www.officer.com Open in urlscan Pro
54.160.255.229 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://officer.com/
Effective URL:
https://www.officer.com/
Submission: On September 20 via manual (September 20th 2019, 12:15:51 am UTC) from US

Summary HTTP 106 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 38 IPs in 7 countries across 32 domains to perform 106 HTTP transactions. The main IP is 54.160.255.229, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is www.officer.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 29th 2019. Valid for: 3 months.

This is the only time www.officer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	35.153.150.254 35.153.150.254	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
8	54.160.255.229 54.160.255.229	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
5	54.81.60.13 54.81.60.13	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
5	54.160.175.116 54.160.175.116	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
4	204.180.130.159 204.180.130.159	53866 (QTS-AS) (QTS-AS - Omeda Communications)
1	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY - Fastly)
4	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
10	13.32.218.154 13.32.218.154	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:819::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2.18.233.40 2.18.233.40	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 2	172.217.21.198 172.217.21.198	15169 (GOOGLE) (GOOGLE - Google LLC)
15 19	54.246.124.184 54.246.124.184	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2 2	52.57.106.47 52.57.106.47	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	52.58.41.129 52.58.41.129	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	69.173.144.136 69.173.144.136	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1 3	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY - Fastly)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
2 2	2a00:1288:110... 2a00:1288:110:833::4000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 2	18.196.141.29 18.196.141.29	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	3.122.83.132 3.122.83.132	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	185.33.223.197 185.33.223.197	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	35.190.72.21 35.190.72.21	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	172.217.22.34 172.217.22.34	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2600:9000:205... 2600:9000:2057:3200:6:b4cc:d980:21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700::68... 2606:4700::6813:c797	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2606:4700::68... 2606:4700::6813:c497	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	34.232.11.199 34.232.11.199	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	13.32.220.201 13.32.220.201	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
11	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
4	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
2	54.246.153.43 54.246.153.43	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
7	2a00:1450:400... 2a00:1450:4001:824::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
106	38

2 35.153.150.254 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-153-150-254.compute-1.amazonaws.com

officer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.160.255.229 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-160-255-229.compute-1.amazonaws.com

www.officer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.81.60.13 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-81-60-13.compute-1.amazonaws.com

radix.officer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.baseplatform.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.160.175.116 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-160-175-116.compute-1.amazonaws.com

olytics.cygnus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.180.130.159 (Chicago, United States)

ASN53866 (QTS-AS - Omeda Communications, US)
PTR: my.omedastaging.com

olytics.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::729 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)

cdn.ravenjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.32.218.154 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-218-154.fra56.r.cloudfront.net

cdn.officer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.233.40 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.21.198 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f198.1e100.net

5326342.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 54.246.124.184 (Dublin, Ireland) 15 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-246-124-184.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.106.47 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-57-106-47.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.41.129 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-58-41-129.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.136 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.2 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY - Fastly, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:833::4000 (United Kingdom) 2 redirects

ASN34010 (YAHOO-IRD, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.141.29 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-196-141-29.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.83.132 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-122-83-132.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.197 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 302.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.21 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 21.72.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.120.147 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.34 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:3200:6:b4cc:d980:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

d24bnj4f1s1f8m.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c797 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:c497 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.232.11.199 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-232-11-199.compute-1.amazonaws.com

id-me.as3.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.220.201 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-220-201.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.246.153.43 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-246-153-43.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:824::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	officer.com 2 redirects officer.com www.officer.com radix.officer.com cdn.officer.com	457 KB
22	adroll.com 15 redirects s.adroll.com d.adroll.com	24 KB
15	doubleclick.net 2 redirects 5326342.fls.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	110 KB
7	ampproject.org cdn.ampproject.org	335 KB
7	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	429 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	172 KB
5	google.com www.google.com adservice.google.com	752 B
5	cygnus.com olytics.cygnus.com	11 KB
4	cloudflare.com cdnjs.cloudflare.com	67 KB
4	yahoo.com 3 redirects ups.analytics.yahoo.com ads.yahoo.com	2 KB
4	omeda.com olytics.omeda.com	245 KB
3	adsrvr.org js.adsrvr.org insight.adsrvr.org	2 KB
3	facebook.net connect.facebook.net	120 KB
2	as3.io id-me.as3.io	79 KB
2	openx.net 1 redirects us-u.openx.net	341 B
2	bidswitch.net 1 redirects x.bidswitch.net	908 B
2	3lift.com 1 redirects eb2.3lift.com	696 B
2	outbrain.com 1 redirects sync.outbrain.com	674 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	advertising.com 2 redirects pixel.advertising.com	719 B
2	google-analytics.com www.google-analytics.com	18 KB
1	google.de adservice.google.de	171 B
1	facebook.com www.facebook.com	246 B
1	cloudfront.net d24bnj4f1s1f8m.cloudfront.net	13 KB
1	rlcdn.com idsync.rlcdn.com	62 B
1	adnxs.com ib.adnxs.com	875 B
1	taboola.com trc.taboola.com	198 B
1	pubmatic.com simage2.pubmatic.com	862 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	googletagmanager.com www.googletagmanager.com	21 KB
1	baseplatform.io www.baseplatform.io	3 KB
1	ravenjs.com cdn.ravenjs.com	10 KB
106	32

	Domain	Requested by
19	d.adroll.com	15 redirects s.adroll.com www.officer.com
11	securepubads.g.doubleclick.net	www.officer.com securepubads.g.doubleclick.net cdn.ravenjs.com
10	cdn.officer.com	www.officer.com
8	www.officer.com	www.officer.com
7	cdn.ampproject.org	securepubads.g.doubleclick.net
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.officer.com cdn.ampproject.org
5	olytics.cygnus.com	www.officer.com cdn.ravenjs.com
4	cdnjs.cloudflare.com	www.officer.com www.googletagmanager.com
4	fonts.gstatic.com	www.officer.com
4	www.google.com	www.officer.com
4	olytics.omeda.com	www.officer.com cdn.ravenjs.com
4	radix.officer.com	www.officer.com cdn.ravenjs.com
3	connect.facebook.net	s.adroll.com connect.facebook.net
3	s.adroll.com	www.googletagmanager.com s.adroll.com www.officer.com
2	pagead2.googlesyndication.com
2	insight.adsrvr.org	js.adsrvr.org
2	id-me.as3.io	www.googletagmanager.com cdn.ravenjs.com
2	us-u.openx.net	1 redirects www.officer.com
2	x.bidswitch.net	1 redirects www.officer.com
2	eb2.3lift.com	1 redirects www.officer.com
2	ads.yahoo.com	2 redirects
2	sync.outbrain.com	1 redirects www.officer.com
2	dsum-sec.casalemedia.com	1 redirects www.officer.com
2	ups.analytics.yahoo.com	1 redirects www.officer.com
2	pixel.advertising.com	2 redirects
2	5326342.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.officer.com
2	officer.com	2 redirects
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.facebook.com	www.officer.com
1	js.adsrvr.org	www.googletagmanager.com
1	stats.g.doubleclick.net	www.officer.com
1	www.gstatic.com	www.google.com
1	d24bnj4f1s1f8m.cloudfront.net	www.officer.com
1	cm.g.doubleclick.net	1 redirects
1	idsync.rlcdn.com	www.officer.com
1	ib.adnxs.com	www.officer.com
1	trc.taboola.com	www.officer.com
1	simage2.pubmatic.com	www.officer.com
1	pixel.rubiconproject.com	www.officer.com
1	www.googletagmanager.com	www.officer.com
1	www.baseplatform.io	www.officer.com
1	cdn.ravenjs.com	www.officer.com
106	44

This site contains links to these domains. Also see Links.

Domain
www.endeavorbusinessmedia.com
forum.officer.com
www.facebook.com
twitter.com
www.linkedin.com
stories.endeavorb2b.com
ad.doubleclick.net

Subject Issuer	Validity	Valid
officer.com Let's Encrypt Authority X3	`2019-07-29` - `2019-10-27`	3 months	crt.sh
cygnus.com Let's Encrypt Authority X3	`2019-09-03` - `2019-12-02`	3 months	crt.sh
*.omeda.com SSL.com RSA SSL subCA	`2019-07-11` - `2020-08-28`	a year	crt.sh
osff.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-05-15` - `2020-01-23`	8 months	crt.sh
www.google.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.officer.com Amazon	`2019-02-22` - `2020-03-22`	a year	crt.sh
baseplatform.io Let's Encrypt Authority X3	`2019-09-12` - `2019-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2018-12-19` - `2020-03-19`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-08-24` - `2019-10-19`	2 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-05-08` - `2019-11-04`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-07-17` - `2020-03-09`	8 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-07-30` - `2020-07-25`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.3lift.com Amazon	`2019-07-17` - `2020-08-17`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2019-04-17` - `2020-05-04`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-24` - `2020-04-23`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-10` - `2020-02-16`	6 months	crt.sh
as3.io Let's Encrypt Authority X3	`2019-08-20` - `2019-11-18`	3 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.officer.com/
Frame ID: C20064F6EE4378D8B5B798F80DB38715
Requests: 85 HTTP requests in this frame

Frame: https://5326342.fls.doubleclick.net/activityi;dc_pre=COGmrMCP3uQCFU7xdwodUIMONg;src=5326342;type=south0;cat=offic0;ord=3407999119003;gtm=2wg9b0;auiddc=1424817374.1568938535;~oref=https%3A%2F%2Fwww.officer.com%2F
Frame ID: 3AC59D03D1E86E9641A24BDE4941A3AD
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=fcmqatb&ref=https%3A%2F%2Fwww.officer.com%2F&upid=bdkjv41&upv=1.1.0
Frame ID: B37F1A88F64E2F7089ACFFAFB037318B
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=eac6kka&ref=https%3A%2F%2Fwww.officer.com%2F&upid=hc7wdvm&upv=1.1.0
Frame ID: 26C0A819851853D1CA5ED6143DF90138
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011909141409590/amp4ads-v0.js
Frame ID: 3D733CC8E353A7517017A714780274DC
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011909141409590/amp4ads-v0.js
Frame ID: AA9AB9AC39809D97A57478922777E423
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011909141409590/amp4ads-v0.js
Frame ID: 58F12CDC7AD696AF800128624619B6A5
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://officer.com/ HTTP 301
https://officer.com/ HTTP 301
https://www.officer.com/ Page URL

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:a|s)\.adroll\.com/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

106
Requests

100 %
HTTPS

39 %
IPv6

32
Domains

44
Subdomains

38
IPs

7
Countries

2113 kB
Transfer

5083 kB
Size

11
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.endeavorbusinessmedia.com/privacy-policy
Title: Learn more

Search URL Search Domain Scan URL

URL: https://forum.officer.com/
Title: Forums

Search URL Search Domain Scan URL

URL: https://www.facebook.com/officercom
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/officercom
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/groups/3287176/profile
Title:

