www.officeworld.com Open in urlscan Pro
2606:4700:3108::ac42:2b59 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://officeworld.com/
Effective URL:
https://www.officeworld.com/
Submission: On August 31 via manual (August 31st 2022, 4:41:48 pm UTC) from US — Scanned from DE

Summary HTTP 74 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 12 domains to perform 74 HTTP transactions. The main IP is 2606:4700:3108::ac42:2b59, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.officeworld.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 19th 2022. Valid for: a year.

This is the only time www.officeworld.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:310... 2606:4700:3108::ac42:28a7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2606:4700:310... 2606:4700:3108::ac42:2b59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
26	2606:4700:10:... 2606:4700:10::6816:1883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:27::... 2620:1ec:27::cafe:1759	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	52.167.85.21 52.167.85.21	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:10:... 2606:4700:10::ac43:2642	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
74	16

1 2606:4700:3108::ac42:28a7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

officeworld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:3108::ac42:2b59 (United States)

ASN13335 (CLOUDFLARENET, US)

www.officeworld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
store.officeworld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1759 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.167.85.21 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

i.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:2642 (United States)

ASN13335 (CLOUDFLARENET, US)

va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	tawk.to embed.tawk.to — Cisco Umbrella Rank: 8812 va.tawk.to — Cisco Umbrella Rank: 8433	217 KB
22	officeworld.com 1 redirects officeworld.com www.officeworld.com store.officeworld.com	296 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 527 c.clarity.ms — Cisco Umbrella Rank: 955 i.clarity.ms — Cisco Umbrella Rank: 5224	26 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 354 c.bing.com — Cisco Umbrella Rank: 213	13 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6487	763 B
3	google.com www.google.com — Cisco Umbrella Rank: 2	763 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 85 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 66	131 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 384	53 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 132	16 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 279	86 KB
74	12

	Domain	Requested by
22	embed.tawk.to	www.officeworld.com embed.tawk.to
12	store.officeworld.com	www.officeworld.com store.officeworld.com
9	www.officeworld.com	www.officeworld.com
5	va.tawk.to	embed.tawk.to
3	i.clarity.ms	www.clarity.ms
3	www.google.de	www.officeworld.com
3	www.google.com	www.officeworld.com
3	bat.bing.com	www.officeworld.com bat.bing.com
3	www.googletagmanager.com	www.officeworld.com www.googletagmanager.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	googleads.g.doubleclick.net	www.googleadservices.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	cdn.jsdelivr.net	embed.tawk.to
1	c.bing.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googleadservices.com	www.googletagmanager.com
1	ajax.googleapis.com	www.officeworld.com
1	officeworld.com	1 redirects
74	19

This site contains no links.

Subject Issuer	Validity	Valid
officeworld.com Cloudflare Inc ECC CA-3	`2022-03-19` - `2023-03-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-28` - `2023-05-28`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-21` - `2023-04-22`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.officeworld.com/
Frame ID: F6A41528E99EF7529AD561E97E73DCC6
Requests: 63 HTTP requests in this frame

Frame: https://www.officeworld.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661961600
Frame ID: C498DF3D239FC2EFCDFC45E692A1D42E
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/630c16bea60/css/min-widget.css
Frame ID: 6F3DC76C3CEF494A214AA082B0EB84E6
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/630c16bea60/css/message-preview.css
Frame ID: 2C98DF030C7362B3F82EDDD06C478EBB
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/630c16bea60/css/bubble-widget.css
Frame ID: 88AEE8C1DACD0171BB1DBCD23A2A10FD
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/630c16bea60/css/max-widget.css
Frame ID: 27D5B5B67D9B07D5E7D29FC9F5255B6C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OfficeWorld.com - Office Supplies & Business Products!

Page URL History Show full URLs

http://officeworld.com/ HTTP 301
https://www.officeworld.com/ Page URL

Detected technologies

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

74
Requests

99 %
HTTPS

82 %
IPv6

12
Domains

19
Subdomains

16
IPs

4
Countries

862 kB
Transfer

2100 kB
Size

20
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://officeworld.com/ HTTP 301
https://www.officeworld.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=1CDC8C5EEE0A430BB2E2A26A0B1041FF&RedC=c.clarity.ms&MXFR=251150592E73629D235B42482A736C99 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=1CDC8C5EEE0A430BB2E2A26A0B1041FF&MUID=0D1EB14D8E6B68D901D5A35C8F006913

74 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.officeworld.com/
Redirect Chain

http://officeworld.com/
https://www.officeworld.com/

20 KB
6 KB

499ms
342ms

Document
text/html

2606:4700:3108::ac42:2b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officeworld.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4344a8c8264fd8e6d1a2a1e81fb9bc61b8b12af844ac65854b64195e1c34066d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache
cf-cache-status: DYNAMIC
cf-railgun: direct (starting new WAN connection)
cf-ray: 74373716cb1b23df-ZRH
content-encoding: gzip
content-type: text/html; charset=iso-8859-1
date: Wed, 31 Aug 2022 16:41:42 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
x-mod-pagespeed: 1.11.33.4-0

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 74373714aa792397-ZRH
Cf-Railgun: direct (starting new WAN connection)
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 31 Aug 2022 16:41:42 GMT
Location: https://www.officeworld.com/
Server: cloudflare
Transfer-Encoding: chunked

GET
H2 200 jsLogErrors.js Show response
store.officeworld.com/js/ 679 B
463 B 230ms
189ms Script
application/x-javascript 2606:4700:3108::ac42:2b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://store.officeworld.com/js/jsLogErrors.js
Requested by: Host: www.officeworld.com
URL: https://www.officeworld.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1fcf02ac27677f0183addc03bd8dbb3babcc67551e6c3b8accf70ce34b916d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Mar 2013 18:30:16 GMT
server: cloudflare
etag: W/"6c139ad0611bce1:d91"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Wed, 31 Aug 2022 16:42:57 GMT
cache-control: max-age=86400
cf-polished: origSize=803
cf-ray: 743737193f4823df-ZRH
cf-bgj: minify

