admin.officepuzzle.com Open in urlscan Pro
3.228.148.38 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://admin.officepuzzle.com/
Effective URL:
https://admin.officepuzzle.com/
Submission: On January 31 via api (January 31st 2024, 8:28:17 pm UTC) from US — Scanned from DE

Summary HTTP 55 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 13 domains to perform 55 HTTP transactions. The main IP is 3.228.148.38, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is admin.officepuzzle.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on December 2nd 2023. Valid for: a year.

This is the only time admin.officepuzzle.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	44.194.251.216 44.194.251.216	14618 (AMAZON-AES) (AMAZON-AES)
9	3.228.148.38 3.228.148.38	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ecb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
21	2606:4700:10:... 2606:4700:10::6816:1983	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	54.231.200.120 54.231.200.120	16509 (AMAZON-02) (AMAZON-02)
3	65.9.86.18 65.9.86.18	16509 (AMAZON-02) (AMAZON-02)
3	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
1	44.237.70.166 44.237.70.166	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
55	16

1 44.194.251.216 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-251-216.compute-1.amazonaws.com

admin.officepuzzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.228.148.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-148-38.compute-1.amazonaws.com

admin.officepuzzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ecb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.231.200.120 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.86.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-18.ams1.r.cloudfront.net

beacon-v2.helpscout.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.237.70.166 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-70-166.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	tawk.to embed.tawk.to — Cisco Umbrella Rank: 9519 va.tawk.to — Cisco Umbrella Rank: 9238	211 KB
10	officepuzzle.com 1 redirects admin.officepuzzle.com	3 MB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1227 q.stripe.com — Cisco Umbrella Rank: 7010 m.stripe.com — Cisco Umbrella Rank: 1188	167 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 349 www.linkedin.com — Cisco Umbrella Rank: 632 px4.ads.linkedin.com — Cisco Umbrella Rank: 6550	3 KB
3	helpscout.net beacon-v2.helpscout.net — Cisco Umbrella Rank: 10528	32 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1315	16 KB
2	amazonaws.com s3.amazonaws.com	86 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	216 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	68 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	39 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 783	16 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2029	259 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	85 KB
55	13

	Domain	Requested by
18	embed.tawk.to	admin.officepuzzle.com embed.tawk.to
10	admin.officepuzzle.com	1 redirects admin.officepuzzle.com
4	px.ads.linkedin.com	3 redirects snap.licdn.com
3	va.tawk.to	embed.tawk.to
3	q.stripe.com	admin.officepuzzle.com
3	beacon-v2.helpscout.net	admin.officepuzzle.com beacon-v2.helpscout.net
3	js.stripe.com	admin.officepuzzle.com js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	s3.amazonaws.com	admin.officepuzzle.com
2	www.facebook.com	admin.officepuzzle.com
2	connect.facebook.net	admin.officepuzzle.com connect.facebook.net
1	cdn.jsdelivr.net	embed.tawk.to
1	m.stripe.com	m.stripe.network
1	px4.ads.linkedin.com	admin.officepuzzle.com
1	www.linkedin.com	1 redirects
1	snap.licdn.com	admin.officepuzzle.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	admin.officepuzzle.com
55	18

This site contains links to these domains. Also see Links.

Domain
www.officepuzzle.com

Subject Issuer	Validity	Valid
www.officepuzzle.com Amazon RSA 2048 M02	`2023-12-02` - `2024-12-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-28` - `2024-04-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-10` - `2024-02-08`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-01-02` - `2024-04-04`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-10`	9 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
*.helpscout.net Amazon RSA 2048 M02	`2023-04-02` - `2024-04-30`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-12-20` - `2024-03-21`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-22` - `2024-03-21`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://admin.officepuzzle.com/
Frame ID: 37F9EA6B5C00757CA3A0CEBF9AAD8E7D
Requests: 42 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 3C39998CBFF548FBE389ECB2363C00F2
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 6148982F0B576DD7889C0279235F811F
Requests: 5 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65839862293/css/min-widget.css
Frame ID: B8BCEC27E5400720F9A019B8D298CF40
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65839862293/css/max-widget.css
Frame ID: 42AAE13F0BF9004E13C5226D887C360D
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65839862293/css/message-preview.css
Frame ID: ED7FA7C30BAF483963085B97377C0BB0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login | Office Puzzle (Admin)

Page URL History Show full URLs

http://admin.officepuzzle.com/ HTTP 301
https://admin.officepuzzle.com/ Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

55
Requests

96 %
HTTPS

50 %
IPv6

13
Domains

18
Subdomains

16
IPs

2
Countries

3372 kB
Transfer

12339 kB
Size

16
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.officepuzzle.com/release-notes/
Title: v1.4.1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://admin.officepuzzle.com/ HTTP 301
https://admin.officepuzzle.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4800553&time=1706732892683&url=https%3A%2F%2Fadmin.officepuzzle.com%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4800553&time=1706732892683&url=https%3A%2F%2Fadmin.officepuzzle.com%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4800553%26time%3D1706732892683%26url%3Dhttps%253A%252F%252Fadmin.officepuzzle.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4800553&time=1706732892683&url=https%3A%2F%2Fadmin.officepuzzle.com%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4800553&time=1706732892683&url=https%3A%2F%2Fadmin.officepuzzle.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJQZhUb6cQGowAAAY1hNTPERLR7QYwcxy1ywi-4WjFzryMMRpbBE0F5dlw9ePZl