Search URL Search Domain Scan URL

URL: https://www.endeavorbusinessmedia.com/endeavor-terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://stories.endeavorb2b.com/story/keltec/new-keltec-p17-redefines-affordable-range-time-fun/5c59da027e67d400019869ad
Title: <img class="img-responsive" src="https://cdn.officer.com/files/base/cygnus/ofcr/image/2019/09/16x9/320w/KelTec_P17_Angled.5d79046f945d2.jpg" alt="Kel Tec P17Angled" title="Kel Tec P17Angled" style="opacity:1;">

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/trackclk/N510001.111966OFFICER.COM/B22155005.254113465;dc_trk_aid=450173974;dc_trk_cid=112554537;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Title: KelTec™ Introduces P17™ Pistol, Passes Savings To Consumer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://officer.com/ HTTP 301
https://officer.com/ HTTP 301
https://www.officer.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://5326342.fls.doubleclick.net/activityi;src=5326342;type=south0;cat=offic0;ord=3407999119003;gtm=2wg9b0;auiddc=1424817374.1568938535;~oref=https%3A%2F%2Fwww.officer.com%2F HTTP 302
https://5326342.fls.doubleclick.net/activityi;dc_pre=COGmrMCP3uQCFU7xdwodUIMONg;src=5326342;type=south0;cat=offic0;ord=3407999119003;gtm=2wg9b0;auiddc=1424817374.1568938535;~oref=https%3A%2F%2Fwww.officer.com%2F

Request Chain 23

https://d.adroll.com/pixel/CGRSLPLE3JDWJFYOQV236W/Q6KTWFY4MRCUHA2WFIK4AK?adroll_fpc=6c2a1e60e07d93a1f1a716f57092682f-1568938534951&xid_ch=f&pv=9184014740.396273&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%2F%2Fwww.officer.com%2F HTTP 302
https://s.adroll.com/pixel/CGRSLPLE3JDWJFYOQV236W/Q6KTWFY4MRCUHA2WFIK4AK/6PKGRBAYNJDJBNH4GIQLHT.js

Request Chain 25

https://d.adroll.com/cm/aol/out?adroll_fpc=6c2a1e60e07d93a1f1a716f57092682f-1568938534951&xid_ch=f&advertisable=CGRSLPLE3JDWJFYOQV236W HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?uid=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPc411e0e0-db3b-11e9-96a2-02f24dd428ea HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?uid=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPc411e0e0-db3b-11e9-96a2-02f24dd428ea&verify=true

Request Chain 26

https://d.adroll.com/cm/index/out?adroll_fpc=6c2a1e60e07d93a1f1a716f57092682f-1568938534951&xid_ch=f&advertisable=CGRSLPLE3JDWJFYOQV236W HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&expiration=1600474535 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&expiration=1600474535&C=1

Request Chain 27

https://d.adroll.com/cm/n/out?adroll_fpc=6c2a1e60e07d93a1f1a716f57092682f-1568938534951&xid_ch=f&advertisable=CGRSLPLE3JDWJFYOQV236W HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&expires=365

Request Chain 28

https://d.adroll.com/cm/outbrain/out?adroll_fpc=6c2a1e60e07d93a1f1a716f57092682f-1568938534951&xid_ch=f&advertisable=CGRSLPLE3JDWJFYOQV236W HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&rdrctExp=true

Request Chain 29

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=6c2a1e60e07d93a1f1a716f57092682f-1568938534951&xid_ch=f&advertisable=CGRSLPLE3JDWJFYOQV236W HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 30

https://d.adroll.com/cm/r/out?adroll_fpc=6c2a1e60e07d93a1f1a716f57092682f-1568938534951&xid_ch=f&advertisable=CGRSLPLE3JDWJFYOQV236W HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 31

https://d.adroll.com/cm/taboola/out?adroll_fpc=6c2a1e60e07d93a1f1a716f57092682f-1568938534951&xid_ch=f&advertisable=CGRSLPLE3JDWJFYOQV236W HTTP 302
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk

Request Chain 32

https://d.adroll.com/cm/triplelift/out?adroll_fpc=6c2a1e60e07d93a1f1a716f57092682f-1568938534951&xid_ch=f&advertisable=CGRSLPLE3JDWJFYOQV236W HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&dongle=c85e&gdpr=1&cmp_cs=

Request Chain 33

https://d.adroll.com/cm/r/out?advertisable=CGRSLPLE3JDWJFYOQV236W HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 34

https://d.adroll.com/cm/b/out?advertisable=CGRSLPLE3JDWJFYOQV236W HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk

Request Chain 35

https://d.adroll.com/cm/x/out?advertisable=CGRSLPLE3JDWJFYOQV236W HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk

Request Chain 36

https://d.adroll.com/cm/l/out?advertisable=CGRSLPLE3JDWJFYOQV236W HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=3d05eb59713620e26f52a21b139a0b79

Request Chain 37

https://d.adroll.com/cm/o/out?advertisable=CGRSLPLE3JDWJFYOQV236W HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=3d05eb59713620e26f52a21b139a0b79 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=3d05eb59713620e26f52a21b139a0b79

Request Chain 38

https://d.adroll.com/cm/g/out?advertisable=CGRSLPLE3JDWJFYOQV236W&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=PQXrWXE2IOJvUqIbE5oLeQ HTTP 302
https://d.adroll.com/cm/g/in

106 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.officer.com/
Redirect Chain

http://officer.com/
https://officer.com/
https://www.officer.com/

273 KB
32 KB

477ms
187ms

Document
text/html

54.160.255.229
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.255.229 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-160-255-229.compute-1.amazonaws.com
Software: /
Resource Hash: fb3d6905876ffe6759b88214e4a0d29f03a78540973303ce5fd7262b935e3899

Request headers

Host: www.officer.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 20 Sep 2019 00:13:50 GMT
Cache-Control: max-age=0, must-revalidate, no-cache, no-store, public, s-maxage=600
X-Platform-Version: platform_4.407
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Age: 99
X-Served-By: 10.0.1.152
X-Cache: HIT: 14
Accept-Ranges: bytes
Transfer-Encoding: chunked

Redirect headers

Content-Type: text/plain
Location: https://www.officer.com/
Date: Fri, 20 Sep 2019 00:15:33 GMT
Connection: keep-alive
Transfer-Encoding: chunked

GET
H/1.1 200
OK 57e4685.css
www.officer.com/website/icarus/cygnus/ofcr/css/ 277 KB
47 KB 94ms
94ms Stylesheet
text/css 54.160.255.229
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officer.com/website/icarus/cygnus/ofcr/css/57e4685.css?platform_4.407
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.255.229 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-160-255-229.compute-1.amazonaws.com
Software: /
Resource Hash: 5fcbf185c01a65f2615874c57492b4fe0e2445f6f3d4e39bcfe4dfacb8fec869

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 21:11:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Sep 2019 17:43:51 GMT
Age: 11070
ETag: "45409-592eb7f1b03c0-gzip"
Vary: Accept-Encoding
X-Cache: HIT: 1851
Content-Type: text/css
cache-control: max-age=36400
Accept-Ranges: bytes
Content-Length: 48257
X-Served-By: 10.0.1.151

GET
H/1.1 200
OK 7b6629c.css
www.officer.com/website/icarus/cygnus/ofcr/css/ 157 KB
20 KB 281ms
94ms Stylesheet
text/css 54.160.255.229
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officer.com/website/icarus/cygnus/ofcr/css/7b6629c.css?platform_4.407
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.255.229 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-160-255-229.compute-1.amazonaws.com
Software: /
Resource Hash: d737f67927b1edb198219dbb7cc571aaab1429f6ed8282147d12ec096f91ebb9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 21:11:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Sep 2019 17:43:53 GMT
Age: 11070
ETag: "27283-592eb7f398840-gzip"
Vary: Accept-Encoding
X-Cache: HIT: 1849
Content-Type: text/css
cache-control: max-age=36400
Accept-Ranges: bytes
Content-Length: 20482
X-Served-By: 10.0.1.152

GET
H/1.1 200
OK radix.min.css
radix.officer.com/lib/ 41 KB
9 KB 413ms
95ms Stylesheet
text/css 54.81.60.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://radix.officer.com/lib/radix.min.css
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.81.60.13 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-81-60-13.compute-1.amazonaws.com
Software: /
Resource Hash: edae30db9ca350de62aaea880dcbc16f9ba13b52c8e9bc6c11349204b3b14a17

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Radix-Build: v2.0.8
Date: Thu, 19 Sep 2019 15:34:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 May 2019 14:53:07 GMT
Age: 31264
Vary: Accept-Encoding
X-Cache: HIT: 6600
Content-Type: text/css; charset=UTF-8
Expires: Thu, 19 Sep 2019 16:04:29 GMT
cache-control: max-age=36400
Accept-Ranges: bytes
Content-Length: 8898
X-Served-By: 10.0.1.152

GET
H/1.1 200
OK sapience.js Show response
olytics.cygnus.com/ 33 KB
9 KB 414ms
95ms Script
application/javascript 54.160.175.116
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://olytics.cygnus.com/sapience.js
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.175.116 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-160-175-116.compute-1.amazonaws.com
Software: /
Resource Hash: 294854484854cb24749fabe1f0be264fff4c770f6c65d9ba0313074176f74b89

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 15:49:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Mar 2019 17:37:44 GMT
Age: 30355
Vary: Accept-Encoding
X-Cache: HIT: 50923
Content-Type: application/javascript
Expires: Thu, 19 Sep 2019 17:49:38 GMT
cache-control: max-age=36400
Accept-Ranges: bytes
Content-Length: 9187
X-Served-By: 10.0.1.153

GET
H/1.1 200
OK 2795b1a.js Show response
www.officer.com/website/icarus/cygnus/ofcr/js/ 101 KB
35 KB 281ms
94ms Script
application/javascript 54.160.255.229
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officer.com/website/icarus/cygnus/ofcr/js/2795b1a.js?platform_4.407
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.255.229 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-160-255-229.compute-1.amazonaws.com
Software: /
Resource Hash: 207b0cfec249454f08db962371d5b43ef0457f3052c2be8f8345d79bcac39849

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 21:11:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Sep 2019 17:43:52 GMT
Age: 11070
ETag: "193ac-592eb7f2a4600-gzip"
Vary: Accept-Encoding
X-Cache: HIT: 1827
Content-Type: application/javascript
cache-control: max-age=36400
Accept-Ranges: bytes
Content-Length: 35204
X-Served-By: 10.0.1.151

GET
H/1.1 200
OK olytics.css
olytics.omeda.com/olytics/css/v3/p/ 17 KB
2 KB 789ms
109ms Stylesheet
text/css 204.180.130.159
Omeda Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/css/v3/p/olytics.css