GET
H2 200 styleOfficeWorld.css
store.officeworld.com/css/ 31 KB
6 KB 208ms
168ms Stylesheet
text/css 2606:4700:3108::ac42:2b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://store.officeworld.com/css/styleOfficeWorld.css?v22-033.00
Requested by: Host: www.officeworld.com
URL: https://www.officeworld.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4067c60b2fadd4a0511746caf96f54495101033f5dee4d29d4b468bc5fe9a56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 02 Feb 2022 03:18:26 GMT
server: cloudflare
etag: W/"9859178be317d81:d91"
vary: Accept-Encoding
content-type: text/css
expires: Wed, 31 Aug 2022 16:42:57 GMT
cache-control: max-age=86400
cf-polished: origSize=41958
cf-ray: 743737193f4523df-ZRH
cf-bgj: minify

GET
H2 200 globalDat.js Show response
store.officeworld.com/js/ 29 KB
14 KB 213ms
174ms Script
application/x-javascript 2606:4700:3108::ac42:2b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://store.officeworld.com/js/globalDat.js
Requested by: Host: www.officeworld.com
URL: https://www.officeworld.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e46ca2c164e36144495041be9c33a6e484df37466a58fd7d0c78f53a8f5b7e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 27 Aug 2022 06:37:30 GMT
server: cloudflare
etag: W/"f4f3f7bdfb9d81:d91"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Wed, 31 Aug 2022 16:42:57 GMT
cache-control: max-age=86400
cf-polished: origSize=31070
cf-ray: 743737193f4a23df-ZRH
cf-bgj: minify

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
86 KB 56ms
16ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: www.officeworld.com
URL: https://www.officeworld.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:39:04 GMT
x-content-type-options: nosniff
age: 158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86927
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 16:39:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 67ms
28ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-856549-1

Requested by

Host: www.officeworld.com
URL: https://www.officeworld.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

899952934b3dda044cc05a1e73bf7d4e054ebf0654c26b6cb927cf876146ac21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41905
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 16:06:15 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 31 Aug 2022 16:41:42 GMT

GET
H2 200 home.js Show response
store.officeworld.com/js/ 1 KB
571 B 229ms
190ms Script
application/x-javascript 2606:4700:3108::ac42:2b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://store.officeworld.com/js/home.js
Requested by: Host: www.officeworld.com
URL: https://www.officeworld.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6aaa0d3dccd348600d383c0abede2e676ca453eacc51b5b22cf454a6240875e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 May 2010 20:30:14 GMT
server: cloudflare
etag: W/"a9b3b6ee5aedca1:d91"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Wed, 31 Aug 2022 17:10:53 GMT
cache-control: max-age=86400
cf-polished: origSize=1331
cf-ray: 743737193f4e23df-ZRH
cf-bgj: minify

GET
H2 200 special.js Show response
store.officeworld.com/js/ 936 B
671 B 207ms
169ms Script
application/x-javascript 2606:4700:3108::ac42:2b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://store.officeworld.com/js/special.js
Requested by: Host: www.officeworld.com
URL: https://www.officeworld.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22bce9bb2783b71ed2e1535aa4796c513cad7f8bcb23fd3ae3f02b05166fc64f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 14 Jun 2012 05:25:06 GMT
server: cloudflare
etag: W/"9c1120fee49cd1:d91"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Wed, 31 Aug 2022 17:10:53 GMT
cache-control: max-age=86400
cf-polished: origSize=1114
cf-ray: 743737193f4623df-ZRH
cf-bgj: minify

GET
H2 200 globalFx.js Show response
store.officeworld.com/js/ 27 KB
8 KB 209ms
172ms Script
application/x-javascript 2606:4700:3108::ac42:2b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://store.officeworld.com/js/globalFx.js?v22-033.00
Requested by: Host: www.officeworld.com
URL: https://www.officeworld.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 952a174b8b59664315da74c597df0135821a8e45c2739cef46de2a6fc3a4bc0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 02 Feb 2022 03:18:26 GMT
server: cloudflare
etag: W/"541e1c8be317d81:d91"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Wed, 31 Aug 2022 16:42:57 GMT
cache-control: max-age=86400
cf-polished: origSize=34717
cf-ray: 743737193f4723df-ZRH
cf-bgj: minify

GET
H2 200 logo02.gif
store.officeworld.com/images/ 2 KB
2 KB 36ms
35ms Image
image/gif 2606:4700:3108::ac42:2b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.officeworld.com/images/logo02.gif
Requested by: Host: www.officeworld.com
URL: https://www.officeworld.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76ae8b5550398fbbb1d5e945dd5a00540d22ffc466ca68dbd4d0eab2e5d61b52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:42 GMT
cf-cache-status: HIT
last-modified: Tue, 12 Jan 2010 22:15:19 GMT
server: cloudflare
age: 35189
etag: "66f8e7b9d493ca1:d91"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7437371a798d23df-ZRH
content-length: 2215
expires: Wed, 31 Aug 2022 09:46:33 GMT

GET
H2 200 tagline02.gif
store.officeworld.com/images/ 671 B
773 B 36ms
34ms Image
image/gif 2606:4700:3108::ac42:2b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.officeworld.com/images/tagline02.gif
Requested by: Host: www.officeworld.com
URL: https://www.officeworld.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05aa085621a9838ad24a13715fe42afd3b12b7c99eec10414050a68d0cc9cb81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:42 GMT
cf-cache-status: HIT
last-modified: Tue, 12 Jan 2010 22:15:19 GMT
server: cloudflare
age: 35189
etag: "6cabbab9d493ca1:d91"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7437371a99b023df-ZRH
content-length: 671
expires: Wed, 31 Aug 2022 11:57:00 GMT

GET
H2 200 acco_stackshred_728-90.gif
www.officeworld.com/images/promos/ 34 KB
34 KB 59ms
57ms Image
image/gif 2606:4700:3108::ac42:2b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officeworld.com/images/promos/acco_stackshred_728-90.gif
Requested by: Host: www.officeworld.com
URL: https://www.officeworld.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b21a6ce2a88aa79c4150ede4e0651d9ede5d17d1e04e39ea17cfdd19e39ed90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:42 GMT
cf-cache-status: HIT
last-modified: Wed, 02 Dec 2015 18:10:48 GMT
server: cloudflare
age: 35189
etag: "884d-525ee31975a00"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7437371a99b523df-ZRH
content-length: 34893
expires: Wed, 31 Aug 2022 16:38:03 GMT