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
admin.officepuzzle.com/
Redirect Chain

http://admin.officepuzzle.com/
https://admin.officepuzzle.com/

1020 KB
138 KB

393ms
208ms

Document
text/html

3.228.148.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.officepuzzle.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.148.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-148-38.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: db961b02d04dd1de3b54d34954154febbf75c2e3a2308249782f3f44bd043525

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 31 Jan 2024 20:28:11 GMT
etag: "feec0-95t3EXNjgFQv2RmOo+uDHkJiGJM"
server: nginx
vary: Accept-Encoding
x-powered-by: Express

Redirect headers

Connection: keep-alive
Content-Length: 134
Content-Type: text/html
Date: Wed, 31 Jan 2024 20:28:11 GMT
Location: https://admin.officepuzzle.com:443/
Server: awselb/2.0

GET
H2 200 0d262a1.js Show response
admin.officepuzzle.com/_nuxt/ 5 KB
3 KB 177ms
176ms Script
application/javascript 3.228.148.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.officepuzzle.com/_nuxt/0d262a1.js
Requested by: Host: admin.officepuzzle.com
URL: https://admin.officepuzzle.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.148.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-148-38.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3da544c7aa9c71af4af3d2c42729e554b6788aea583e85e8e94151f59121a440

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:11 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2024 11:47:11 GMT
server: nginx
etag: W/"1344-18d5f582e18"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 11eb9c6.js Show response
admin.officepuzzle.com/_nuxt/ 258 KB
87 KB 178ms
178ms Script
application/javascript 3.228.148.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.officepuzzle.com/_nuxt/11eb9c6.js
Requested by: Host: admin.officepuzzle.com
URL: https://admin.officepuzzle.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.148.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-148-38.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 16b05219ceac996780c4c9f9a4b0cf5a6edde0f606b59a8f4f71c796bc6d5a79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:11 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2024 11:47:11 GMT
server: nginx
etag: W/"406d3-18d5f582e18"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 e0e4ed0.js Show response
admin.officepuzzle.com/_nuxt/ 7 MB
2 MB 178ms
177ms Script
application/javascript 3.228.148.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.officepuzzle.com/_nuxt/e0e4ed0.js
Requested by: Host: admin.officepuzzle.com
URL: https://admin.officepuzzle.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.148.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-148-38.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ff9b71eae5fac632fb16bd14e475ea94c249b4324148eb0aaf5b81e843ea5ac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:11 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2024 11:47:11 GMT
server: nginx
etag: W/"6aaadc-18d5f582e18"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 3830712.js Show response
admin.officepuzzle.com/_nuxt/ 2 MB
403 KB 178ms
178ms Script
application/javascript 3.228.148.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.officepuzzle.com/_nuxt/3830712.js
Requested by: Host: admin.officepuzzle.com
URL: https://admin.officepuzzle.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.148.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-148-38.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 94f684d32baf4edac53165bb3a70b73368c87635bc0e60801782a10f077847c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:11 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2024 11:47:11 GMT
server: nginx
etag: W/"1a4651-18d5f582e18"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 246 KB
85 KB 48ms
27ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=G-LBJBGY7JEW

Requested by

Host: admin.officepuzzle.com
URL: https://admin.officepuzzle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e7d1a0a533f0fd1a9c0d3a4b6833f992e995cb921a848c2bf0b6a12676050794

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86898
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 31 Jan 2024 20:28:12 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 37ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LBJBGY7JEW&gtm=45He41t0v867612693&_p=1706732891820&gcd=11l1l1l1l1&npa=0&dma_cps=sypham&dma=1&cid=247979083.1706732892&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEAE&_s=1&sid=1706732892&sct=1&seg=0&dl=https%3A%2F%2Fadmin.officepuzzle.com%2F&dt=Office%20Puzzle&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90&tfd=905
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=G-LBJBGY7JEW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Jan 2024 20:28:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://admin.officepuzzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 43 KB
16 KB 44ms
8ms Script
application/javascript 2a02:26f0:480:f::213:7ecb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: admin.officepuzzle.com
URL: https://admin.officepuzzle.com/_nuxt/3830712.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ecb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2024 14:42:29 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=82868
accept-ranges: bytes
content-length: 15732

GET
H2 200 d004885.js Show response
admin.officepuzzle.com/_nuxt/ 5 KB
2 KB 94ms
94ms Script
application/javascript 3.228.148.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.officepuzzle.com/_nuxt/d004885.js
Requested by: Host: admin.officepuzzle.com
URL: https://admin.officepuzzle.com/_nuxt/0d262a1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.148.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-148-38.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8835e426634a75a4a56e370b907a79a8d332cd58d12eed554f6740e1152f5e33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:12 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2024 11:47:11 GMT
server: nginx
etag: W/"1486-18d5f582e18"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 1f09djta7 Show response
embed.tawk.to/60465ca9385de407571dde70/ 2 KB
925 B 170ms
146ms Script
application/x-javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/60465ca9385de407571dde70/1f09djta7