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 Chicago, United States, ASN53866 (QTS-AS - Omeda Communications, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

551ced4538670220c93a5cc2da17efe7fb6f05b71bf8b15ccf6067ceb5ba6789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 20 Sep 2019 00:15:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 10 Aug 2019 11:17:16 GMT
Server: Apache
ETag: W/"17012-1565435836000"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Transfer-Encoding: chunked
Accept-Ranges: bytes
Vary: Accept-Encoding

GET
H2 200 raven.min.js Show response
cdn.ravenjs.com/3.19.1/ 26 KB
10 KB 22ms
6ms Script
application/javascript 2a04:4e42::729
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravenjs.com/3.19.1/raven.min.js
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Fastly /
Resource Hash: 91edcf8830247c93b6dbb8a13ac5dbe6bb43afa3a9fd7fc5fbce5ea597aa3ae3

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.officer.com/
Origin: https://www.officer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Sep 2019 00:15:34 GMT
content-encoding: gzip
last-modified: Tue, 17 Oct 2017 12:55:00 GMT
server: Fastly
age: 81463
etag: "3a668e43eb37dfde0a00195824418aa4"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10090

GET
H/1.1 200
OK 82faab6.js Show response
www.officer.com/website/icarus/cygnus/ofcr/js/ 30 KB
8 KB 282ms
94ms Script
application/javascript 54.160.255.229
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officer.com/website/icarus/cygnus/ofcr/js/82faab6.js?platform_4.407
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.255.229 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-160-255-229.compute-1.amazonaws.com
Software: /
Resource Hash: a4dbc187ea5bc92f39626bb29b04b3fd13e1b20ce043c3c5820d969bc9377527

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 21:11:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Sep 2019 17:43:53 GMT
Age: 11070
ETag: "7896-592eb7f398840-gzip"
Vary: Accept-Encoding
X-Cache: HIT: 1825
Content-Type: application/javascript
cache-control: max-age=36400
Accept-Ranges: bytes
Content-Length: 7975
X-Served-By: 10.0.1.150

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 714 B
581 B 17ms
16ms Script
text/javascript 2a00:1450:4001:81f::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

fedd2b741ffb042ad1d323fc6533f0ba7e150dc07c6a8bf350eff1d716a3ce5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Sep 2019 00:15:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 454
x-xss-protection: 1; mode=block
expires: Fri, 20 Sep 2019 00:15:34 GMT

GET
H/1.1 200
OK radix.min.js Show response
radix.officer.com/lib/ 217 KB
56 KB 413ms
95ms Script
application/javascript 54.81.60.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://radix.officer.com/lib/radix.min.js?x-radix-appid=b105cce3-d815-4347-9ae4-b203d58347a4
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.81.60.13 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-81-60-13.compute-1.amazonaws.com
Software: /
Resource Hash: 4e2e8590b6876b5be57e13395a5d1e0999deb77f674adcca04582f4c861dd6d0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Radix-Build: v2.0.8
X-Radix-Using: cygnus:ofcr
Content-Encoding: gzip
Last-Modified: Wed, 29 May 2019 14:53:07 GMT
Age: 31264
Date: Thu, 19 Sep 2019 15:34:29 GMT
Vary: Accept-Encoding
X-Cache: HIT: 6481
Content-Type: application/javascript
Expires: Thu, 19 Sep 2019 16:04:29 GMT
cache-control: max-age=36400
Accept-Ranges: bytes
Content-Length: 56467
X-Served-By: 10.0.1.152

GET
H/1.1 200
OK c6b1bc3.js Show response
www.officer.com/website/icarus/cygnus/ofcr/js/ 10 KB
2 KB 283ms
95ms Script
application/javascript 54.160.255.229
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officer.com/website/icarus/cygnus/ofcr/js/c6b1bc3.js?platform_4.407
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.255.229 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-160-255-229.compute-1.amazonaws.com
Software: /
Resource Hash: 9fd21956b5ba6af75a94c971e7a8b8eb80cd7700bcca41793419de3c04fae1e1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 21:11:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Sep 2019 17:43:53 GMT
Age: 11070
ETag: "2678-592eb7f398840-gzip"
Vary: Accept-Encoding
X-Cache: HIT: 1821
Content-Type: application/javascript
cache-control: max-age=36400
Accept-Ranges: bytes
Content-Length: 1893
X-Served-By: 10.0.1.153

GET
H2 200 site_logo.png
cdn.officer.com/files/base/cygnus/ofcr/image/static/logo/ 5 KB
5 KB 37ms
8ms Image
image/png 13.32.218.154
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.officer.com/files/base/cygnus/ofcr/image/static/logo/site_logo.png

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.32.218.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-32-218-154.fra56.r.cloudfront.net

Software

nginx/1.13.1 /

Resource Hash

e798ac47f3e8534ab9464394c649680162d949f419c6a4bb8067de3f1a8b3c49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 05 May 2019 03:22:46 GMT
via: 1.1 a84a4d90dd581e1a1c18e1bf5992b931.cloudfront.net (CloudFront)
last-modified: Thu, 04 May 2017 14:12:19 GMT
server: nginx/1.13.1
age: 11911968
etag: "a7398ee3067af00e81873bdf8fcd50a3"
strict-transport-security: max-age=31536000
x-cache: Hit from cloudfront
x-amz-version-id: tmOBruyD0W.W_yjkU0y9h0w.kAgkJzSF
status: 200
cache-control: max-age=15552000, public, must-revalidate
x-amz-cf-pop: FRA56
content-type: image/png
content-length: 4982
x-amz-cf-id: ZS2zAzJUAiuv7Ficn8jrjkw4zf77sKXNUXfiJKrMyOVeY2z5YE2UFA==

GET
H2 200 let_white.png
cdn.officer.com/files/base/cygnus/ofcr/image/static/logo/ 4 KB
4 KB 37ms
8ms Image
image/png 13.32.218.154
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.officer.com/files/base/cygnus/ofcr/image/static/logo/let_white.png

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.32.218.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-32-218-154.fra56.r.cloudfront.net

Software

nginx/1.13.1 /

Resource Hash

0d50069260a432a307781eb4ac8da134623760a0574df550f4f66d984f598653

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 10 May 2019 08:27:55 GMT
via: 1.1 a84a4d90dd581e1a1c18e1bf5992b931.cloudfront.net (CloudFront)
last-modified: Tue, 09 May 2017 14:17:58 GMT
server: nginx/1.13.1
age: 11461659
etag: "3c3d7572030ce3b26e64391b9f55b35d"
strict-transport-security: max-age=31536000
x-cache: Hit from cloudfront
x-amz-version-id: C2XYC.9uaWz9rsdOd3x2ceg3W8bkgqec
status: 200
cache-control: max-age=15552000, public, must-revalidate
x-amz-cf-pop: FRA56
content-type: image/png
content-length: 3798
x-amz-cf-id: Ea1VNCBfLbJJflv8LEhYfQnE1ixyp9893q5JcLUAe2-Fv7MY7PBKJw==

GET
H2 200 lepn_white.png
cdn.officer.com/files/base/cygnus/ofcr/image/static/logo/ 6 KB
6 KB 8ms
8ms Image
image/png 13.32.218.154
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.officer.com/files/base/cygnus/ofcr/image/static/logo/lepn_white.png

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.32.218.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-32-218-154.fra56.r.cloudfront.net

Software

nginx/1.13.1 /

Resource Hash

ca14491a16d46d8b2dd8c60c542d79c3d924fc5cdae38649576b23f69c8b8138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 05 May 2019 02:01:48 GMT
via: 1.1 a84a4d90dd581e1a1c18e1bf5992b931.cloudfront.net (CloudFront)
last-modified: Tue, 09 May 2017 14:22:27 GMT
server: nginx/1.13.1
age: 11916826
etag: "48ecc2c490d794915ae26a6be66ee819"
strict-transport-security: max-age=31536000
x-cache: Hit from cloudfront
x-amz-version-id: d15dqKNLCTA0BSVrpKtbBfUKY353UwFF
status: 200
cache-control: max-age=15552000, public, must-revalidate
x-amz-cf-pop: FRA56
content-type: image/png
content-length: 5819
x-amz-cf-id: re2ZcKYeeJRxtKKIjfk_I-x28QWNVmu0K0AVCHb3R-xziIvv3_TwMA==

GET
H/1.1 200
OK 7e96dd2.js Show response
www.officer.com/website/icarus/cygnus/ofcr/js/ 100 KB
31 KB 245ms
95ms Script
application/javascript 54.160.255.229
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officer.com/website/icarus/cygnus/ofcr/js/7e96dd2.js?platform_4.407
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.255.229 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-160-255-229.compute-1.amazonaws.com
Software: /
Resource Hash: 9cfc3adb1c025be672c3f295560b932ad8fb49bfab1bf80c2fc8ecea9f334d72

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 21:11:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Sep 2019 17:43:53 GMT
Age: 11070
ETag: "18f99-592eb7f398840-gzip"
Vary: Accept-Encoding
X-Cache: HIT: 1825
Content-Type: application/javascript
cache-control: max-age=36400
Accept-Ranges: bytes
Content-Length: 31728
X-Served-By: 10.0.1.152

GET
H/1.1 200
OK 3e3bc75.js Show response
www.officer.com/website/icarus/cygnus/ofcr/js/ 26 KB
7 KB 136ms
95ms Script
application/javascript 54.160.255.229
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.officer.com/website/icarus/cygnus/ofcr/js/3e3bc75.js?platform_4.407
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.255.229 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-160-255-229.compute-1.amazonaws.com
Software: /
Resource Hash: 28d2634af4341bfdfa057db4b750676254948ce9cfb47eec7328d16a8e2e4e1c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 21:11:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Sep 2019 17:43:52 GMT
Age: 11070
ETag: "682d-592eb7f2a4600-gzip"
Vary: Accept-Encoding
X-Cache: HIT: 1814
Content-Type: application/javascript
cache-control: max-age=36400
Accept-Ranges: bytes
Content-Length: 7029
X-Served-By: 10.0.1.150

GET
H/1.1 200
OK reskin.js Show response
www.baseplatform.io/lib/ 9 KB
3 KB 388ms
94ms Script
application/javascript 54.81.60.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.baseplatform.io/lib/reskin.js
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.81.60.13 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-81-60-13.compute-1.amazonaws.com
Software: /
Resource Hash: 35f2336064dcebd970e282bb31863c86fa57b541c2e9ae7bbd3596fa2e4a0539

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Platform-Version: platform_4.406
Date: Thu, 19 Sep 2019 15:49:30 GMT
Content-Encoding: gzip
Age: 30364
Vary: Accept-Encoding
X-Cache: HIT: 90227
Content-Type: application/javascript
cache-control: max-age=36400
Accept-Ranges: bytes
Content-Length: 2438
X-Served-By: 10.0.1.152

