com
URL: https://officestogo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bbc6e0b3ee445c05629221979121df1d081055eb3c057e84854f43e6e21dbe9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: officestogo.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://officestogo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: cf_chl_prog=F10
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://officestogo.com/

Response headers

date: Thu, 03 Jun 2021 13:23:20 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id: 0a73a3fed800004e9d068b1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 65993c448a514e9d-FRA

GET
H2 200 v1 Show response
officestogo.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 39 KB
14 KB 31ms
30ms Script
text/javascript 2606:4700::6812:1d96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://officestogo.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65993c448a514e9d
Requested by: Host: officestogo.com
URL: https://officestogo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02043f5666bafd4e298685a283c1f1fcb86057253f142da7920c7cadb5decd94

Request headers

:path: /cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65993c448a514e9d
pragma: no-cache
cookie: cf_chl_prog=F10
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: officestogo.com
referer: https://officestogo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://officestogo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 13:23:20 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, must-revalidate
cf-ray: 65993c44aae54e9d-FRA
cf-request-id: 0a73a3feee00004e9ddcb43000000001

GET
H2 200 transparent.gif
officestogo.com/cdn-cgi/images/trace/jschal/js/ 42 B
124 B 9ms
8ms Image
image/gif 2606:4700::6812:1d96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://officestogo.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=65993c448a514e9d

Requested by

Host: officestogo.com
URL: https://officestogo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/jschal/js/transparent.gif?ray=65993c448a514e9d
pragma: no-cache
cookie: cf_chl_prog=F10
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: officestogo.com
referer: https://officestogo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://officestogo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 13:23:20 GMT
x-content-type-options: nosniff
last-modified: Fri, 28 May 2021 10:22:32 GMT
server: cloudflare
etag: "60b0c468-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 65993c44bae84e9d-FRA
vary: Accept-Encoding
content-length: 42
expires: Thu, 03 Jun 2021 15:23:20 GMT

GET
H2 200 transparent.gif
officestogo.com/cdn-cgi/images/trace/jschal/nojs/ 42 B
101 B 9ms
8ms Image
image/gif 2606:4700::6812:1d96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://officestogo.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=65993c448a514e9d

Requested by

Host: officestogo.com
URL: https://officestogo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=65993c448a514e9d
pragma: no-cache
cookie: cf_chl_prog=F10
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: officestogo.com
referer: https://officestogo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://officestogo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 13:23:20 GMT
x-content-type-options: nosniff
last-modified: Fri, 28 May 2021 10:22:32 GMT
server: cloudflare
etag: "60b0c468-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 65993c44baea4e9d-FRA
vary: Accept-Encoding
content-length: 42
expires: Thu, 03 Jun 2021 15:23:20 GMT

POST
H2 200 ca0cd850eaf6b0d Show response
officestogo.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.9637410073919268:1622725524:8f3058dfe9e80954c9176ed4ae55e943d520903d80e5545625a4fc44951368e5/65993c448a514e9d/ 43 KB
33 KB 182ms
182ms XHR
text/plain 2606:4700::6812:1d96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://officestogo.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.9637410073919268:1622725524:8f3058dfe9e80954c9176ed4ae55e943d520903d80e5545625a4fc44951368e5/65993c448a514e9d/ca0cd850eaf6b0d
Requested by: Host: officestogo.com
URL: https://officestogo.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65993c448a514e9d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 904ae9d0dbc3ceae9779214ebc7c953a75ad5f7e245b6bd86e5d8e240a6249a6

Request headers

sec-fetch-mode: cors
origin: https://officestogo.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: cf_chl_prog=e
content-length: 1903
:path: /cdn-cgi/challenge-platform/h/g/flow/ov1/0.9637410073919268:1622725524:8f3058dfe9e80954c9176ed4ae55e943d520903d80e5545625a4fc44951368e5/65993c448a514e9d/ca0cd850eaf6b0d
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: officestogo.com
referer: https://officestogo.com/
:scheme: https
sec-fetch-site: same-origin
cf-challenge: ca0cd850eaf6b0d
:method: POST
Referer: https://officestogo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge: ca0cd850eaf6b0d
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 03 Jun 2021 13:23:20 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
set-cookie: cf_chl_seq_ca0cd850eaf6b0d=491fa177ab165fb;SameSite=Strict;Secure;HttpOnly
cf-ray: 65993c452c254e9d-FRA
cf-request-id: 0a73a3ff3b00004e9d8d059000000001