Requested by

Host: admin.officepuzzle.com
URL: https://admin.officepuzzle.com/_nuxt/3830712.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c0baa8470f0911f956353f1fc605467af6efa51b5ebabf3870846a020be27d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://admin.officepuzzle.com/
Origin: https://admin.officepuzzle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:12 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
server: cloudflare
etag: W/"stable-v4-65839862293"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 84e4b3227925924d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 81a8eb4.js Show response
admin.officepuzzle.com/_nuxt/ 3 KB
1 KB 95ms
95ms Script
application/javascript 3.228.148.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.officepuzzle.com/_nuxt/81a8eb4.js
Requested by: Host: admin.officepuzzle.com
URL: https://admin.officepuzzle.com/_nuxt/0d262a1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.148.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-148-38.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bc95026b824b058493a2736e084f890cdc00024548f34b6c2d2aa99374cd3e74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:12 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2024 11:47:11 GMT
server: nginx
etag: W/"d1a-18d5f582e18"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4800553&time=1706732892683&url=https%3A%2F%2Fadmin.officepuzzle.com%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4800553&time=1706732892683&url=https%3A%2F%2Fadmin.officepuzzle.com%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4800553%26time%3D1706732892683%26url%3Dhttps%253A%252F%252Fadmin.officepuzzle.com...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4800553&time=1706732892683&url=https%3A%2F%2Fadmin.officepuzzle.com%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4800553&time=1706732892683&url=https%3A%2F%2Fadmin.officepuzzle.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJQZhUb6cQGowAAAY1hNTPERLR7QYwcxy1ywi...

0
264 B

149ms
110ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4800553&time=1706732892683&url=https%3A%2F%2Fadmin.officepuzzle.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJQZhUb6cQGowAAAY1hNTPERLR7QYwcxy1ywi-4WjFzryMMRpbBE0F5dlw9ePZl
Requested by: Host: admin.officepuzzle.com
URL: https://admin.officepuzzle.com/user/login
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:13 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: AD1F1BB4F67D4C579D082FF47DF20A20 Ref B: FRAEDGE1519 Ref C: 2024-01-31T20:28:13Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQQ7fUc2/l9eafbDyENQ==

Redirect headers

date: Wed, 31 Jan 2024 20:28:12 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: F4CDF4E36FC4405CAC12D42BF411B570 Ref B: FRAEDGE1806 Ref C: 2024-01-31T20:28:13Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4800553&time=1706732892683&url=https%3A%2F%2Fadmin.officepuzzle.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJQZhUb6cQGowAAAY1hNTPERLR7QYwcxy1ywi-4WjFzryMMRpbBE0F5dlw9ePZl
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQQ7fR/LBlSJVwBX1C4g==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
58 KB 33ms
9ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: admin.officepuzzle.com
URL: https://admin.officepuzzle.com/_nuxt/3830712.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b0388a2387283b8457b08aadd7fdcca2702ba989863981b18e673a1394e74c4f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 31 Jan 2024 20:28:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57158
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: qmzNDbG68s7XHmAXeEMQntrZlnrGchSQOGTB4jVkvK2UrWG2MZaBCw2x2fvHdjEuIZsQ7PTbo4NjhHpw9CX+7A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 v3 Show response
js.stripe.com/ 587 KB
163 KB 40ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: admin.officepuzzle.com
URL: https://admin.officepuzzle.com/_nuxt/e0e4ed0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

64e64ff964ee9704382f99dfd4881ee375e34965ba30efac45eafe6e55eea9eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 31 Jan 2024 20:28:12 GMT
via: 1.1 varnish
age: 52
x-cache: HIT
content-length: 166541
x-request-id: c0916bde-67b5-43f3-baf7-719c49ebd50f
x-served-by: cache-fra-etou8220076-FRA
last-modified: Wed, 31 Jan 2024 18:52:06 GMT
server: Fastly
etag: "0cb9dc83cde5bd880b466aa81f7cfa0c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 30