GET
H2 200 space.gif
store.officeworld.com/images/ 43 B
168 B 58ms
57ms Image
image/gif 2606:4700:3108::ac42:2b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.officeworld.com/images/space.gif
Requested by: Host: www.officeworld.com
URL: https://www.officeworld.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a8c56807e23e802956a017cb38e8d9ac19efc4db43023c2f1af2c09f4689d4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:42 GMT
cf-cache-status: HIT
last-modified: Thu, 03 Apr 1997 18:56:12 GMT
server: cloudflare
age: 35189
etag: "0aec7b26040bc1:d91"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7437371a99b723df-ZRH
content-length: 43
expires: Wed, 31 Aug 2022 10:43:57 GMT

GET
H2 200 acco_nflstaplers_120-600.gif
www.officeworld.com/images/promos/ 60 KB
60 KB 58ms
57ms Image
image/gif 2606:4700:3108::ac42:2b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officeworld.com/images/promos/acco_nflstaplers_120-600.gif
Requested by: Host: www.officeworld.com
URL: https://www.officeworld.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adb434b4300c967610fbe4cfce990b87251c1344f37af9cdbded3e1fae79b1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:42 GMT
cf-cache-status: HIT
last-modified: Wed, 02 Dec 2015 18:10:48 GMT
server: cloudflare
age: 35189
etag: "eea7-525ee31975a00"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7437371a99ba23df-ZRH
content-length: 61095
expires: Wed, 31 Aug 2022 16:25:57 GMT

GET
H2 200 comodo_ssl.png
www.officeworld.com/images/ 9 KB
9 KB 155ms
154ms Image
image/png 2606:4700:3108::ac42:2b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officeworld.com/images/comodo_ssl.png
Requested by: Host: www.officeworld.com
URL: https://www.officeworld.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24c94b4ab339a9c7c23474bcef3443422d2b99b5d8d2d7d3911296c3ffef4cf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:42 GMT
cf-cache-status: HIT
last-modified: Fri, 28 May 2021 16:10:03 GMT
server: cloudflare
etag: "2411-5c3661bbd2ed8"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7437371a99bc23df-ZRH
content-length: 9233

GET
H2 200 hpmedallion_sm.gif
www.officeworld.com/images/seals/ 92 KB
92 KB 35ms
34ms Image
image/gif 2606:4700:3108::ac42:2b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officeworld.com/images/seals/hpmedallion_sm.gif
Requested by: Host: www.officeworld.com
URL: https://www.officeworld.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28e9be9f6dcbc05e882085e33dd431b3e2c657b4cfc8d5ca71ca1d4f70af4989

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:42 GMT
cf-cache-status: HIT
last-modified: Wed, 18 Oct 2017 23:10:02 GMT
server: cloudflare
age: 35189
etag: "16eed-55bda56e13840"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7437371a99be23df-ZRH
content-length: 93933
expires: Wed, 31 Aug 2022 15:11:22 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 91ms
44ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.officeworld.com
URL: https://www.officeworld.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

12dd3e968ced8f01649560da4cf975edff617d25ba4585dda428377529220da0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C16B5B217A4C4FE196B6E5671E199E72 Ref B: FRAEDGE1410 Ref C: 2022-08-31T16:41:42Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Wed, 31 Aug 2022 16:41:41 GMT
accept-ranges: bytes
content-length: 11367

GET
H2 200 header_bg.gif
store.officeworld.com/images/ 5 KB
5 KB 48ms
47ms Image
image/gif 2606:4700:3108::ac42:2b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.officeworld.com/images/header_bg.gif
Requested by: Host: store.officeworld.com
URL: https://store.officeworld.com/css/styleOfficeWorld.css?v22-033.00
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f75d993d831c74d08f2f6942b26dfedcfb0401e23ed8fe71ae5799ccd19236d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://store.officeworld.com/css/styleOfficeWorld.css?v22-033.00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:42 GMT
cf-cache-status: HIT
last-modified: Thu, 10 Dec 2009 21:33:22 GMT
server: cloudflare
age: 35189
etag: "51dbe665e079ca1:d91"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7437371aa9d223df-ZRH
content-length: 4796
expires: Wed, 31 Aug 2022 08:47:41 GMT

GET
H2 200 sprites-main.png
store.officeworld.com/images/ 2 KB
2 KB 48ms
47ms Image
image/png 2606:4700:3108::ac42:2b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.officeworld.com/images/sprites-main.png
Requested by: Host: store.officeworld.com
URL: https://store.officeworld.com/css/styleOfficeWorld.css?v22-033.00
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 127b0ac3f419cc300ba125cb0c20969511101cda834980b1fc6d53a6a26c0b98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://store.officeworld.com/css/styleOfficeWorld.css?v22-033.00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:42 GMT
cf-cache-status: HIT
last-modified: Fri, 19 Mar 2010 04:00:34 GMT
server: cloudflare
age: 35189
etag: "83f497b918c7ca1:d91"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7437371aa9d423df-ZRH
content-length: 2037
expires: Wed, 31 Aug 2022 08:47:41 GMT

GET
H2 200 sprites-carts.2.png
store.officeworld.com/images/ 28 KB
28 KB 47ms
47ms Image
image/png 2606:4700:3108::ac42:2b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.officeworld.com/images/sprites-carts.2.png
Requested by: Host: store.officeworld.com
URL: https://store.officeworld.com/css/styleOfficeWorld.css?v22-033.00
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6913534276926ad695ea90fa8732db3b36b9160f1c55074822c80c9e8d0e7f8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://store.officeworld.com/css/styleOfficeWorld.css?v22-033.00
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:42 GMT
cf-cache-status: HIT
last-modified: Thu, 01 Jul 2010 23:35:18 GMT
server: cloudflare
age: 35189
etag: "7b481107619cb1:d91"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7437371aa9d523df-ZRH
content-length: 28220
expires: Wed, 31 Aug 2022 09:46:33 GMT

GET
H2 200 tab_bg.gif
www.officeworld.com/images/ 579 B
704 B 46ms
46ms Image
image/gif 2606:4700:3108::ac42:2b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.officeworld.com/images/tab_bg.gif
Requested by: Host: www.officeworld.com
URL: https://www.officeworld.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 280cb7276c66189874254460488ce395fa0f5d967156cc9caad52c5cd1360159