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 5521
date: Thu, 19 Sep 2019 22:43:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Fri, 20 Sep 2019 00:43:33 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 56 KB
21 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:819::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TZNC8W8

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d0527ef5b1506d7e27c5ae254a72dcae2db1e69b1437c41eff3d03c75ebb041

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Sep 2019 00:15:34 GMT
content-encoding: br
last-modified: Fri, 20 Sep 2019 00:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 21099
x-xss-protection: 0
expires: Fri, 20 Sep 2019 00:15:34 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 33 KB
11 KB 19ms
6ms Script
text/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZNC8W8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c8a59bd04ab2de75273ca546fb3dd24a5872a323750bf07eaa5170e66039a30b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: gEkuQvG6M0PPPMIR.dNivtNto30z0VNj
Content-Encoding: gzip
ETag: "2643c9fc66722f575776f403d0944eb9"
x-amz-request-id: C93424A36427C22D
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 10313
x-amz-id-2: tmxGhCi9DKHDGB5Lb2xtoybzoAm9YQvJWLshf6B1PkXk1hXrFB2usiQgHsZrWfArWfQCsXNqoNM=
Last-Modified: Thu, 19 Sep 2019 20:27:17 GMT
Server: AmazonS3
Date: Fri, 20 Sep 2019 00:15:34 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

activityi;dc_pre=COGmrMCP3uQCFU7xdwodUIMONg;src=5326342;type=south0;cat=offic0;ord=3407999119003;gtm=2wg9b0;auiddc=1424817374.1568938535;~oref=https%3A%2F%2Fwww.officer.com%2F
5326342.fls.doubleclick.net/ Frame 3AC5
Redirect Chain

https://5326342.fls.doubleclick.net/activityi;src=5326342;type=south0;cat=offic0;ord=3407999119003;gtm=2wg9b0;auiddc=1424817374.1568938535;~oref=https%3A%2F%2Fwww.officer.com%2F?
https://5326342.fls.doubleclick.net/activityi;dc_pre=COGmrMCP3uQCFU7xdwodUIMONg;src=5326342;type=south0;cat=offic0;ord=3407999119003;gtm=2wg9b0;auiddc=1424817374.1568938535;~oref=https%3A%2F%2Fwww....

0
0

19ms
19ms

Document
text/html

172.217.21.198
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://5326342.fls.doubleclick.net/activityi;dc_pre=COGmrMCP3uQCFU7xdwodUIMONg;src=5326342;type=south0;cat=offic0;ord=3407999119003;gtm=2wg9b0;auiddc=1424817374.1568938535;~oref=https%3A%2F%2Fwww.officer.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZNC8W8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.198 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s12-in-f198.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5326342.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=COGmrMCP3uQCFU7xdwodUIMONg;src=5326342;type=south0;cat=offic0;ord=3407999119003;gtm=2wg9b0;auiddc=1424817374.1568938535;~oref=https%3A%2F%2Fwww.officer.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.officer.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.officer.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 20 Sep 2019 00:15:34 GMT
expires: Fri, 20 Sep 2019 00:15:34 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 326
x-xss-protection: 0
set-cookie: IDE=AHWqTUlTPTC12QxrI6pGUEVGezwreJPclhcXoZjahZbzvc3LsCX2cOj1gtSU-LnE; expires=Wed, 14-Oct-2020 00:15:34 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 20 Sep 2019 00:15:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5326342.fls.doubleclick.net/activityi;dc_pre=COGmrMCP3uQCFU7xdwodUIMONg;src=5326342;type=south0;cat=offic0;ord=3407999119003;gtm=2wg9b0;auiddc=1424817374.1568938535;~oref=https%3A%2F%2Fwww.officer.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 20-Sep-2019 00:30:34 GMT; path=/; domain=.doubleclick.net
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/exp/CGRSLPLE3JDWJFYOQV236W/ 37 B
689 B 12ms
12ms Script
application/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/CGRSLPLE3JDWJFYOQV236W/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6a8466d729c03a3f87ea7d1ea02379eae9ffc52171cd62b9428a39ca71675814

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: rMHYRgZxDlIXIrrd1DjnxilOBJUes9WO
ETag: "af5292134b7f9ce1b2a338c5daae4370"
x-amz-request-id: 4009C2C3BF89A498
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 37
x-amz-id-2: /DKBCS4DZQDRfUir4bXlVgbEtUCqqTrgXoIzzuzjPEQYkkjYPJtXe55UWMJXws0VA0f8WXFDTYY=
Last-Modified: Thu, 19 Sep 2019 22:02:00 GMT
Server: AmazonS3
Date: Fri, 20 Sep 2019 00:15:34 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK CGRSLPLE3JDWJFYOQV236W Show response
d.adroll.com/consent/check/ 52 B
511 B 117ms
29ms Script
application/javascript 54.246.124.184
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/CGRSLPLE3JDWJFYOQV236W?_s=c8471ded8c2e6ebf108897ad4498b77c&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.124.184 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-246-124-184.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: 6a5862cec71ec62c1d809d12c7919541d611156c4afe375bf8cf7b5ddd7e406d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Sep 2019 00:15:34 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 52

GET
H/1.1

200
OK

6PKGRBAYNJDJBNH4GIQLHT.js Show response
s.adroll.com/pixel/CGRSLPLE3JDWJFYOQV236W/Q6KTWFY4MRCUHA2WFIK4AK/
Redirect Chain

https://d.adroll.com/pixel/CGRSLPLE3JDWJFYOQV236W/Q6KTWFY4MRCUHA2WFIK4AK?adroll_fpc=6c2a1e60e07d93a1f1a716f57092682f-1568938534951&xid_ch=f&pv=9184014740.396273&cookie=&adroll_s_ref=&keyw=&arrfrr=h...
https://s.adroll.com/pixel/CGRSLPLE3JDWJFYOQV236W/Q6KTWFY4MRCUHA2WFIK4AK/6PKGRBAYNJDJBNH4GIQLHT.js

5 KB
2 KB

10ms
10ms

Script
text/javascript

2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/CGRSLPLE3JDWJFYOQV236W/Q6KTWFY4MRCUHA2WFIK4AK/6PKGRBAYNJDJBNH4GIQLHT.js
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9b8994559abbeed2aaa7714c8b78fa7759443ff6e71c00c841c273c5d98b731d

Request headers

Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: i01F4XsCZpFUHJEb82t3X7_Koas.hR3m
Content-Encoding: gzip
ETag: "d0e8cc4918834037724b1ac38de2d492"
x-amz-request-id: 125F1CD1E31B70F5
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1697
x-amz-id-2: 2Iqyff1IazPAoVw+f6mx3R87LO9FenYF0ITvP4OfS0j4bRNchFIC4j9GlzDtuN0FMAba4lDo7bc=
Last-Modified: Tue, 20 Aug 2019 23:57:20 GMT
Server: AmazonS3
Date: Fri, 20 Sep 2019 00:15:34 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Fri, 20 Sep 2019 00:15:34 GMT
X-Segment-Display-Name
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
X-Conversion-Value: 0.0
Server: nginx/1.14.1
X-Rule: */
X-Segment-Eid: 6PKGRBAYNJDJBNH4GIQLHT
Location: https://s.adroll.com/pixel/CGRSLPLE3JDWJFYOQV236W/Q6KTWFY4MRCUHA2WFIK4AK/6PKGRBAYNJDJBNH4GIQLHT.js
Cache-Control: no-store, no-cache, must-revalidate
X-Pixel-Eid: Q6KTWFY4MRCUHA2WFIK4AK
X-Segment-Name: 0e35406b
X-Advertisable-Eid: CGRSLPLE3JDWJFYOQV236W
X-Conversion-Currency

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 121 KB
31 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: s.adroll.com
URL: https://s.adroll.com/pixel/CGRSLPLE3JDWJFYOQV236W/Q6KTWFY4MRCUHA2WFIK4AK/6PKGRBAYNJDJBNH4GIQLHT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 31604
x-xss-protection: 0
pragma: public
x-fb-debug: VHm2ft6fN5gHnKhVSanmWOWb4J8oj1EPggy/o2mF3gxgZaN8ynN1KcuSfoiCZVrJLlyMvK3FHIvbNTG/ghl+bQ==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Fri, 20 Sep 2019 00:15:35 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/aol/out?adroll_fpc=6c2a1e60e07d93a1f1a716f57092682f-1568938534951&xid_ch=f&advertisable=CGRSLPLE3JDWJFYOQV236W
https://pixel.advertising.com/ups/55980/sync?uid=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://pixel.advertising.com/ups/55980/sync?uid=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
https://ups.analytics.yahoo.com/ups/55980/sync?uid=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPc411e0e0-db3b-11e9-96a2-02...
https://ups.analytics.yahoo.com/ups/55980/sync?uid=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPc411e0e0-db3b-11e9-96a2-02...

0
472 B

8ms
8ms

Image
text/plain

52.58.41.129
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.analytics.yahoo.com/ups/55980/sync?uid=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPc411e0e0-db3b-11e9-96a2-02f24dd428ea&verify=true
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.41.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-41-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Fri, 20 Sep 2019 00:15:35 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Fri, 20 Sep 2019 00:15:35 GMT
content-length: 0
location: https://ups.analytics.yahoo.com/ups/55980/sync?uid=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPc411e0e0-db3b-11e9-96a2-02f24dd428ea&verify=true
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=6c2a1e60e07d93a1f1a716f57092682f-1568938534951&xid_ch=f&advertisable=CGRSLPLE3JDWJFYOQV236W
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&expiration=1600474535
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&expiration=1600474535&C=1

43 B
898 B

12ms
11ms

Image
image/gif

2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&expiration=1600474535&C=1
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Sep 2019 00:15:35 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Sep 2019 00:15:35 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 Sep 2019 00:15:35 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&expiration=1600474535&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Fri, 20 Sep 2019 00:15:35 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=6c2a1e60e07d93a1f1a716f57092682f-1568938534951&xid_ch=f&advertisable=CGRSLPLE3JDWJFYOQV236W
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&expires=365

0
239 B

29ms
8ms

Image
image/gif

69.173.144.136
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&expires=365
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.136 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 20 Sep 2019 00:15:35 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&expires=365
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 124

GET
H2

200

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=6c2a1e60e07d93a1f1a716f57092682f-1568938534951&xid_ch=f&advertisable=CGRSLPLE3JDWJFYOQV236W
https://sync.outbrain.com/cookie-sync?p=adroll&uid=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk
https://sync.outbrain.com/cookie-sync?p=adroll&uid=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&rdrctExp=true