GET
H2 200 765014281298764 Show response
connect.facebook.net/signals/config/ 52 KB
11 KB 66ms
66ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/765014281298764?v=2.9.143&r=stable&domain=admin.officepuzzle.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0daebac21fb1902db590457c97b820b7a648fb6a6db1ec207fd23eb55a9d532b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 31 Jan 2024 20:28:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: tlve5SZm9QO/OWfjBmRPrq/eqrTmMsY2BZEn9PuLHgUGh0Twaoj6mcFjwOiif0snvT9bDjvx4or6gFMSnEZOzQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 d2e0840.js Show response
admin.officepuzzle.com/_nuxt/ 9 KB
3 KB 94ms
94ms Script
application/javascript 3.228.148.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.officepuzzle.com/_nuxt/d2e0840.js
Requested by: Host: admin.officepuzzle.com
URL: https://admin.officepuzzle.com/_nuxt/0d262a1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.148.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-148-38.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d4122c455e0f5d15ca2539cd1252587cbbee931a5c5165dd51d9fd1c8c48b2bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:12 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2024 11:47:11 GMT
server: nginx
etag: W/"2351-18d5f582e18"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 23ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=765014281298764&ev=PageView&dl=https%3A%2F%2Fadmin.officepuzzle.com%2F&rl=&if=false&ts=1706732892830&sw=1600&sh=1200&v=2.9.143&r=stable&ec=0&o=4126&fbp=fb.1.1706732892830.607606392&ler=empty&cdl=API_unavailable&it=1706732892757&coo=false&exp=e1&rqm=GET

Requested by

Host: admin.officepuzzle.com
URL: https://admin.officepuzzle.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 31 Jan 2024 20:28:12 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=765014281298764&ev=PageView&dl=https%3A%2F%2Fadmin.officepuzzle.com%2Fuser%2Flogin&rl=&if=false&ts=1706732892892&sw=1600&sh=1200&v=2.9.143&r=stable&ec=1&o=4126&fbp=fb.1.1706732892830.607606392&ler=empty&cdl=API_unavailable&it=1706732892757&coo=false&exp=e1&rqm=GET

Requested by

Host: admin.officepuzzle.com
URL: https://admin.officepuzzle.com/user/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 31 Jan 2024 20:28:12 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 login-background.svg
admin.officepuzzle.com/ 3 KB
992 B 94ms
93ms Image
image/svg+xml 3.228.148.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://admin.officepuzzle.com/login-background.svg
Requested by: Host: admin.officepuzzle.com
URL: https://admin.officepuzzle.com/user/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.148.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-148-38.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a2877da3530468adfa7d3049d47ef516c3ae2b27047e2d978e1ce2069e583afa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/user/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:12 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2024 11:47:12 GMT
server: nginx
etag: W/"a67-18d5f583200"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes

GET
H/1.1 200
OK opzle-logo.png
s3.amazonaws.com/cdn.officepuzzle.com/images/ 12 KB
13 KB 343ms
139ms Image
image/png 54.231.200.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.officepuzzle.com/images/opzle-logo.png
Requested by: Host: admin.officepuzzle.com
URL: https://admin.officepuzzle.com/user/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.200.120 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 358abd83536a83ed9526c4e8f41ef26c6358811c91bf0d55c7b380a7af64bbbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 20:28:14 GMT
x-amz-version-id: 5h2xkxxiO8TabbFtTWwHjMtmbBIOTAg0
Last-Modified: Tue, 31 Oct 2023 20:19:01 GMT
Server: AmazonS3
x-amz-request-id: FVQGWFN8TMEZGWGB
ETag: "ebfb7e3f0f5afa399e6795fd2c30044d"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 12398
x-amz-id-2: p0CdRdng9RTxdd/q5Kwb/CVrni7S7KnouPv5cbm76a8TzlL6RHYjX+PKTiF9exNPpBXLDYo0Bgo=

GET
H/1.1 200
OK error.png
s3.amazonaws.com/cdn.officepuzzle.com/images/ 73 KB
73 KB 418ms
214ms Image
image/png 54.231.200.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.officepuzzle.com/images/error.png
Requested by: Host: admin.officepuzzle.com
URL: https://admin.officepuzzle.com/user/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.200.120 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 462e2ba389965f07db4860afd5db85ddc322a7bd3a5e1fee9fd755c99abfe79a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 20:28:14 GMT
x-amz-version-id: llQDo8Zd1TXV6FPzSkWWr1xQod4XsaZn
Last-Modified: Fri, 20 Aug 2021 13:29:58 GMT
Server: AmazonS3
x-amz-request-id: FVQYXZ8XKWV2KZHX
ETag: "89903dacdfaff62cfa6b0c2e20d69b6f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 74325
x-amz-id-2: SQ2RyxdxFlU726C3JNQYF7SVxUTRGgmHutBoHEVNdzazI6RnyovS6pvV0YcSlFLrpfrY17M2xHk=

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
200 B 110ms
110ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://admin.officepuzzle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 31 Jan 2024 20:28:12 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A147106F743C4B5DBDBBAE788EA71376 Ref B: FRAEDGE1806 Ref C: 2024-01-31T20:28:13Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://admin.officepuzzle.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYQQ7fWTQ1a6qk6gv6XPw==

GET
H2 200 / Show response
beacon-v2.helpscout.net/ 458 B
900 B 49ms
13ms Script
application/javascript 65.9.86.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon-v2.helpscout.net/

Requested by

Host: admin.officepuzzle.com
URL: https://admin.officepuzzle.com/_nuxt/3830712.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.86.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-86-18.ams1.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