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:42 GMT
cf-cache-status: HIT
last-modified: Mon, 03 Nov 2008 17:54:49 GMT
server: cloudflare
age: 35189
etag: "243-45acca4a5cc40"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7437371aca0a23df-ZRH
content-length: 579
expires: Wed, 31 Aug 2022 15:47:43 GMT

GET
H2 200 default Show response
embed.tawk.to/58b9de6941acfb239f858658/ 2 KB
945 B 572ms
519ms Script
application/x-javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/58b9de6941acfb239f858658/default

Requested by

Host: www.officeworld.com
URL: https://www.officeworld.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d9eda2a9d4a296e8cc89cb29a17ae76459b18e8b29f92af8a0a0453655e46f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.officeworld.com/
Origin: https://www.officeworld.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
server: cloudflare
etag: W/"stable-v4-630c16bea60"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 7437371b2aa601e7-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 invisible.js Show response
www.officeworld.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame C498 42 KB
17 KB 37ms
37ms Script
application/javascript 2606:4700:3108::ac42:2b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officeworld.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661961600
Requested by: Host: www.officeworld.com
URL: https://www.officeworld.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80c3504b8f889c0c8daf82ebc4047061bd265f12d1e868daa19cb88c0eb468e2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:42 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7437371afa6423df-ZRH

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 69ms
15ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-856549-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5745
date: Wed, 31 Aug 2022 15:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 31 Aug 2022 17:05:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1072715408&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-856549-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f3950c0aeb73f3c00c95c0f37c8765c8e88ec9b39df8c34b117cc92db8efbbe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46002
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 16:06:15 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 31 Aug 2022 16:41:42 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1072715408&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-856549-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c267478ba9112590e828c6306aebd194d463bb97ceb8c411b658af9f1c85b994

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46004
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 16:06:15 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 31 Aug 2022 16:41:42 GMT

GET
H2 200 5981085.js Show response
bat.bing.com/p/action/ 1 KB
851 B 336ms
335ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5981085.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b570986f2567698eb21dc10ce0038b15925cac4de77ade121ab010e663a735b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: ABBE7E06EDF3405D813BD361C96F2C35 Ref B: FRAEDGE1410 Ref C: 2022-08-31T16:41:42Z
date: Wed, 31 Aug 2022 16:41:42 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 666

GET
H2 204 0
bat.bing.com/action/ 0
175 B 47ms
47ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5981085&Ver=2&mid=9fcf13aa-7900-493e-bc36-12f4e0592e34&sid=cb54af50294b11edb820330f079115c9&vid=cb54c2d0294b11ed8514dd444db8ea0a&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=OfficeWorld.com%20-%20Office%20Supplies%20%26%20Business%20Products!&kw=office%20supplies,office%20world,officeworld,office%20supply%20stores,office%20products,business%20products,office%20supply,office%20supplies,business%20supplies,online%20office%20supplies,officeworld.com,office%20world,officeworld,office%20supplies,office,supplies,supply,online,office%20furniture,products,furniture,office%20products,discount,store,office%20supplies&p=https%3A%2F%2Fwww.officeworld.com%2F&r=&lt=1045&evt=pageLoad&sv=1&rn=930226

Requested by

Host: www.officeworld.com
URL: https://www.officeworld.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 97583C06E9BA460485535FB3945E76DB Ref B: FRAEDGE1410 Ref C: 2022-08-31T16:41:42Z
date: Wed, 31 Aug 2022 16:41:42 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pica.js
www.officeworld.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame C498 20 KB
8 KB 31ms
31ms Other
application/javascript 2606:4700:3108::ac42:2b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officeworld.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: www.officeworld.com
URL: https://www.officeworld.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee63fcf1a124047b0b29f2c7b5ac4fb858d0afbe4d3436df099cc796be75cfe9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:42 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7437371b4adc23df-ZRH

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 131ms
78ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1072715408&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15690
x-xss-protection: 0
server: cafe
etag: 13194339052015637803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 31 Aug 2022 16:41:43 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 53ms
22ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=422316190&t=pageview&_s=1&dl=https%3A%2F%2Fwww.officeworld.com%2F&ul=en-us&de=windows-1252&dt=OfficeWorld.com%20-%20Office%20Supplies%20%26%20Business%20Products!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1982726907&gjid=268333250&cid=1138386195.1661964103&tid=UA-856549-1&_gid=363257893.1661964103&_r=1&gtm=2ou8t0&z=63923131

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.officeworld.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:41:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.officeworld.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 83ms
28ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-856549-1&cid=1138386195.1661964103&jid=1982726907&gjid=268333250&_gid=363257893.1661964103&_u=YEBAAUAAAAAAAC~&z=2062797829

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.officeworld.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 31 Aug 2022 16:41:43 GMT
content-type: text/plain
access-control-allow-origin: https://www.officeworld.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 74373716cb1b23df Show response
www.officeworld.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame C498 2 B
356 B 70ms
70ms XHR
text/plain 2606:4700:3108::ac42:2b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officeworld.com/cdn-cgi/challenge-platform/h/b/cv/result/74373716cb1b23df
Requested by: Host: www.officeworld.com
URL: https://www.officeworld.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661961600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 31 Aug 2022 16:41:43 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 7437371d1dde23df-ZRH
content-type: text/plain; charset=UTF-8

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 79ms
40ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-856549-1&cid=1138386195.1661964103&jid=1982726907&_u=YEBAAUAAAAAAAC~&z=357844929

Requested by

Host: www.officeworld.com
URL: https://www.officeworld.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:41:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 81ms
43ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-856549-1&cid=1138386195.1661964103&jid=1982726907&_u=YEBAAUAAAAAAAC~&z=357844929

Requested by

Host: www.officeworld.com
URL: https://www.officeworld.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:41:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072715408/ 2 KB
1 KB 70ms
32ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072715408/?random=1661964103202&cv=9&fst=1661964103202&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8t0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.officeworld.com%2F&tiba=OfficeWorld.com%20-%20Office%20Supplies%20%26%20Business%20Products!&auid=1271583108.1661964103&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df9bf5df035e66f11127421a2a5a29da8c7ac4f754b6905c582d3478fc633385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1056
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072715408/ 2 KB
2 KB 69ms
32ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072715408/?random=1661964103204&cv=9&fst=1661964103204&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8t0&sendb=1&ig=1&data=event%3Dpage_view%3Becomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fwww.officeworld.com%2F&tiba=OfficeWorld.com%20-%20Office%20Supplies%20%26%20Business%20Products!&auid=1271583108.1661964103&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