0
325 B

94ms
94ms

Image
text/plain

151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&rdrctExp=true
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Sep 2019 00:15:35 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, JFK, HHN, Europe1
x-timer: S1568938535.255106,VS0,VE88
accept-ranges: bytes, bytes
x-served-by: cache-jfk8146-JFK, cache-hhn4061-HHN
x-cache: MISS, MISS
status: 200
backend-ip: 104.156.90.46
x-traceid: 60a246b751a2888083c992cab9db3278
content-length: 0
x-cache-hits: 0, 0

Redirect headers

date: Fri, 20 Sep 2019 00:15:35 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, JFK, HHN, Europe1
x-timer: S1568938535.162267,VS0,VE83
accept-ranges: bytes, bytes
x-served-by: cache-jfk8126-JFK, cache-hhn4061-HHN
status: 302
x-cache: MISS, MISS
location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&rdrctExp=true
backend-ip: 104.156.90.26
x-traceid: 90a18fa029aabf78a95c6b4123a02838
content-length: 0
x-cache-hits: 0, 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=6c2a1e60e07d93a1f1a716f57092682f-1568938534951&xid_ch=f&advertisable=CGRSLPLE3JDWJFYOQV236W
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
862 B

51ms
13ms

Image
text/html

185.64.189.110
PubMatic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Fri, 20 Sep 2019 00:15:35 GMT
X-lat: Pug22020:0:470
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

Pragma: no-cache
Date: Fri, 20 Sep 2019 00:15:35 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 220

GET
H/1.1

200
OK

in
d.adroll.com/cm/r/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=6c2a1e60e07d93a1f1a716f57092682f-1568938534951&xid_ch=f&advertisable=CGRSLPLE3JDWJFYOQV236W
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

42 B
488 B

31ms
30ms

Image
image/gif

54.246.124.184
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.124.184 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-246-124-184.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Sep 2019 00:15:35 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42

Redirect headers

Date: Fri, 20 Sep 2019 00:15:35 GMT
X-Content-Type-Options: nosniff
Server: ATS
Age: 0
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Location: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

204

/
trc.taboola.com/sg/adroll-network/1/rtb-h/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=6c2a1e60e07d93a1f1a716f57092682f-1568938534951&xid_ch=f&advertisable=CGRSLPLE3JDWJFYOQV236W
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk

0
198 B

14ms
14ms

Image
text/plain

151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Sep 2019 00:15:35 GMT
via: 1.1 varnish
server: nginx
x-timer: S1568938535.317895,VS0,VE9
x-cache: MISS
status: 204
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-hhn4061-HHN

Redirect headers

Pragma: no-cache
Date: Fri, 20 Sep 2019 00:15:35 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 111

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=6c2a1e60e07d93a1f1a716f57092682f-1568938534951&xid_ch=f&advertisable=CGRSLPLE3JDWJFYOQV236W
https://eb2.3lift.com/xuid?mid=4714&xuid=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&dongle=c85e&gdpr=1&cmp_cs=

37 B
336 B

10ms
10ms

Image
image/gif

18.196.141.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&dongle=c85e&gdpr=1&cmp_cs=
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.141.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-196-141-29.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 20 Sep 2019 00:15:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

status: 302
date: Fri, 20 Sep 2019 00:15:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: /xuid?ld=1&mid=4714&xuid=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk&dongle=c85e&gdpr=1&cmp_cs=
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

in
d.adroll.com/cm/r/
Redirect Chain

https://d.adroll.com/cm/r/out?advertisable=CGRSLPLE3JDWJFYOQV236W
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

42 B
488 B

30ms
29ms

Image
image/gif

54.246.124.184
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.124.184 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-246-124-184.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Sep 2019 00:15:35 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42

Redirect headers

Date: Fri, 20 Sep 2019 00:15:35 GMT
X-Content-Type-Options: nosniff
Server: ATS
Age: 0
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Location: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?advertisable=CGRSLPLE3JDWJFYOQV236W
https://x.bidswitch.net/sync?dsp_id=44&user_id=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk

43 B
379 B

7ms
7ms

Image
image/gif

3.122.83.132
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.83.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-122-83-132.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 20 Sep 2019 00:15:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status: 302
date: Fri, 20 Sep 2019 00:15:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?advertisable=CGRSLPLE3JDWJFYOQV236W
https://ib.adnxs.com/setuid?entity=172&code=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk

43 B
875 B

37ms
12ms

Image
image/gif

185.33.223.197
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=172&code=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.197 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

302.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Sep 2019 00:15:37 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 302.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.118:80
AN-X-Request-Uuid: 5f8f2374-aba6-4f41-b094-50589bbe3ae5
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 Sep 2019 00:15:35 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://ib.adnxs.com/setuid?entity=172&code=M2QwNWViNTk3MTM2MjBlMjZmNTJhMjFiMTM5YTBiNzk
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 93

GET
H2

204

377928.gif
idsync.rlcdn.com/
Redirect Chain

https://d.adroll.com/cm/l/out?advertisable=CGRSLPLE3JDWJFYOQV236W
https://idsync.rlcdn.com/377928.gif?partner_uid=3d05eb59713620e26f52a21b139a0b79

0
62 B

124ms
112ms

Image
text/plain

35.190.72.21
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/377928.gif?partner_uid=3d05eb59713620e26f52a21b139a0b79
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 21.72.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Fri, 20 Sep 2019 00:15:35 GMT
via: 1.1 google
alt-svc: clear

Redirect headers

Pragma: no-cache
Date: Fri, 20 Sep 2019 00:15:35 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://idsync.rlcdn.com/377928.gif?partner_uid=3d05eb59713620e26f52a21b139a0b79
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 86

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?advertisable=CGRSLPLE3JDWJFYOQV236W
https://us-u.openx.net/w/1.0/sd?id=537103138&val=3d05eb59713620e26f52a21b139a0b79
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=3d05eb59713620e26f52a21b139a0b79

43 B
109 B

14ms
14ms

Image
image/gif

34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=3d05eb59713620e26f52a21b139a0b79
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.163.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Sep 2019 00:15:35 GMT
via: 1.1 google
server: OXGW/16.163.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 20 Sep 2019 00:15:35 GMT
via: 1.1 google
server: OXGW/16.163.0
status: 302
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=3d05eb59713620e26f52a21b139a0b79
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?advertisable=CGRSLPLE3JDWJFYOQV236W&google_nid=adroll5
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=PQXrWXE2IOJvUqIbE5oLeQ
https://d.adroll.com/cm/g/in

42 B
523 B

31ms
31ms

Image
image/gif

54.246.124.184
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.124.184 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-246-124-184.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Sep 2019 00:15:35 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-Result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Fri, 20 Sep 2019 00:15:35 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 200238080549591 Show response
connect.facebook.net/signals/config/ 307 KB
79 KB 81ms
80ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/200238080549591?v=2.9.4&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

e1cf1f63739939d962fa3d899f419d78cd0015cc538f4fde22f6eda0c13b9145

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-xss-protection: 0
pragma: public
x-fb-debug: qJ3s6DC4IrLHcY6N03ExTds3DG6N/s/Si2FoVT0oUfZLuIAWa/1pyjJhcScSXN0owHgr6bGsyHf8zsI1kuDY9A==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Fri, 20 Sep 2019 00:15:35 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK olytics.min.js Show response
olytics.omeda.com/olytics/js/v3/p/ 242 KB
243 KB 109ms
109ms Script
application/javascript 204.180.130.159
Omeda Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 Chicago, United States, ASN53866 (QTS-AS - Omeda Communications, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

5f6188ddfeaf711ed957397d9bab98c3e757aa6f102a264a11b92eadd929f020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 20 Sep 2019 00:15:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 08 Aug 2019 18:09:50 GMT
Server: Apache
ETag: W/"247596-1565287790000"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=600
Transfer-Encoding: chunked
Accept-Ranges: bytes
Expires: Fri, 20 Sep 2019 00:25:40 GMT

GET
H2 200 fortnight.min.js Show response
d24bnj4f1s1f8m.cloudfront.net/1.0.0-rc.4.3/ 38 KB
13 KB 51ms
23ms Script
application/javascript 2600:9000:2057:3200:6:b4cc:d980:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d24bnj4f1s1f8m.cloudfront.net/1.0.0-rc.4.3/fortnight.min.js
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:3200:6:b4cc:d980:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1901883b41320f43b0643db4b3e0acec95cd96343ea192995777687b7e3098c4

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.officer.com/
Origin: https://www.officer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 05 May 2019 00:39:33 GMT
content-encoding: gzip
age: 11921763
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
status: 200
x-amz-request-id: 27C8A8837BEE6463
x-amz-id-2: 8p8aQRZ3qQqUviIHKZ4/0ETpUNhGw+6OVknci3iArl3rboM/O92zLS//yFcZHK9HstneyhSgdAI=
last-modified: Wed, 18 Jul 2018 17:49:39 GMT
server: AmazonS3
vary: Accept-Encoding
x-amz-version-id: null
access-control-allow-origin: *
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA6-C1
content-type: application/javascript; charset=UTF-8
x-amz-cf-id: -C653MGzgs26BED8FNPwS0ivTs8q1pGCj-zyNRSBj_cLSFY9V8lCsg==

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/api2/v1566858990656/ 264 KB
92 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/api2/v1566858990656/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3cad6b7ba79270dee54a5ba1482ac6b522b147dc8f9d04791050711ada7865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 07:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Aug 2019 23:45:00 GMT
server: sffe
age: 1787853
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 94196
x-xss-protection: 0
expires: Sat, 29 Aug 2020 07:38:02 GMT

GET
H/1.1 200
OK init Show response
radix.officer.com/app/ 820 B
1 KB 95ms
95ms XHR
application/json 54.81.60.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://radix.officer.com/app/init
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.19.1/raven.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.81.60.13 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-81-60-13.compute-1.amazonaws.com
Software: /
Resource Hash: 54c00466505c647315a99f6db85ab0dcc6ab4bea1cdf7e157025803f880bed39

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.officer.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Radix-AppId: b105cce3-d815-4347-9ae4-b203d58347a4
Content-Type: application/json

Response headers

X-Radix-Build: v2.0.8
Date: Fri, 20 Sep 2019 00:13:10 GMT
Last-Modified: Tue, 12 Sep 2017 15:55:28 GMT
X-Radix-Using: cygnus:ofcr
Age: 144
Vary: Origin
X-Cache: HIT: 40
Content-Type: application/json
Access-Control-Allow-Origin: https://www.officer.com
Expires: Fri, 20 Sep 2019 00:18:11 GMT
Cache-Control: max-age=300, public, s-maxage=300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 820
X-Served-By: 10.0.1.151