873c602e3aa60b6b7e3968ebc1834aeb476e29d2baea9774d39f534ddb16e6ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:27:47 GMT
content-encoding: gzip
via: 1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS1-C1
age: 27
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 327
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 31 Jan 2024 10:40:37 GMT
server: AmazonS3
etag: "9ee8c104873391042da855663bc3e2f1"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=120, s-maxage=120, public
accept-ranges: bytes
x-amz-cf-id: YoZLk9X0I_jRdQEE2Ms7d99akeH-rnapFGE5BivYdIc9ndZocgy9Iw==

GET
H2 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 121 B
182 B 133ms
132ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/60465ca9385de407571dde70/1f09djta7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://admin.officepuzzle.com/
Origin: https://admin.officepuzzle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:13 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
content-encoding: br
etag: W/"da5bb1dc647470204df0e49f5afac2de"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 84e4b3287fea924d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 81 KB
29 KB 255ms
254ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/60465ca9385de407571dde70/1f09djta7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://admin.officepuzzle.com/
Origin: https://admin.officepuzzle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:13 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
content-encoding: br
etag: W/"ce3014b09c6dfbd6f92bc585fd840580"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 84e4b3287fec924d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 212 KB
62 KB 369ms
368ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/60465ca9385de407571dde70/1f09djta7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcd1fa4d2007137da13dd581c678acfda42358cbdbda0f0204874fbe2e2c4663

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://admin.officepuzzle.com/
Origin: https://admin.officepuzzle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:13 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
content-encoding: br
etag: W/"86b32a04921a039ace69980bacd1b639"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 84e4b3287fee924d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 219 KB
43 KB 367ms
366ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/60465ca9385de407571dde70/1f09djta7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

252458ca95d1b4ebb463113ddaf8be2331453431243c0ef8196eef04da4dcf1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://admin.officepuzzle.com/
Origin: https://admin.officepuzzle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:13 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
content-encoding: br
etag: W/"7cb04588da7fac9195cf9fcf0a9cd695"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 84e4b3287fef924d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 2 KB
1 KB 141ms
140ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/60465ca9385de407571dde70/1f09djta7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

221f1816ebb7a87ef915cd7a2e091cb0a14082b7ac494039d4e28d29ce384e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://admin.officepuzzle.com/
Origin: https://admin.officepuzzle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:13 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
content-encoding: br
etag: W/"8a62145a771f178a2f2776bd2b72d0d5"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 84e4b3287ff1924d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 151 B
310 B 131ms
131ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/60465ca9385de407571dde70/1f09djta7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://admin.officepuzzle.com/
Origin: https://admin.officepuzzle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:13 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
content-encoding: br
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 84e4b3287ff2924d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 3C39 200 B
841 B 7ms
6ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://admin.officepuzzle.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 4889780
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 31 Jan 2024 20:28:13 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 201577
x-content-type-options: nosniff
x-request-id: dcbe480c-fba3-47fa-a0ef-48e415f0068a
x-served-by: cache-fra-etou8220076-FRA

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3C39 526 B
450 B 7ms
6ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 31 Jan 2024 20:28:13 GMT
via: 1.1 varnish
age: 4810800
x-cache: HIT
content-length: 315
x-request-id: d3174cbd-035e-4fe5-a6f4-66033613903b
x-served-by: cache-fra-etou8220076-FRA
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
server: Fastly
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 191883

POST
H2 200 csp-report
q.stripe.com/ Frame 3C39 0
716 B 678ms
183ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: admin.officepuzzle.com
URL: https://admin.officepuzzle.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 31 Jan 2024 20:28:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706732894121905
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1706732894121604
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 3C39 0
716 B 682ms
186ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: admin.officepuzzle.com
URL: https://admin.officepuzzle.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 31 Jan 2024 20:28:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706732894122146
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1706732894121558
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 6148 930 B
1 KB 18ms
6ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 97
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 31 Jan 2024 20:28:13 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 80
x-content-type-options: nosniff
x-request-id: f65a1b7a-6026-4e08-95ed-b89ff280c2dc
x-served-by: cache-fra-etou8220076-FRA
x-timer: S1706732894.549656,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame 6148 0
491 B 650ms
182ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: admin.officepuzzle.com
URL: https://admin.officepuzzle.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 31 Jan 2024 20:28:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706732894121990
x-envoy-upstream-service-time: 0
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1706732894121637
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 6148 87 KB
15 KB 6ms
6ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 31 Jan 2024 20:28:13 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 276
x-cache: HIT
content-length: 15509
x-request-id: 883f69e2-aff8-465a-af52-99a15cf57454
x-served-by: cache-fra-etou8220076-FRA
server: Fastly
x-timer: S1706732894.558734,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 183

GET
H2 200 vendor.cd87fe5a.js Show response
beacon-v2.helpscout.net/static/js/ 51 KB
18 KB 15ms
15ms Script
application/javascript 65.9.86.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon-v2.helpscout.net/static/js/vendor.cd87fe5a.js

Requested by

Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.86.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-86-18.ams1.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1c376d148361f36809d62e7ad6274300a3ca246889d1bee927be6eadd12cbee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:29:42 GMT
content-encoding: gzip
via: 1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS1-C1
age: 7112
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 17768
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Jan 2024 10:15:30 GMT
server: AmazonS3
etag: "5080ce4e019c8c43fe25a97a8560a638"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: ypok6F3uF_vjJhitW4btFEclic8CGBNGgIhJEVZcMwE9RibU2RXnpw==