GET
DATA 200
OK truncated
/ 232 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58163a8d4a044c60ad6b12f207c06a2d2ab5821ac0da88ec337dd9cf8fa6287e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 ca0cd850eaf6b0d Show response
officestogo.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.9637410073919268:1622725524:8f3058dfe9e80954c9176ed4ae55e943d520903d80e5545625a4fc44951368e5/65993c448a514e9d/ 2 KB
2 KB 212ms
212ms XHR
text/plain 2606:4700::6812:1d96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://officestogo.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.9637410073919268:1622725524:8f3058dfe9e80954c9176ed4ae55e943d520903d80e5545625a4fc44951368e5/65993c448a514e9d/ca0cd850eaf6b0d
Requested by: Host: officestogo.com
URL: https://officestogo.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65993c448a514e9d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a7710389aa6e5c6419028abd67bb398ed6822d0bd1867e82884b40685423969

Request headers

sec-fetch-mode: cors
origin: https://officestogo.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: cf_chl_seq_ca0cd850eaf6b0d=491fa177ab165fb; cf_chl_prog=a3
content-length: 17956
:path: /cdn-cgi/challenge-platform/h/g/flow/ov1/0.9637410073919268:1622725524:8f3058dfe9e80954c9176ed4ae55e943d520903d80e5545625a4fc44951368e5/65993c448a514e9d/ca0cd850eaf6b0d
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: officestogo.com
referer: https://officestogo.com/
:scheme: https
sec-fetch-site: same-origin
cf-challenge: ca0cd850eaf6b0d
:method: POST
Referer: https://officestogo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge: ca0cd850eaf6b0d
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 03 Jun 2021 13:23:21 GMT
content-encoding: gzip
server: cloudflare
cf_chl_out: +i9eZe9i35tYmZOfgwopDm6xHA3fWkRIJGCgUaU8peH+sO/9p5t8uFedoJXxBiyxg7p4NLmbyl8PnxWYZtssPqfAuJQ2/BC0DJhtZMDxahl2ZQJjcFfjm2S2VKXVxki/qQJTZal/8iVhf37Wc7ebLZ16UDhXgYzGdYj4cdQr2orj4/x2y7SIh1G4GCDiXpw94IxqrfrhfsBtf1buk/BP7zPH9H3I8UcCeLEiLekf0Vqlj/Zzj/mi9rDLyaVhdkH0$EADiJ4Hmz2rTRknbbtuCBQ==
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain;charset=UTF-8
set-cookie: cf_chl_seq_ca0cd850eaf6b0d=;Expires=Wed, 02 Jun 2021 13:23:21 GMT;SameSite=Strict;Secure;HttpOnly
cf-ray: 65993c49d8254e9d-FRA
cf-request-id: 0a73a4022b00004e9d8708b000000001

GET
H2 503 Primary Request / Show response
officestogo.com/ 9 KB
9 KB 15ms
14ms Document
text/html 2606:4700::6812:1d96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://officestogo.com/

Requested by

Host: officestogo.com
URL: https://officestogo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4ee31a89b8b39ed81cfcf509799219a0fb8196ea528a5f9b1f8cb3d6bff51a0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: officestogo.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://officestogo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: cf_chl_prog=F10
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://officestogo.com/

Response headers

date: Thu, 03 Jun 2021 13:23:24 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id: 0a73a40ebb00004e9dbe192000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 65993c5dffd74e9d-FRA

GET
H2 200 v1 Show response
officestogo.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 35 KB
13 KB 30ms
29ms Script
text/javascript 2606:4700::6812:1d96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://officestogo.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65993c5dffd74e9d
Requested by: Host: officestogo.com
URL: https://officestogo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94aeb22ccb1a2bf06c402e342701e0d7746fbb68aae9e83eda154724e1093f0e

Request headers

:path: /cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65993c5dffd74e9d
pragma: no-cache
cookie: cf_chl_prog=F10
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: officestogo.com
referer: https://officestogo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://officestogo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 13:23:24 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, must-revalidate
cf-ray: 65993c5e18354e9d-FRA
cf-request-id: 0a73a40ed500004e9ddc90f000000001

GET
H2 200 transparent.gif
officestogo.com/cdn-cgi/images/trace/jschal/js/ 42 B
220 B 12ms
12ms Image
image/gif 2606:4700::6812:1d96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://officestogo.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=65993c5dffd74e9d

Requested by

Host: officestogo.com
URL: https://officestogo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/jschal/js/transparent.gif?ray=65993c5dffd74e9d
pragma: no-cache
cookie: cf_chl_prog=F10
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: officestogo.com
referer: https://officestogo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://officestogo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 13:23:24 GMT
x-content-type-options: nosniff
last-modified: Fri, 28 May 2021 10:22:32 GMT
server: cloudflare
etag: "60b0c468-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 65993c5e18464e9d-FRA
vary: Accept-Encoding
content-length: 42
expires: Thu, 03 Jun 2021 15:23:24 GMT