POST
H/1.1 201
Created ofcr Show response
olytics.cygnus.com/events/cygnus/ 16 B
345 B 104ms
103ms XHR
application/json 54.160.175.116
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://olytics.cygnus.com/events/cygnus/ofcr
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.19.1/raven.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.175.116 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-160-175-116.compute-1.amazonaws.com
Software: Apache/2.4.25 (Debian) / PHP/5.6.40
Resource Hash: 56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Fri, 20 Sep 2019 00:15:35 GMT
Server: Apache/2.4.25 (Debian)
X-Powered-By: PHP/5.6.40
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache=Set-Cookie, private, s-maxage=0
Content-Length: 16
Expires: Sat, 01 Jan 2000 01:01:01 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 5ms
5ms Image
image/gif 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1251377428&t=pageview&_s=1&dl=https%3A%2F%2Fwww.officer.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Officer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgAAB~&jid=637643296&gjid=629521391&cid=543036466.1568938535&tid=UA-21023777-1&_gid=1624540014.1568938535&z=218433141

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Aug 2019 04:16:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2404733
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
stats.g.doubleclick.net/r/ 35 B
102 B 15ms
15ms Image
image/gif 2a00:1450:400c:c09::9b
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-21023777-1&cid=543036466.1568938535&jid=637643296&gjid=629521391&_gid=1624540014.1568938535&_u=aGBAgAAB~&z=598583104

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 20 Sep 2019 00:15:35 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 header.png
cdn.officer.com/files/base/cygnus/ofcr/image/static/logo/ 55 KB
55 KB 10ms
10ms Image
image/png 13.32.218.154
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.officer.com/files/base/cygnus/ofcr/image/static/logo/header.png

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.32.218.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-32-218-154.fra56.r.cloudfront.net

Software

nginx/1.13.1 /

Resource Hash

3a5a1210063d9c0fbd9fc2e9194f63281aa653a1e21c4c8da2e1f686fa28e630

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/website/icarus/cygnus/ofcr/css/7b6629c.css?platform_4.407
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 10 May 2019 11:01:57 GMT
via: 1.1 a84a4d90dd581e1a1c18e1bf5992b931.cloudfront.net (CloudFront)
last-modified: Thu, 04 May 2017 18:43:13 GMT
server: nginx/1.13.1
age: 11452418
etag: "9ff382f69d4ccabfc41161222b29ddd7"
strict-transport-security: max-age=31536000
x-cache: Hit from cloudfront
x-amz-version-id: BEd0wsyJVv2pHbD1kmiKaZYPdmJ5bhVv
status: 200
cache-control: max-age=15552000, public, must-revalidate
x-amz-cf-pop: FRA56
content-type: image/png
content-length: 56188
x-amz-cf-id: v1sRBqlwNDWyAiQpb2b6xAPmmzPIUNZO-mJarQyOtJ7v0fi4yxW9Nw==

GET
H2 200 5aU19_a8oxmIfNJdERySiA.ttf
fonts.gstatic.com/s/hind/v10/ 39 KB
21 KB 6ms
5ms Font
font/ttf 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/hind/v10/5aU19_a8oxmIfNJdERySiA.ttf

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b7917c3622df1869f737865a6bbbf2509dcb6b8b8a6ec09b4c9a17c48a67ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.officer.com/website/icarus/cygnus/ofcr/css/7b6629c.css?platform_4.407
Origin: https://www.officer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 23 Aug 2019 10:50:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2381088
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 21027
x-xss-protection: 0
last-modified: Mon, 22 Jul 2019 19:17:59 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Aug 2020 10:50:47 GMT

GET
H2 200 5aU69_a8oxmIdGl4AQ.ttf
fonts.gstatic.com/s/hind/v10/ 37 KB
21 KB 6ms
6ms Font
font/ttf 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/hind/v10/5aU69_a8oxmIdGl4AQ.ttf

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

16a298de7894f931fe81fe0a39114d37a2c2ab8ea37589b2cb370abfa8d448f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.officer.com/website/icarus/cygnus/ofcr/css/7b6629c.css?platform_4.407
Origin: https://www.officer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 25 Aug 2019 08:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2215827
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 20965
x-xss-protection: 0
last-modified: Mon, 22 Jul 2019 19:18:11 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Aug 2020 08:45:08 GMT

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/fonts/ 55 KB
56 KB 17ms
16ms Font
application/octet-stream 2606:4700::6813:c797
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.officer.com/website/icarus/cygnus/ofcr/css/57e4685.css?platform_4.407
Origin: https://www.officer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Sep 2019 00:15:35 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 13572475
status: 200
content-length: 56780
served-in-seconds: 0.033
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:53 GMT
server: cloudflare
etag: "5afd4939-ddcc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 518f9b158afacbbc-VIE
expires: Wed, 09 Sep 2020 00:15:35 GMT

GET
H2 200 LYjCdG7kmE0gdXxZsCRgrQ.ttf
fonts.gstatic.com/s/teko/v9/ 33 KB
18 KB 7ms
7ms Font
font/ttf 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/teko/v9/LYjCdG7kmE0gdXxZsCRgrQ.ttf

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d883dc03843180782ea18965f7c9297d65ac504822281ac981d6f5fc555e8084

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.officer.com/website/icarus/cygnus/ofcr/css/7b6629c.css?platform_4.407
Origin: https://www.officer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 23 Aug 2019 10:48:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2381225
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17863
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 23:48:25 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Aug 2020 10:48:30 GMT

GET
H2 200 5aU19_a8oxmIfLZcERySiA.ttf
fonts.gstatic.com/s/hind/v10/ 38 KB
21 KB 6ms
6ms Font
font/ttf 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/hind/v10/5aU19_a8oxmIfLZcERySiA.ttf

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9f2235f4d5a7ac2c5a4b6cbb312e73b0e7595ca4c4e0a49950d24efda707ecf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.officer.com/website/icarus/cygnus/ofcr/css/7b6629c.css?platform_4.407
Origin: https://www.officer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 23 Aug 2019 10:43:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2381528
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 21394
x-xss-protection: 0
last-modified: Mon, 22 Jul 2019 19:18:18 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Aug 2020 10:43:27 GMT

GET
H2 200 XRY_20_8_M.5d4b63afdf226.jpg
cdn.officer.com/files/base/cygnus/ofcr/image/2019/08/16x9/960w/ 105 KB
105 KB 13ms
12ms Image
image/jpeg 13.32.218.154
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.officer.com/files/base/cygnus/ofcr/image/2019/08/16x9/960w/XRY_20_8_M.5d4b63afdf226.jpg

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.32.218.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-32-218-154.fra56.r.cloudfront.net

Software

nginx/1.13.1 /

Resource Hash

33910a2379204fb9c00aeee9ffd5434b7656368dcf721e212f7c4fe0d15434dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 18 Sep 2019 05:07:51 GMT
via: 1.1 a84a4d90dd581e1a1c18e1bf5992b931.cloudfront.net (CloudFront)
age: 155263
x-cache: Hit from cloudfront
status: 200
content-length: 107137
last-modified: Wed, 18 Sep 2019 05:04:03 GMT
server: nginx/1.13.1
etag: "427f8a147fe02ebe9eac6412c1d28f1b"
strict-transport-security: max-age=31536000
x-amz-version-id: MqvGysTtQEehtEzuCRJXBmxiZVaH2ypQ
access-control-allow-origin: *
cache-control: max-age=15552000, public, must-revalidate
x-amz-cf-pop: FRA56
content-type: image/jpeg
x-amz-cf-id: mrsifqDfnsGii3vRIE9b1X75yo7-uQQ5ZpuvxWSWTGe_ooHu1d3cDA==

GET
H2 200 US_NEWS_POLICE_OFFICER_FINDS_INTERNATIONAL_SUCCESS_8_MLI.5d83a203bd60c.jpg
cdn.officer.com/files/base/cygnus/ofcr/image/2019/09/16x9/160w/ 7 KB
8 KB 24ms
24ms Image
image/jpeg 13.32.218.154
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.officer.com/files/base/cygnus/ofcr/image/2019/09/16x9/160w/US_NEWS_POLICE_OFFICER_FINDS_INTERNATIONAL_SUCCESS_8_MLI.5d83a203bd60c.jpg

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.32.218.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-32-218-154.fra56.r.cloudfront.net

Software

nginx/1.13.1 /

Resource Hash

48ce1eeadef597177e7b2fc75ea1a25340040002f43115c655a5fa91f83f0ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 19:56:59 GMT
via: 1.1 a84a4d90dd581e1a1c18e1bf5992b931.cloudfront.net (CloudFront)
age: 15515
x-cache: Hit from cloudfront
status: 200
content-length: 7503
last-modified: Thu, 19 Sep 2019 15:47:12 GMT
server: nginx/1.13.1
etag: "7802110f527743dc5685d83533caf577"
strict-transport-security: max-age=31536000
x-amz-version-id: zegPr45SNv.q2vPr4aDMNlI1XN7Vhson
access-control-allow-origin: *
cache-control: max-age=15552000, public, must-revalidate
x-amz-cf-pop: FRA56
content-type: image/jpeg
x-amz-cf-id: Mlpgx4iqAsp-rSAg_m3FNOmfWJqzIqQtlkJDpulv88-3KC-TYD_BfQ==

GET
H2 200 nypdofficer.5d8350ee5157b.jpg
cdn.officer.com/files/base/cygnus/ofcr/image/2019/09/16x9/160w/ 8 KB
8 KB 12ms
11ms Image
image/jpeg 13.32.218.154
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.officer.com/files/base/cygnus/ofcr/image/2019/09/16x9/160w/nypdofficer.5d8350ee5157b.jpg

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.32.218.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-32-218-154.fra56.r.cloudfront.net

Software

nginx/1.13.1 /

Resource Hash

34dba9d950df81e9332b155c31e62478a6536fd378c8011edde113a9f0d0019d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 11:59:43 GMT
via: 1.1 a84a4d90dd581e1a1c18e1bf5992b931.cloudfront.net (CloudFront)
age: 44152
x-cache: Hit from cloudfront
status: 200
content-length: 7817
last-modified: Thu, 19 Sep 2019 09:59:57 GMT
server: nginx/1.13.1
etag: "5483bfccc60abd16478562e63f4a0216"
strict-transport-security: max-age=31536000
x-amz-version-id: NrQ891f4aqFCVKV9b8H9lktanouf4jGJ
access-control-allow-origin: *
cache-control: max-age=15552000, public, must-revalidate
x-amz-cf-pop: FRA56
content-type: image/jpeg
x-amz-cf-id: qlRJ7M717G3gSXuSA9JMLDODgjraC2qSYhrVK0zZyy6u2ySFkduwtQ==

GET
H2 200 twocharged.5d83603a41dde.jpg
cdn.officer.com/files/base/cygnus/ofcr/image/2019/09/16x9/160w/ 6 KB
6 KB 19ms
19ms Image
image/jpeg 13.32.218.154
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.officer.com/files/base/cygnus/ofcr/image/2019/09/16x9/160w/twocharged.5d83603a41dde.jpg