GET
H2 200 main.c1a629b4.js Show response
beacon-v2.helpscout.net/static/js/ 31 KB
13 KB 17ms
17ms Script
application/javascript 65.9.86.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon-v2.helpscout.net/static/js/main.c1a629b4.js

Requested by

Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.86.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-86-18.ams1.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7a9f8df0bcf0dc2416fb0e0730ade5b25affa6e7e5d2b9ca75640eb429ccc8bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 18:41:41 GMT
content-encoding: gzip
via: 1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS1-C1
age: 6393
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 12607
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 31 Jan 2024 10:40:37 GMT
server: AmazonS3
etag: "9bd4beefd15a43e061658c6751779172"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: N0ngsFKjVpsto1KkmPWf_IjdxsIdx98UyNwP-cukwDsXwfAKDd_46g==

POST
H2 200 6 Show response
m.stripe.com/ Frame 6148 156 B
669 B 606ms
180ms XHR
application/json 44.237.70.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.70.166 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-70-166.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

1cd4d8686f9534458def0e5d26a827016a8209bccee3c2dce45fa708b5bd52e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 31 Jan 2024 20:28:14 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706732894116306
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1706732894116125
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 4 KB
2 KB 143ms
134ms Fetch
application/json 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=60465ca9385de407571dde70&widgetId=1f09djta7&sv=null

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88258b6e0e9171657d174da813f54059e9455969d8868b8eae66d016523d92b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:14 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-j31c
server: cloudflare
etag: W/"2-214-1"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 84e4b32b2abf924d-FRA
access-control-allow-headers: content-type,x-tawk-token

POST
H3 200 start Show response
va.tawk.to/v1/session/ 1 KB
1 KB 591ms
591ms Fetch
application/json 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a6f9468c9a49b92b4fe2625dd8066c9429d12bb0b22637f32faedb4b03989bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://admin.officepuzzle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Wed, 31 Jan 2024 20:28:14 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://admin.officepuzzle.com
access-control-allow-credentials: true
cf-ray: 84e4b32c8c9f92b7-FRA
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-x0j1

OPTIONS
H2 200 start
va.tawk.to/v1/session/ Frame 0
0 142ms
142ms Preflight 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://admin.officepuzzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://admin.officepuzzle.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84e4b32bab67924d-FRA
date: Wed, 31 Jan 2024 20:28:14 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-znrq

GET
H3 200 en.js Show response
embed.tawk.to/_s/v4/app/65839862293/languages/ 17 KB
4 KB 36ms
27ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:14 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1014666
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"7f37a030886ec7fce1d065ec482789ee"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 84e4b32c0c3192b7-FRA

GET
H3 200 twk-chunk-2c776523.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 10 KB
3 KB 19ms
18ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2c776523.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd50385cef163eb376d93e7b1e07fe467de23b60c98373f7d69448214d3e9cdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:14 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1014667
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"70aec2dd89cac4933594c25b71d61f46"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 84e4b3306f6a92b7-FRA

GET
H3 200 twk-chunk-9294da6c.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 18 KB
5 KB 23ms
23ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-9294da6c.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea2c7fe5b9f379bd51bc7a9d6016ddc2f445164a3dd5738a319fbcc23402fa1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:14 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1014667
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"398211e86ba1f74c4421bde7a06fc780"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 84e4b3306f6b92b7-FRA

GET
H3 200 twk-chunk-2d0b383d.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 699 B
676 B 17ms
17ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2d0b383d.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:14 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1014667
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"838903127a65ec440893b4945c40ca4a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 84e4b3306f6c92b7-FRA

GET
H3 200 twk-chunk-48f3b594.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 19 KB
6 KB 24ms
24ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-48f3b594.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

171130288b9912be9b602fe27afeed79e4ecdf6ea7997ce8c97b0d5f5aba2359

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:14 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1014667
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"d1392466f248728bc183c96015db868c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 84e4b3306f6e92b7-FRA

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 906 B
662 B 20ms
20ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:14 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1014667
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"1c5ecf371149feca23bd895ba9dfec4d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 84e4b3306f6f92b7-FRA

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 535 B
574 B 18ms
18ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:14 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1014667
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"c506281367048d4a134c9affbc68c8c6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 84e4b3306f7092b7-FRA

GET
H3 200 twk-chunk-24d8db78.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 110 KB
24 KB 23ms
23ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-24d8db78.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0db3a997bf0303354210ecb224dc7b4bb1f81d34aa95fd06cdf13498c265339d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:14 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1014667
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"1eaf1603955ff543fb810fe5edc51e58"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 84e4b3306f7192b7-FRA

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/65839862293/css/ Frame B8BC 24 KB
5 KB 18ms
18ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:14 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1014667
cf-polished: origSize=24831
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 21 Dec 2023 01:45:13 GMT
server: cloudflare
etag: W/"5742a34aaab2a5983c7c11cdeef1c0ee"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 84e4b330af9992b7-FRA