GET
H2 200 transparent.gif
officestogo.com/cdn-cgi/images/trace/jschal/nojs/ 42 B
101 B 12ms
11ms Image
image/gif 2606:4700::6812:1d96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://officestogo.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=65993c5dffd74e9d

Requested by

Host: officestogo.com
URL: https://officestogo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=65993c5dffd74e9d
pragma: no-cache
cookie: cf_chl_prog=F10
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: officestogo.com
referer: https://officestogo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://officestogo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 13:23:24 GMT
x-content-type-options: nosniff
last-modified: Fri, 28 May 2021 10:22:32 GMT
server: cloudflare
etag: "60b0c468-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 65993c5e28484e9d-FRA
vary: Accept-Encoding
content-length: 42
expires: Thu, 03 Jun 2021 15:23:24 GMT

POST
H2 200 bc0f21bc20f0ab7
officestogo.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.3708646235688415:1622725520:1b8adf4f815fca209c61870f4ff741b3eaefe08a50ed3ea7e4f0e1a78b76c314/65993c5dffd74e9d/ 32 KB
24 KB 296ms
296ms XHR
text/plain 2606:4700::6812:1d96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://officestogo.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.3708646235688415:1622725520:1b8adf4f815fca209c61870f4ff741b3eaefe08a50ed3ea7e4f0e1a78b76c314/65993c5dffd74e9d/bc0f21bc20f0ab7
Requested by: Host: officestogo.com
URL: https://officestogo.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=65993c5dffd74e9d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-fetch-mode: cors
origin: https://officestogo.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: cf_chl_prog=e
content-length: 1901
:path: /cdn-cgi/challenge-platform/h/g/flow/ov1/0.3708646235688415:1622725520:1b8adf4f815fca209c61870f4ff741b3eaefe08a50ed3ea7e4f0e1a78b76c314/65993c5dffd74e9d/bc0f21bc20f0ab7
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: officestogo.com
referer: https://officestogo.com/
:scheme: https
sec-fetch-site: same-origin
cf-challenge: bc0f21bc20f0ab7
:method: POST
Referer: https://officestogo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
CF-Challenge: bc0f21bc20f0ab7
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 03 Jun 2021 13:23:24 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
set-cookie: cf_chl_seq_bc0f21bc20f0ab7=b14c39c048f8001;SameSite=Strict;Secure;HttpOnly
cf-ray: 65993c5e896b4e9d-FRA
cf-request-id: 0a73a40f1700004e9d92bfd000000001

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			officestogo.com/	1970-01-19 18:45:30	Name: cf_chl_prog Value: e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

officestogo.com
officestogocanada.com
209.17.116.163
2606:4700::6812:1c96
2606:4700::6812:1d96
02043f5666bafd4e298685a283c1f1fcb86057253f142da7920c7cadb5decd94
096a2ae4a9503739db0c96d70b75e37de337a37b70dd0a02cb5363eefacbb86b
2b689239b082e5583267c8e9cffcb01001c994fcc908a2c41be35a226dd3a181
388d65f89e91442ed4cca2240fbd8456d9aa7d86799823aed9cf6840739dbaf8
3a354b8a8b6cded87381af2bae975915042109d88a5d4d63b103a4a0123d1ccc
3bbc6e0b3ee445c05629221979121df1d081055eb3c057e84854f43e6e21dbe9
58163a8d4a044c60ad6b12f207c06a2d2ab5821ac0da88ec337dd9cf8fa6287e
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6a7710389aa6e5c6419028abd67bb398ed6822d0bd1867e82884b40685423969
904ae9d0dbc3ceae9779214ebc7c953a75ad5f7e245b6bd86e5d8e240a6249a6
914e01c5f16ff1693de0351f276e390a05a33022ed564056c9024a4bf4ea275b
94aeb22ccb1a2bf06c402e342701e0d7746fbb68aae9e83eda154724e1093f0e
d076efe373f59db54a1eea42b405e5b064dd87cf3a594768c1a8981bcec10a1d
d4ee31a89b8b39ed81cfcf509799219a0fb8196ea528a5f9b1f8cb3d6bff51a0
ec4bd842726b342c811bc7a6ec69326f92cf42e32b08c439499c0a49d8f33d12
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

officestogo.com Open in urlscan Pro 2606:4700::6812:1d96 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

67 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

205 kBTransfer

332 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

officestogo.com Open in urlscan Pro
2606:4700::6812:1d96 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

67 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

205 kB
Transfer

332 kB
Size

1
Cookies

23 HTTP transactions
3 data transactions