172a03bdaf3b0d0a8c1da632e73f82e44fb8b73196a6bbd10b8f3c64f112315b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1072
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5981085 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 205ms
147ms Script
application/x-javascript 2620:1ec:27::cafe:1759
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/5981085
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/5981085.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1759 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: aef1765e5b937adc0f950e912dabf4abd0beb7231cb7248ce6d7b98b9a0376f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:43 GMT
x-powered-by: ASP.NET
x-azure-ref: 0R48PYwAAAAC/ZzKELl/GTZuC9GP1uKczRlJBMzFFREdFMDMxMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695

GET
H2 200 /
www.google.com/pagead/1p-user-list/1072715408/ 42 B
154 B 28ms
27ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1072715408/?random=1661964103202&cv=9&fst=1661961600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.officeworld.com%2F&tiba=OfficeWorld.com%20-%20Office%20Supplies%20%26%20Business%20Products!&async=1&fmt=3&is_vtc=1&random=759877399&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.officeworld.com
URL: https://www.officeworld.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:41:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1072715408/ 42 B
108 B 33ms
31ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1072715408/?random=1661964103202&cv=9&fst=1661961600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.officeworld.com%2F&tiba=OfficeWorld.com%20-%20Office%20Supplies%20%26%20Business%20Products!&async=1&fmt=3&is_vtc=1&random=759877399&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.officeworld.com
URL: https://www.officeworld.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:41:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1072715408/ 42 B
108 B 34ms
33ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1072715408/?random=1661964103204&cv=9&fst=1661961600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8t0&sendb=1&data=event%3Dpage_view%3Becomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fwww.officeworld.com%2F&tiba=OfficeWorld.com%20-%20Office%20Supplies%20%26%20Business%20Products!&async=1&fmt=3&is_vtc=1&random=2543637472&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.officeworld.com
URL: https://www.officeworld.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:41:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1072715408/ 42 B
154 B 29ms
29ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1072715408/?random=1661964103204&cv=9&fst=1661961600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8t0&sendb=1&data=event%3Dpage_view%3Becomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fwww.officeworld.com%2F&tiba=OfficeWorld.com%20-%20Office%20Supplies%20%26%20Business%20Products!&async=1&fmt=3&is_vtc=1&random=2543637472&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.officeworld.com
URL: https://www.officeworld.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:41:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-c/s/0.6.39/ 53 KB
23 KB 131ms
130ms Script
application/javascript 2620:1ec:27::cafe:1759
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-c/s/0.6.39/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/5981085
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1759 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: f083096f236cb98c87af2abc70707aef6a74bb105074919b0bdc3aeec6964c1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:43 GMT
content-encoding: br
etag: "1d8baf6c78cf4a1"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0R48PYwAAAADN0Yufqja3QISILS8yUaa0RlJBMzFFREdFMDMxMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H3 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/630c16bea60/js/ 121 B
403 B 64ms
36ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/58b9de6941acfb239f858658/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.officeworld.com/
Origin: https://www.officeworld.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 212487
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 01:31:16 GMT
server: cloudflare
etag: W/"da5bb1dc647470204df0e49f5afac2de"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 743737200f5dcc56-ZRH

GET
H3 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/630c16bea60/js/ 76 KB
27 KB 115ms
88ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/58b9de6941acfb239f858658/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.officeworld.com/
Origin: https://www.officeworld.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 212487
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 01:31:16 GMT
server: cloudflare
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 743737200f56cc56-ZRH

GET
H3 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/630c16bea60/js/ 206 KB
61 KB 94ms
67ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/58b9de6941acfb239f858658/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ac9be67fa3accd7aff2078733f332843a2b98b227e4cfe7a3bbd48c3c01e0b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.officeworld.com/
Origin: https://www.officeworld.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 212487
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 01:31:16 GMT
server: cloudflare
etag: W/"81c2642aac0b88b6b237d279f5f8ce67"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 743737200f5acc56-ZRH

GET
H3 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/630c16bea60/js/ 192 KB
40 KB 68ms
41ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/58b9de6941acfb239f858658/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47038d71ff586a6d2854c7e7b1fd62dbcce3e0455d9eaf5c116183bbe5730073

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.officeworld.com/
Origin: https://www.officeworld.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 212487
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 01:31:16 GMT
server: cloudflare
etag: W/"a60e52c6e06e37e6cb034be34513f89a"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 743737200f60cc56-ZRH

GET
H3 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/630c16bea60/js/ 2 KB
1 KB 65ms
38ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/58b9de6941acfb239f858658/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47c3b3aedc61909dbc07804d8cddc4cb8523d5bd99d83f94069ad78f038100b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.officeworld.com/
Origin: https://www.officeworld.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 212487
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 01:31:16 GMT
server: cloudflare
etag: W/"c5ac9b5bce70724c3422e4824abf1613"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 743737200f63cc56-ZRH

GET
H3 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/630c16bea60/js/ 151 B
391 B 154ms
128ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/58b9de6941acfb239f858658/default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.officeworld.com/
Origin: https://www.officeworld.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 212487
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 01:31:16 GMT
server: cloudflare
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 743737200f64cc56-ZRH

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=1CDC8C5EEE0A430BB2E2A26A0B1041FF&RedC=c.clarity.ms&MXFR=251150592E73629D235B42482A736C99
https://c.clarity.ms/c.gif?CtsSyncId=1CDC8C5EEE0A430BB2E2A26A0B1041FF&MUID=0D1EB14D8E6B68D901D5A35C8F006913