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/65839862293/css/ Frame 42AA 76 KB
15 KB 24ms
24ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799596c2833003b4bd92b1454ba52de29fb4fd07edb07648d64e567b0d293f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:14 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1014666
cf-polished: origSize=78180
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 21 Dec 2023 01:45:13 GMT
server: cloudflare
etag: W/"0ab357443b798b4a1db6c4f22b1590f4"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 84e4b330bfaa92b7-FRA

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/65839862293/css/ Frame ED7F 40 KB
8 KB 21ms
20ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bd9666b0959d868276da481746b74e6a76fbc19f7957e528b8fb022367980bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:14 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1014667
cf-polished: origSize=40832
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 21 Dec 2023 01:45:13 GMT
server: cloudflare
etag: W/"cf4a08d496f49489af30571e3cbb48f3"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 84e4b330cfb892b7-FRA

GET
H3 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
39 KB 21ms
21ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-vendors.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://admin.officepuzzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 20:28:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2281536
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230136-FRA, cache-lga21957-LGA
server: cloudflare
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UiyVj8f3tDOpguRl5bl5kjKjFmUlHdo8Q7NXSwSfKPNhmNUHFf0XtmHeeB0DfQ3PbbHJM3OEwiWu2ReYHnaMtRQaXSldyJidjxBIZuPEnWhOy0l1WluiToCVP5ffs1L%2ByM1S%2BOIZ9hYq2gbVY1k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 84e4b330ea6b1da0-FRA

POST 6
m.stripe.com/ Frame 6148 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: m.stripe.com
URL: https://m.stripe.com/6

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.officepuzzle.com/	1970-01-21 03:41:32	Name: _ga Value: GA1.1.247979083.1706732892
.officepuzzle.com/	1970-01-20 20:15:08	Name: _fbp Value: fb.1.1706732892830.607606392
.linkedin.com/	1970-01-20 20:15:08	Name: li_sugr Value: eba59333-0752-4df9-b32a-071a69954088
.linkedin.com/	1970-01-21 02:51:08	Name: bcookie Value: "v=2&ca01be34-a8d9-453e-8817-0b247f230526"
.linkedin.com/	1970-01-20 18:06:59	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=3131:u=1:x=1:i=1706732892:t=1706819292:v=2:sig=AQHVIg34_odtzcqpPpAC8GZ4L-_srgIb"
.linkedin.com/	1970-01-20 18:48:44	Name: UserMatchHistory Value: AQJVqa8HkygWNwAAAY1hNTLf6Nef2R1CN_Qayv-n6pxG2VXcyw2mKTCa6fUgZPghTPjrlI2dRBxKCA
.linkedin.com/	1970-01-20 18:48:44	Name: AnalyticsSyncHistory Value: AQKN-8xyL5pZ0AAAAY1hNTLfF-xVTKgdpKJwjlwH6bgbgcl80CI4P7-mn9YMoA-ZcjEKPFaXJ2CG7RD5MX1hMw
.www.linkedin.com/	1970-01-21 02:51:08	Name: bscookie Value: "v=1&202401312028128cb8a9ab-2ceb-459b-89fd-23bf518abfb0AQFUOMsZPhWxl5tQUnKH4sKjBJJepVJb"
.linkedin.com/	1970-01-20 22:24:44	Name: li_gc Value: MTswOzE3MDY3MzI4OTI7MjswMjEk0WoJs4Igo6Ca4T/60aF78umTcOZQ3Z24A7RpAeNYpQ==
.officepuzzle.com/	1970-01-21 03:41:32	Name: _ga_LBJBGY7JEW Value: GS1.1.1706732892.1.1.1706732893.0.0.0
admin.officepuzzle.com/	1969-12-31 23:59:59	Name: twk_idm_key Value: xEY4loPWEXdnGOUHzuadH
m.stripe.com/	1970-01-21 03:41:32	Name: m Value: 1e4014f0-b695-4f16-b1e5-143ba4395b945f500a
.admin.officepuzzle.com/	1970-01-21 02:51:08	Name: __stripe_mid Value: 60a69960-24a9-4c64-98de-6cabbbdb2cfaaf6a9b
.admin.officepuzzle.com/	1970-01-20 18:05:34	Name: __stripe_sid Value: fb19e3d9-fb96-4b87-9bc6-96ba79cca58862f090
admin.officepuzzle.com/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.officepuzzle.com/	1970-01-20 22:24:44	Name: twk_uuid_60465ca9385de407571dde70 Value: %7B%22uuid%22%3A%221.2Bibl39kNoVKjtP6UciaqRuppZWCj2p04r7ipHBEB0FfdVVAVdl8R5IrX16heqH5rdKgaVzs2vbRZ0ZmGihxRV40CFgYO33nCvMM0B0eKRz4IZ3tsPlsvWpKXty%22%2C%22version%22%3A3%2C%22domain%22%3A%22officepuzzle.com%22%2C%22ts%22%3A1706732894774%7D