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.32.218.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-32-218-154.fra56.r.cloudfront.net

Software

nginx/1.13.1 /

Resource Hash

ef562a0811fd79b4de40bc858808c943447f9f95755ea62f0691aae806985015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Sep 2019 18:13:43 GMT
via: 1.1 a84a4d90dd581e1a1c18e1bf5992b931.cloudfront.net (CloudFront)
age: 21711
x-cache: Hit from cloudfront
status: 200
content-length: 6149
last-modified: Thu, 19 Sep 2019 11:03:10 GMT
server: nginx/1.13.1
etag: "ccc729dd37c45fdd13a292f3404bb5d9"
strict-transport-security: max-age=31536000
x-amz-version-id: m3eG91slLYa1DmPAnYS_CoJUkrti07LV
access-control-allow-origin: *
cache-control: max-age=15552000, public, must-revalidate
x-amz-cf-pop: FRA56
content-type: image/jpeg
x-amz-cf-id: LMO0UTryhM3Vs7_gy49G9r8pVOzrM19vm5XxWZOUN2PMwzekhNb6Pg==

GET
H2 200 KelTec_P17_Angled.5d79046f945d2.jpg
cdn.officer.com/files/base/cygnus/ofcr/image/2019/09/16x9/160w/ 3 KB
3 KB 12ms
11ms Image
image/jpeg 13.32.218.154
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.officer.com/files/base/cygnus/ofcr/image/2019/09/16x9/160w/KelTec_P17_Angled.5d79046f945d2.jpg

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.32.218.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-32-218-154.fra56.r.cloudfront.net

Software

nginx/1.13.1 /

Resource Hash

5177764adca621434b249be6e325d4b8d04c02fb048f1bf3a8a6e810e97c4f5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Sep 2019 15:48:15 GMT
via: 1.1 a84a4d90dd581e1a1c18e1bf5992b931.cloudfront.net (CloudFront)
age: 721640
x-cache: Hit from cloudfront
status: 200
content-length: 2864
last-modified: Wed, 11 Sep 2019 14:28:41 GMT
server: nginx/1.13.1
etag: "053d7c2512ad35b927fe53e21890ca40"
strict-transport-security: max-age=31536000
x-amz-version-id: YO9XDtV2dWhe3wqRRxFAZ2GSPUKU9r_0
access-control-allow-origin: *
cache-control: max-age=15552000, public, must-revalidate
x-amz-cf-pop: FRA56
content-type: image/jpeg
x-amz-cf-id: esKrvr4aUd4pJ1HJ4-d0PCXtSdhOOYomLUQ6KAlJ7BxkVhs_DOrpUA==

GET
H2 200 stressvest_system_overview.5d65a1ad2a3bb.jpg
cdn.officer.com/files/base/cygnus/ofcr/image/2019/08/16x9/160w/ 5 KB
6 KB 14ms
14ms Image
image/jpeg 13.32.218.154
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.officer.com/files/base/cygnus/ofcr/image/2019/08/16x9/160w/stressvest_system_overview.5d65a1ad2a3bb.jpg

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.32.218.154 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-32-218-154.fra56.r.cloudfront.net

Software

nginx/1.13.1 /

Resource Hash

0d5cd58a5df52140a31571fb456cc919b0d4893d4082795d0029bbfa9282b0f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 11:07:25 GMT
via: 1.1 a84a4d90dd581e1a1c18e1bf5992b931.cloudfront.net (CloudFront)
age: 1516090
x-cache: Hit from cloudfront
status: 200
content-length: 5317
last-modified: Tue, 27 Aug 2019 21:38:28 GMT
server: nginx/1.13.1
etag: "4873a11a8854cae6db585e3199d55f3b"
strict-transport-security: max-age=31536000
x-amz-version-id: Z9GwWrD1CjGPGWM5bHCzNZFOh29py7pH
access-control-allow-origin: *
cache-control: max-age=15552000, public, must-revalidate
x-amz-cf-pop: FRA56
content-type: image/jpeg
x-amz-cf-id: nrPeP2ZEZ1I-V8X97rn0RY5UTlhDoiOlUGVW9Xc8Uas_2-MvbcaxHA==

GET
H2 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/1.4.0/ 11 KB
4 KB 22ms
22ms Script
application/javascript 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/1.4.0/postscribe.min.js

Requested by

Host: www.officer.com
URL: https://www.officer.com/website/icarus/cygnus/ofcr/js/2795b1a.js?platform_4.407

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cc0720a0f6f6ce2f2e333c57e5e8f61dc9d9e40001fab61f62a55259ac93057

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Sep 2019 00:15:35 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 13572455
status: 200
served-in-seconds: 0.104
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:25:14 GMT
server: cloudflare
etag: W/"5afd4a7a-2b86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 518f9b16598bcbc8-VIE
expires: Wed, 09 Sep 2020 00:15:35 GMT

GET
H/1.1 200
OK id-me.js Show response
id-me.as3.io/lib/ 189 KB
68 KB 406ms
96ms Script
application/javascript 34.232.11.199
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://id-me.as3.io/lib/id-me.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZNC8W8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.11.199 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-232-11-199.compute-1.amazonaws.com
Software: nginx/1.14.0 /
Resource Hash: e79a4000e7d85effd45a1ffec0ff79372b5b80bc6533f66a7f8d3c8711805098

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 20 Sep 2019 00:15:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Jun 2018 18:40:41 GMT
Server: nginx/1.14.0
ETag: W/"5b1ec229-2f4be"
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 6 KB
2 KB 19ms
6ms Script
application/x-javascript 13.32.220.201
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZNC8W8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.220.201 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-220-201.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e98e381189d908e1981b6e535bcdd7f3edceafdb0e7095f3e04292e8aac6a0c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Sep 2019 19:05:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jul 2019 18:26:10 GMT
Server: AmazonS3
Age: 18698
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 a853d87afe2972a208a9cd92a357386b.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56
X-Amz-Cf-Id: ZMWjKFE5IHO-0qB7_EjhWLW2F5Wnkq19fFgG1cGy57YDjXsEpZ2beg==

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 4 KB
1 KB 19ms
19ms Stylesheet
text/css 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZNC8W8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Sep 2019 00:15:35 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 13572478
status: 200
served-in-seconds: 0.005
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:18:32 GMT
server: cloudflare
etag: W/"5afd48e8-f62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 518f9b166991cbc8-VIE
expires: Wed, 09 Sep 2020 00:15:35 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 19ms
19ms Script
application/javascript 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZNC8W8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Sep 2019 00:15:35 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 13572477
status: 200
served-in-seconds: 0.025
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:18:36 GMT
server: cloudflare
etag: W/"5afd48ec-4d5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 518f9b1689b5cbc8-VIE
expires: Wed, 09 Sep 2020 00:15:35 GMT

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 35 KB
10 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 10218
x-xss-protection: 0
pragma: public
x-fb-debug: SnW2IysvJu/6xm79zlDnI6WiUGQ1T4nMFC0+gaecV9BGMAIP7XM9tTpQ6YFH8Jf+y6Eq7xZHb6GPSdiTBxAgaw==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Fri, 20 Sep 2019 00:15:35 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 40 KB
13 KB 39ms
38ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.officer.com
URL: https://www.officer.com/website/icarus/cygnus/ofcr/js/2795b1a.js?platform_4.407

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

6ca19d70def89831ee636a9a0ff20430686597eacf06f0d6253b5babc5f72e9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Sep 2019 00:15:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "284 / 723 of 1000 / last-modified: 1568909619"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 12708
x-xss-protection: 0
expires: Fri, 20 Sep 2019 00:15:35 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
246 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=200238080549591&ev=PageView&dl=https%3A%2F%2Fwww.officer.com%2F&rl=&if=false&ts=1568938535453&cd[segment_eid]=6PKGRBAYNJDJBNH4GIQLHT&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=29&fbp=fb.1.1568938535452.1405109968&it=1568938535015&coo=false&rqm=GET

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Sep 2019 00:15:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Fri, 20 Sep 2019 00:15:35 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.officer.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Sep 2019 00:15:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.officer.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Sep 2019 00:15:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019091201.js Show response
securepubads.g.doubleclick.net/gpt/ 157 KB
58 KB 39ms
39ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

511c23178d504d371d22fb6899174f448db32523e9cacd2860306a2b3b8cc1f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Sep 2019 00:15:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Sep 2019 13:06:13 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 58953
x-xss-protection: 0
expires: Fri, 20 Sep 2019 00:15:35 GMT

GET
H/1.1 200
OK auth Show response
radix.officer.com/app/ 58 B
523 B 112ms
112ms XHR
application/json 54.81.60.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://radix.officer.com/app/auth
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.19.1/raven.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.81.60.13 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-81-60-13.compute-1.amazonaws.com
Software: /
Resource Hash: 8a475346ed0689eed446e087634fd32236a8e88c173165e225b267953b5a0b4e

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.officer.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Radix-AppId: b105cce3-d815-4347-9ae4-b203d58347a4
Content-Type: application/json

Response headers

X-Radix-Build: v2.0.8
X-Radix-Using: cygnus:ofcr
Content-Encoding: gzip
X-Cacheable: NO:Not-Cacheable
Age: 0
Date: Fri, 20 Sep 2019 00:15:35 GMT
Vary: Origin, Accept-Encoding
X-Cache: MISS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.officer.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Transfer-Encoding: chunked
X-Served-By: 10.0.1.153

POST
H/1.1 200
OK manifest Show response
id-me.as3.io/component/ 12 KB
12 KB 159ms
158ms Fetch
application/json 34.232.11.199
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://id-me.as3.io/component/manifest
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.19.1/raven.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.11.199 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-232-11-199.compute-1.amazonaws.com
Software: Apache/2.4.10 (Debian) / PHP/5.6.31
Resource Hash: ec7f586b11ea3951b02b31ca829a15cc8020a1995263a794b62e1c289ca552e0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 20 Sep 2019 00:15:36 GMT
Server: Apache/2.4.10 (Debian)
X-Powered-By: PHP/5.6.31
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.officer.com
Cache-Control: no-cache, private
Transfer-Encoding: chunked