42 B
368 B

44ms
44ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=1CDC8C5EEE0A430BB2E2A26A0B1041FF&MUID=0D1EB14D8E6B68D901D5A35C8F006913
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:41:43 GMT
last-modified: Wed, 17 Aug 2022 23:56:46 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "de363c295b2d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:41:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0818E9F2119A4FD69623E8BCBDABC546 Ref B: FRAEDGE1410 Ref C: 2022-08-31T16:41:43Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=1CDC8C5EEE0A430BB2E2A26A0B1041FF&MUID=0D1EB14D8E6B68D901D5A35C8F006913
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 204 collect Show response
i.clarity.ms/ 0
178 B 367ms
115ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.6.39/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.officeworld.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: https://www.officeworld.com
date: Wed, 31 Aug 2022 16:41:43 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
1 KB 177ms
169ms Fetch
application/json 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=58b9de6941acfb239f858658&widgetId=default&sv=undefined

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91c9deda29fa79fde38b08f0d70f24bf2f976d0585a6aa7d20616a8f47e3e374

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: visitor-application-preemptive-kgxh
server: cloudflare
etag: W/"2-113-1"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 743737212d0601e7-ZRH
access-control-allow-headers: content-type,x-tawk-token

POST
H2 204 collect Show response
i.clarity.ms/ 0
25 B 552ms
447ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.6.39/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.officeworld.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: https://www.officeworld.com
date: Wed, 31 Aug 2022 16:41:43 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

POST
H3 200 start Show response
va.tawk.to/v1/session/ 1 KB
1 KB 335ms
295ms Fetch
application/json 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01d1fe87be9d319b65c66edd81ab00a622df2b54bcb733f08fe128c797865c04

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.officeworld.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Wed, 31 Aug 2022 16:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-headers: content-type,x-tawk-token
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.officeworld.com
access-control-allow-credentials: true
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 743737227ce4020d-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: visitor-application-preemptive-vkpk

OPTIONS
H2 200 start
va.tawk.to/v1/session/ Frame 0
0 162ms
162ms Preflight 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.officeworld.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.officeworld.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 743737213d1601e7-ZRH
date: Wed, 31 Aug 2022 16:41:44 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-3zfw

GET
H3 200 en.js Show response
embed.tawk.to/_s/v4/app/630c16bea60/languages/ 16 KB
4 KB 73ms
35ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/630c16bea60/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 227339
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 01:31:17 GMT
server: cloudflare
etag: W/"585ba00b2c167b90c210161454f843b5"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 743737227c7a0211-ZRH

GET
H3 200 twk-chunk-2c78ba82.js Show response
embed.tawk.to/_s/v4/app/630c16bea60/js/ 7 KB
2 KB 37ms
36ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-2c78ba82.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 227350
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 01:31:16 GMT
server: cloudflare
etag: W/"fac25ff2d2c405e1ac7e156dca1f819c"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 7437372488200211-ZRH

GET
H3 200 twk-chunk-696bc286.js Show response
embed.tawk.to/_s/v4/app/630c16bea60/js/ 16 KB
5 KB 38ms
37ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-696bc286.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

540723962f14452647efcfb1d2870d593fec7104b71df635e78d29ef6b83b91f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 227350
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 01:31:16 GMT
server: cloudflare
etag: W/"bb4756160fb4d6738e39056c756e3b37"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 74373724882b0211-ZRH

GET
H3 200 twk-chunk-f1596d96.js Show response
embed.tawk.to/_s/v4/app/630c16bea60/js/ 10 KB
4 KB 53ms
53ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-f1596d96.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96e5a18e776e5d78eddb3c00a35c9ec30164597e0b65fce2e03afb14a4aeac52

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 227273
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 01:31:16 GMT
server: cloudflare
etag: W/"e6c3687b9d8077b1c5609742d54f63c8"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 74373724882d0211-ZRH

GET
H3 200 twk-chunk-48f46bef.js Show response
embed.tawk.to/_s/v4/app/630c16bea60/js/ 15 KB
5 KB 37ms
36ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-48f46bef.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5169a21e0e4c05de69c6e9997ada44938f8cfdb9fd54f9de27d4b03a145bc947

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 227350
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 01:31:16 GMT
server: cloudflare
etag: W/"a59c9d2459b36a5949234182761d31c5"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 74373724882e0211-ZRH

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/630c16bea60/js/ 942 B
714 B 52ms
51ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 227350
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 01:31:16 GMT
server: cloudflare
etag: W/"5f434bdd806571a4e1b385bee9316ff6"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 7437372488340211-ZRH

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/630c16bea60/js/ 546 B
603 B 52ms
50ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 227350
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 01:31:16 GMT
server: cloudflare
etag: W/"09c3819d373bd4178a620d721429fada"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 7437372498390211-ZRH

GET
H3 200 twk-chunk-f163fcd0.js Show response
embed.tawk.to/_s/v4/app/630c16bea60/js/ 11 KB
4 KB 49ms
48ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-f163fcd0.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 227350
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 01:31:16 GMT
server: cloudflare
etag: W/"a92075fd9ac5ba130387a80453676099"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 74373724983a0211-ZRH

GET
H3 200 twk-chunk-32507910.js Show response
embed.tawk.to/_s/v4/app/630c16bea60/js/ 72 KB
16 KB 51ms
50ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-32507910.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

274328d8e070caeb59822084f866342b32b952a867a657715221e6ed032d59aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 227350
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 01:31:16 GMT
server: cloudflare
etag: W/"06e2686edf8c9d8f044eaa817aab00b8"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 74373724983b0211-ZRH

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/630c16bea60/css/ Frame 6F3D 24 KB
5 KB 31ms
31ms Stylesheet
text/css 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/630c16bea60/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5398246ab7530f3c43923b6649bbaf2df4b52a8adf11650985195039b9acd45

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 227339
cf-polished: origSize=24916
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 01:31:16 GMT
server: cloudflare
etag: W/"0099320c1e175d5dc7133b15f2ccf4f0"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 74373724d8a20211-ZRH
cf-bgj: minify

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/630c16bea60/css/ Frame 2C98 37 KB
8 KB 31ms
31ms Stylesheet
text/css 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/630c16bea60/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e715d0ab37abae46e9fc3933d25c2f24f6aa37daf4d77bb5aeeee155fe02c6fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 227339
cf-polished: origSize=38191
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 01:31:16 GMT
server: cloudflare
etag: W/"2046fb5e102278ee0298200a824032b1"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 7437372519000211-ZRH
cf-bgj: minify