39 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/765014281298764?v=2.9.143&r=stable&domain=admin.officepuzzle.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
rendering	info	URL: https://admin.officepuzzle.com/user/login Message: Autofocus processing was blocked because a document already has a focused element.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
other	warning	URL: https://admin.officepuzzle.com/user/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.officepuzzle.com
beacon-v2.helpscout.net
cdn.jsdelivr.net
connect.facebook.net
embed.tawk.to
js.stripe.com
m.stripe.com
m.stripe.network
px.ads.linkedin.com
px4.ads.linkedin.com
q.stripe.com
region1.google-analytics.com
s3.amazonaws.com
snap.licdn.com
va.tawk.to
www.facebook.com
www.googletagmanager.com
www.linkedin.com
m.stripe.com
13.107.42.14
151.101.64.176
2001:4860:4802:32::36
2606:4700:10::6816:1983
2606:4700::6810:5514
2620:1ec:21::14
2a00:1450:4001:810::2008
2a02:26f0:480:f::213:7ecb
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.228.148.38
44.194.251.216
44.237.70.166
54.187.119.242
54.231.200.120
65.9.86.18
0daebac21fb1902db590457c97b820b7a648fb6a6db1ec207fd23eb55a9d532b
0db3a997bf0303354210ecb224dc7b4bb1f81d34aa95fd06cdf13498c265339d
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
16b05219ceac996780c4c9f9a4b0cf5a6edde0f606b59a8f4f71c796bc6d5a79
171130288b9912be9b602fe27afeed79e4ecdf6ea7997ce8c97b0d5f5aba2359
1c0baa8470f0911f956353f1fc605467af6efa51b5ebabf3870846a020be27d3
1c376d148361f36809d62e7ad6274300a3ca246889d1bee927be6eadd12cbee9
1cd4d8686f9534458def0e5d26a827016a8209bccee3c2dce45fa708b5bd52e4
221f1816ebb7a87ef915cd7a2e091cb0a14082b7ac494039d4e28d29ce384e83
252458ca95d1b4ebb463113ddaf8be2331453431243c0ef8196eef04da4dcf1d
2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c
358abd83536a83ed9526c4e8f41ef26c6358811c91bf0d55c7b380a7af64bbbe
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
3da544c7aa9c71af4af3d2c42729e554b6788aea583e85e8e94151f59121a440
462e2ba389965f07db4860afd5db85ddc322a7bd3a5e1fee9fd755c99abfe79a
64e64ff964ee9704382f99dfd4881ee375e34965ba30efac45eafe6e55eea9eb
6a6f9468c9a49b92b4fe2625dd8066c9429d12bb0b22637f32faedb4b03989bf
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e
799596c2833003b4bd92b1454ba52de29fb4fd07edb07648d64e567b0d293f85
7a9f8df0bcf0dc2416fb0e0730ade5b25affa6e7e5d2b9ca75640eb429ccc8bd
7bd9666b0959d868276da481746b74e6a76fbc19f7957e528b8fb022367980bc
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
873c602e3aa60b6b7e3968ebc1834aeb476e29d2baea9774d39f534ddb16e6ad
88258b6e0e9171657d174da813f54059e9455969d8868b8eae66d016523d92b6
8835e426634a75a4a56e370b907a79a8d332cd58d12eed554f6740e1152f5e33
89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
94f684d32baf4edac53165bb3a70b73368c87635bc0e60801782a10f077847c0
a2877da3530468adfa7d3049d47ef516c3ae2b27047e2d978e1ce2069e583afa
b0388a2387283b8457b08aadd7fdcca2702ba989863981b18e673a1394e74c4f
b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bc95026b824b058493a2736e084f890cdc00024548f34b6c2d2aa99374cd3e74
cd50385cef163eb376d93e7b1e07fe467de23b60c98373f7d69448214d3e9cdd
d4122c455e0f5d15ca2539cd1252587cbbee931a5c5165dd51d9fd1c8c48b2bd
db961b02d04dd1de3b54d34954154febbf75c2e3a2308249782f3f44bd043525
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d1a0a533f0fd1a9c0d3a4b6833f992e995cb921a848c2bf0b6a12676050794
ea2c7fe5b9f379bd51bc7a9d6016ddc2f445164a3dd5738a319fbcc23402fa1d
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
fcd1fa4d2007137da13dd581c678acfda42358cbdbda0f0204874fbe2e2c4663
ff9b71eae5fac632fb16bd14e475ea94c249b4324148eb0aaf5b81e843ea5ac1

admin.officepuzzle.com Open in urlscan Pro 3.228.148.38 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

96 %HTTPS

50 %IPv6

13 Domains

18 Subdomains

16 IPs

2 Countries

3372 kBTransfer

12339 kBSize

16 Cookies

1 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

admin.officepuzzle.com Open in urlscan Pro
3.228.148.38 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

96 %
HTTPS

50 %
IPv6

13
Domains

18
Subdomains

16
IPs

2
Countries

3372 kB
Transfer

12339 kB
Size

16
Cookies

55 HTTP transactions
0 data transactions