GET
H3 200 bubble-widget.css
embed.tawk.to/_s/v4/app/630c16bea60/css/ Frame 88AE 13 KB
3 KB 41ms
40ms Stylesheet
text/css 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/630c16bea60/css/bubble-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 227270
cf-polished: origSize=13594
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 01:31:16 GMT
server: cloudflare
etag: W/"ce7913b80c763449b3895d46419f7a6b"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 7437372529130211-ZRH
cf-bgj: minify

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/630c16bea60/css/ Frame 27D5 74 KB
14 KB 67ms
67ms Stylesheet
text/css 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/630c16bea60/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

124cb07a59aeb0b33c16d4f5761a422236e2df723d254b47b762c29c7024b9f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 227339
cf-polished: origSize=75568
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 01:31:16 GMT
server: cloudflare
etag: W/"d5a426073b355cf87afd282a1bc5b39e"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 74373725393c0211-ZRH
cf-bgj: minify

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
53 KB 88ms
26ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officeworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 14484959
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 53889
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
x-served-by: cache-fra19170-FRA, cache-mxp6927-MXP
date: Wed, 31 Aug 2022 16:41:44 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 62-br.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame 88AE 3 KB
2 KB 42ms
42ms Image
image/svg+xml 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://embed.tawk.to/_s/v4/assets/images/attention-grabbers/62-br.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cf0be5ffcd530f43fa3a3b316eddcf5c9a064c883432032415f462df545d79d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 945697
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 22 May 2021 07:25:17 GMT
server: cloudflare
etag: W/"9f9370510ae706972f6bca868cd18e3e"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 7437372569990211-ZRH

GET
H3 200 tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame 88AE 10 KB
11 KB 157ms
157ms Font
font/woff2 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/assets/fonts/tawk-font-icon-2.woff2?55755728=

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/630c16bea60/css/bubble-widget.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://embed.tawk.to/_s/v4/app/630c16bea60/css/bubble-widget.css
Origin: https://www.officeworld.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:41:44 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10520
last-modified: Sat, 22 May 2021 07:25:13 GMT
server: cloudflare
etag: "054b3b66812d0a4b87ffc6776f0a42f1"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
accept-ranges: bytes
cf-ray: 743737256e06cc56-ZRH

POST
H3 200 v3 Show response
va.tawk.to/log-performance/ 5 B
284 B 165ms
164ms Fetch
text/html 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/630c16bea60/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.officeworld.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Wed, 31 Aug 2022 16:41:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-headers: content-type,x-tawk-token
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.officeworld.com
access-control-allow-credentials: true
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 74373729db4fcc56-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: visitor-application-preemptive-znkd

OPTIONS
H3 200 v3
va.tawk.to/log-performance/ Frame 0
0 162ms
161ms Preflight 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.officeworld.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.officeworld.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74373728c9f7cc56-ZRH
date: Wed, 31 Aug 2022 16:41:45 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-cxt8

POST
H2 204 collect Show response
i.clarity.ms/ 0
48 B 116ms
115ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.6.39/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.officeworld.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: https://www.officeworld.com
date: Wed, 31 Aug 2022 16:41:46 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.officeworld.com/	1970-01-20 05:39:45	Name: owSID Value: 137\|84\|172\|86\|91\|62\|93\|13\|70\|236\|128\|250\|161\|205\|92\|97\|2\|13\|184\|60\|214\|86\|30\|87\|200\|96\|53\|175\|56\|58\|68\|61\|98\|11\|209\|177\|220\|168
.bing.com/	1970-01-20 15:01:00	Name: MUID Value: 0D1EB14D8E6B68D901D5A35C8F006913
.officeworld.com/	1970-01-20 05:40:50	Name: _uetsid Value: cb54af50294b11edb820330f079115c9
.officeworld.com/	1970-01-20 15:01:00	Name: _uetvid Value: cb54c2d0294b11ed8514dd444db8ea0a
.officeworld.com/	1970-01-20 07:49:00	Name: _gcl_au Value: 1.1.1271583108.1661964103
.officeworld.com/	1970-01-20 15:15:24	Name: _ga Value: GA1.2.1138386195.1661964103
.officeworld.com/	1970-01-20 05:40:50	Name: _gid Value: GA1.2.363257893.1661964103
.officeworld.com/	1970-01-20 05:39:24	Name: _gat_gtag_UA_856549_1 Value: 1
.officeworld.com/	1970-01-20 05:39:25	Name: __cf_bm Value: 8DfL00CU.aGRBv64KVi2ngOSEHunTlSYH34n4g_mlds-1661964103-0-ATfahRJDPMsNho0OxwC6HwEUYgcAt0AIGWS8aXeG1lJhgjv6SNgPNiBuzWNyjMdGOL11LSUeOiVIF5JOwmdoNUw8mH3E/N61llEapBC87r5if2PH+OuwXoL40WiXkSTD6g==
.doubleclick.net/	1970-01-20 05:39:25	Name: test_cookie Value: CheckForPermission
www.clarity.ms/	1970-01-20 14:25:00	Name: CLID Value: 9606deeea67742f9947ae10b67b07197.20220831.20230831
.officeworld.com/	1970-01-20 14:25:00	Name: _clck Value: 19vpfoh\|1\|f4h\|0
www.officeworld.com/	1969-12-31 23:59:59	Name: twk_idm_key Value: ELzcduiR1cnpz84qo3QrT
.c.bing.com/	1970-01-20 15:01:00	Name: SRM_B Value: 0D1EB14D8E6B68D901D5A35C8F006913
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 15:01:00	Name: MUID Value: 0D1EB14D8E6B68D901D5A35C8F006913
.c.clarity.ms/	1970-01-20 05:39:24	Name: ANONCHK Value: 0
.officeworld.com/	1970-01-20 05:40:50	Name: _clsk Value: 1drl11b\|1661964104076\|1\|1\|i.clarity.ms/collect
www.officeworld.com/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.officeworld.com/	1970-01-20 09:58:36	Name: twk_uuid_58b9de6941acfb239f858658 Value: %7B%22uuid%22%3A%221.JMYvNTORrsd3muHZskg5DQoDSESx3Hb0ZYVYOFtNgP1StCE3kouQKX31XuPGoO9SqVYigdAacc3HbcGHaqPQl4QckBQzzQSBh9d4kjWNPaz4DbpP3G9S8ZbuPIQTZcuHnsWN5dsphk1XK7iPXSfo%22%2C%22version%22%3A3%2C%22domain%22%3A%22officeworld.com%22%2C%22ts%22%3A1661964104366%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
embed.tawk.to
googleads.g.doubleclick.net
i.clarity.ms
officeworld.com
stats.g.doubleclick.net
store.officeworld.com
va.tawk.to
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.officeworld.com
142.250.186.98
20.234.93.27
2001:4860:4802:32::178
2606:4700:10::6816:1883
2606:4700:10::ac43:2642
2606:4700:3108::ac42:28a7
2606:4700:3108::ac42:2b59
2620:1ec:27::cafe:1759
2620:1ec:c11::200
2a00:1450:4001:803::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:827::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c00::9a
2a04:4e42:400::485
52.167.85.21
01d1fe87be9d319b65c66edd81ab00a622df2b54bcb733f08fe128c797865c04
05aa085621a9838ad24a13715fe42afd3b12b7c99eec10414050a68d0cc9cb81
124cb07a59aeb0b33c16d4f5761a422236e2df723d254b47b762c29c7024b9f4
127b0ac3f419cc300ba125cb0c20969511101cda834980b1fc6d53a6a26c0b98
12dd3e968ced8f01649560da4cf975edff617d25ba4585dda428377529220da0
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
172a03bdaf3b0d0a8c1da632e73f82e44fb8b73196a6bbd10b8f3c64f112315b
22bce9bb2783b71ed2e1535aa4796c513cad7f8bcb23fd3ae3f02b05166fc64f
24c94b4ab339a9c7c23474bcef3443422d2b99b5d8d2d7d3911296c3ffef4cf2
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
274328d8e070caeb59822084f866342b32b952a867a657715221e6ed032d59aa
280cb7276c66189874254460488ce395fa0f5d967156cc9caad52c5cd1360159
28e9be9f6dcbc05e882085e33dd431b3e2c657b4cfc8d5ca71ca1d4f70af4989
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
3cf0be5ffcd530f43fa3a3b316eddcf5c9a064c883432032415f462df545d79d
3f75d993d831c74d08f2f6942b26dfedcfb0401e23ed8fe71ae5799ccd19236d
4344a8c8264fd8e6d1a2a1e81fb9bc61b8b12af844ac65854b64195e1c34066d
47038d71ff586a6d2854c7e7b1fd62dbcce3e0455d9eaf5c116183bbe5730073
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
4a8c56807e23e802956a017cb38e8d9ac19efc4db43023c2f1af2c09f4689d4f
4e46ca2c164e36144495041be9c33a6e484df37466a58fd7d0c78f53a8f5b7e4
5169a21e0e4c05de69c6e9997ada44938f8cfdb9fd54f9de27d4b03a145bc947
540723962f14452647efcfb1d2870d593fec7104b71df635e78d29ef6b83b91f
544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
6913534276926ad695ea90fa8732db3b36b9160f1c55074822c80c9e8d0e7f8c
6aaa0d3dccd348600d383c0abede2e676ca453eacc51b5b22cf454a6240875e9
6ac9be67fa3accd7aff2078733f332843a2b98b227e4cfe7a3bbd48c3c01e0b8
6adb434b4300c967610fbe4cfce990b87251c1344f37af9cdbded3e1fae79b1b
6b21a6ce2a88aa79c4150ede4e0651d9ede5d17d1e04e39ea17cfdd19e39ed90
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
76ae8b5550398fbbb1d5e945dd5a00540d22ffc466ca68dbd4d0eab2e5d61b52
80c3504b8f889c0c8daf82ebc4047061bd265f12d1e868daa19cb88c0eb468e2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
899952934b3dda044cc05a1e73bf7d4e054ebf0654c26b6cb927cf876146ac21
91c9deda29fa79fde38b08f0d70f24bf2f976d0585a6aa7d20616a8f47e3e374
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
952a174b8b59664315da74c597df0135821a8e45c2739cef46de2a6fc3a4bc0a
96e5a18e776e5d78eddb3c00a35c9ec30164597e0b65fce2e03afb14a4aeac52
97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d9eda2a9d4a296e8cc89cb29a17ae76459b18e8b29f92af8a0a0453655e46f3
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5398246ab7530f3c43923b6649bbaf2df4b52a8adf11650985195039b9acd45
aef1765e5b937adc0f950e912dabf4abd0beb7231cb7248ce6d7b98b9a0376f2
b570986f2567698eb21dc10ce0038b15925cac4de77ade121ab010e663a735b3
c267478ba9112590e828c6306aebd194d463bb97ceb8c411b658af9f1c85b994
d1fcf02ac27677f0183addc03bd8dbb3babcc67551e6c3b8accf70ce34b916d4
d4067c60b2fadd4a0511746caf96f54495101033f5dee4d29d4b468bc5fe9a56
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df9bf5df035e66f11127421a2a5a29da8c7ac4f754b6905c582d3478fc633385
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e715d0ab37abae46e9fc3933d25c2f24f6aa37daf4d77bb5aeeee155fe02c6fe
e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0
ee63fcf1a124047b0b29f2c7b5ac4fb858d0afbe4d3436df099cc796be75cfe9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f083096f236cb98c87af2abc70707aef6a74bb105074919b0bdc3aeec6964c1d
f3950c0aeb73f3c00c95c0f37c8765c8e88ec9b39df8c34b117cc92db8efbbe8
f47c3b3aedc61909dbc07804d8cddc4cb8523d5bd99d83f94069ad78f038100b
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867

www.officeworld.com Open in urlscan Pro 2606:4700:3108::ac42:2b59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

74 Requests

99 %HTTPS

82 %IPv6

12 Domains

19 Subdomains

16 IPs

4 Countries

862 kBTransfer

2100 kBSize

20 Cookies

0 Outgoing links

Page URL History

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.officeworld.com Open in urlscan Pro
2606:4700:3108::ac42:2b59 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

99 %
HTTPS

82 %
IPv6

12
Domains

19
Subdomains

16
IPs

4
Countries

862 kB
Transfer

2100 kB
Size

20
Cookies

74 HTTP transactions
0 data transactions