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
5 KB 52ms
52ms XHR
text/plain 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4388431136176836&correlator=1683013073299994&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21064170&vrg=2019091201&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190920&iu_parts=21687441225%2COfficer%2COfficer_BS&enc_prev_ius=0%2F1%2F2&prev_iu_szs=970x250%7C970x90&eri=1&cust_params=media%3Dscreen%26sponsor%3Dtrue%26freq_all%3D1%26freq_id%3D1%26freq_cont%3D1%26refresh%3Dfalse%26scr_width%3D1585%26uri%3D%252F%26host_name%3Dwww%257Cofficer%257Ccom%26chan_name%3DHOME%26sect_name%3DHOME%26site_key%3Dundefined&cookie_enabled=1&bc=31&abxe=1&lmt=1568938536&dt=1568938536042&dlt=1568938534326&idt=1221&frm=20&biw=1585&bih=1200&oid=3&adxs=308&adys=108&adks=1236182683&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.officer.com%2F&dssz=46&icsg=17821097196564&mso=1140850688&std=24&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x90&msz=970x90&ga_vid=543036466.1568938535&ga_sid=1568938536&ga_hid=1251377428&fws=4&ohw=970

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.19.1/raven.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e6358fb458012c8b0fa955a8963acd4e7b205758a4a0e7289c30bc083f5bb5e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Sep 2019 00:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 4997
x-xss-protection: 0
google-lineitem-id: 4918068471
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138275766192
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.officer.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019091201.js Show response
securepubads.g.doubleclick.net/gpt/ 62 KB
24 KB 39ms
39ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

7c92ffc225aed56f82019862b155c8d84902352620250d029bbf653a3d7eab61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Sep 2019 00:15:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Sep 2019 13:06:13 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 24116
x-xss-protection: 0
expires: Fri, 20 Sep 2019 00:15:36 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
5 KB 46ms
46ms XHR
text/plain 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4388431136176836&correlator=1304505871600105&output=ldjh&callback=googletag.impl.pubads.callbackProxy2&impl=fifs&adsid=NT&json_a=1&eid=21064170&vrg=2019091201&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190920&iu_parts=21687441225%2COfficer%2COfficer_HP&enc_prev_ius=0%2F1%2F2&prev_iu_szs=300x600&eri=1&cust_params=media%3Dscreen%26sponsor%3Dtrue%26freq_all%3D2%26freq_id%3D1%26freq_cont%3D1%26refresh%3Dfalse%26scr_width%3D1585%26uri%3D%252F%26host_name%3Dwww%257Cofficer%257Ccom%26chan_name%3DHOME%26sect_name%3DHOME%26site_key%3Dundefined&cookie_enabled=1&bc=31&abxe=1&lmt=1568938536&dt=1568938536065&dlt=1568938534326&idt=1221&frm=20&biw=1585&bih=1200&oid=3&adxs=642&adys=932&adks=1387453448&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.officer.com%2F&dssz=47&icsg=17821097196564&mso=1140850688&std=24&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x600&ga_vid=543036466.1568938535&ga_sid=1568938536&ga_hid=1251377428&fws=4&ohw=300

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.19.1/raven.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

54c6b99a96b757869c6413c91e8ab777968536a721419663eb4312f2be4a5aaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Sep 2019 00:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 4933
x-xss-protection: 0
google-lineitem-id: 4960917484
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138260283731
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.officer.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
5 KB 41ms
40ms XHR
text/plain 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4388431136176836&correlator=853345805486948&output=ldjh&callback=googletag.impl.pubads.callbackProxy3&impl=fifs&adsid=NT&json_a=1&eid=21064170&vrg=2019091201&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190920&iu_parts=21687441225%2COfficer%2COfficer_MS&enc_prev_ius=0%2F1%2F2&prev_iu_szs=300x50&eri=1&cust_params=media%3Dscreen%26sponsor%3Dtrue%26freq_all%3D3%26freq_id%3D1%26freq_cont%3D1%26refresh%3Dfalse%26scr_width%3D1585%26uri%3D%252F%26host_name%3Dwww%257Cofficer%257Ccom%26chan_name%3DHOME%26sect_name%3DHOME%26site_key%3Dundefined&cookie_enabled=1&bc=31&abxe=1&lmt=1568938536&dt=1568938536082&dlt=1568938534326&idt=1221&frm=20&biw=1585&bih=1200&oid=3&adxs=996&adys=989&adks=4066269172&ucis=5&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.officer.com%2F&dssz=47&icsg=17821097196564&mso=1140850688&std=24&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x50&msz=300x50&ga_vid=543036466.1568938535&ga_sid=1568938536&ga_hid=1251377428&fws=4&ohw=300

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.19.1/raven.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

b20212b0968a7c2facad6b495692a27ba3b388f257009c196e5e24b954ba4a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Sep 2019 00:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 4965
x-xss-protection: 0
google-lineitem-id: 5172231525
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138287328750
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.officer.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 388 B
267 B 35ms
35ms XHR
text/plain 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4388431136176836&correlator=2535497338037766&output=ldjh&callback=googletag.impl.pubads.callbackProxy4&impl=fifs&adsid=NT&json_a=1&eid=21064170&vrg=2019091201&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190920&iu_parts=21687441225%2COfficer%2COfficer_WA&enc_prev_ius=0%2F1%2F2&prev_iu_szs=1x1&ists=1&eri=1&cust_params=media%3Dscreen%26sponsor%3Dtrue%26freq_all%3D4%26freq_id%3D1%26freq_cont%3D1%26refresh%3Dfalse%26scr_width%3D1585%26uri%3D%252F%26host_name%3Dwww%257Cofficer%257Ccom%26chan_name%3DHOME%26sect_name%3DHOME%26site_key%3Dundefined&cookie_enabled=1&bc=31&abxe=1&lmt=1568938536&dt=1568938536094&dlt=1568938534326&idt=1221&frm=20&biw=1585&bih=1200&oid=3&adxs=508&adys=-2650&adks=684331224&ucis=7&ifi=7&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.officer.com%2F&dssz=47&icsg=17821097196564&mso=1140850688&std=24&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=590x-1&ga_vid=543036466.1568938535&ga_sid=1568938536&ga_hid=1251377428&fws=516&ohw=0

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.19.1/raven.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

3a8247fa1aaee292943ed78f7de334d680cea7031a2d8b0a07e865126f803b99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Sep 2019 00:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 190
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.officer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 386 B
265 B 39ms
38ms XHR
text/plain 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4388431136176836&correlator=810869723679810&output=ldjh&callback=googletag.impl.pubads.callbackProxy5&impl=fifs&adsid=NT&json_a=1&eid=21064170&vrg=2019091201&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190920&iu_parts=21687441225%2COfficer%2COfficer_Reskin&enc_prev_ius=0%2F1%2F2&prev_iu_szs=1x1&ists=1&eri=1&cust_params=media%3Dscreen%26sponsor%3Dtrue%26freq_all%3D5%26freq_id%3D1%26freq_cont%3D1%26refresh%3Dfalse%26scr_width%3D1585%26uri%3D%252F%26host_name%3Dwww%257Cofficer%257Ccom%26chan_name%3DHOME%26sect_name%3DHOME%26site_key%3Dundefined&cookie_enabled=1&bc=31&abxe=1&lmt=1568938536&dt=1568938536108&dlt=1568938534326&idt=1221&frm=20&biw=1585&bih=1200&oid=3&adxs=793&adys=4978&adks=2435516155&ucis=9&ifi=9&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.officer.com%2F&dssz=47&icsg=17821097196564&mso=1140850688&std=24&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x1&ga_vid=543036466.1568938535&ga_sid=1568938536&ga_hid=1251377428&fws=4&ohw=0

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.19.1/raven.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

defded29e77735f4f5d72e09fc94d121226262115c419ea379a302b33bbd394e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Sep 2019 00:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 187
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.officer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 up
insight.adsrvr.org/track/ Frame B37F 0
0 85ms
28ms Document
text/html 54.246.153.43
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=fcmqatb&ref=https%3A%2F%2Fwww.officer.com%2F&upid=bdkjv41&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.153.43 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-246-153-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=fcmqatb&ref=https%3A%2F%2Fwww.officer.com%2F&upid=bdkjv41&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.officer.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.officer.com/

Response headers

status: 200
date: Fri, 20 Sep 2019 00:15:36 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 up
insight.adsrvr.org/track/ Frame 26C0 0
0 85ms
29ms Document
text/html 54.246.153.43
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=eac6kka&ref=https%3A%2F%2Fwww.officer.com%2F&upid=hc7wdvm&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.153.43 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-246-153-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=eac6kka&ref=https%3A%2F%2Fwww.officer.com%2F&upid=hc7wdvm&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.officer.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.officer.com/

Response headers

status: 200
date: Fri, 20 Sep 2019 00:15:36 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/011909141409590/ 21 KB
7 KB 30ms
18ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909141409590/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8c0029e5f45b2e6a5eb14c686d0af7e384dcd26a1f35fd1814060467a990475c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "e2b632323a79ab9c"
age: 457148
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 7514
x-xss-protection: 0
server: sffe
date: Sat, 14 Sep 2019 17:16:28 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Sun, 13 Sep 2020 17:16:28 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011909141409590/ Frame 3D73 254 KB
69 KB 31ms
20ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909141409590/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3ca4488292fb1fd13688f92a1ee491690ff4658a54cacb7858c832e8c607d0b8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "ab317f6c7c2104bb"
age: 104516
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 70266
x-xss-protection: 0
server: sffe
date: Wed, 18 Sep 2019 19:13:40 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Thu, 17 Sep 2020 19:13:40 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011909141409590/v0/ Frame 3D73 150 KB
41 KB 16ms
6ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909141409590/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8c28fa54ecb251c654ccc0711d9a00b8cf3932b0f4ccce198fabe7bdccb7b327

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "bbc25587dbd9a8c1"
age: 457734
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 41071
x-xss-protection: 0
server: sffe
date: Sat, 14 Sep 2019 17:06:42 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Sun, 13 Sep 2020 17:06:42 GMT

GET
DATA 200
OK truncated
/ Frame 3D73 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77cab2c273902fed85436e73722094b3ee92e34a3eb2df93a2ed9c1bdb149bae

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011909141409590/ Frame AA9A 254 KB
69 KB 16ms
12ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909141409590/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3ca4488292fb1fd13688f92a1ee491690ff4658a54cacb7858c832e8c607d0b8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "ab317f6c7c2104bb"
age: 104516
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 70266
x-xss-protection: 0
server: sffe
date: Wed, 18 Sep 2019 19:13:40 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Thu, 17 Sep 2020 19:13:40 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011909141409590/v0/ Frame AA9A 150 KB
40 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909141409590/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8c28fa54ecb251c654ccc0711d9a00b8cf3932b0f4ccce198fabe7bdccb7b327

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "bbc25587dbd9a8c1"
age: 457734
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 41071
x-xss-protection: 0
server: sffe
date: Sat, 14 Sep 2019 17:06:42 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Sun, 13 Sep 2020 17:06:42 GMT

GET
DATA 200
OK truncated
/ Frame AA9A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f72bc3654c5f0571a43ad1118a7e67f6afd36a36cea145220274a3c10d4571c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011909141409590/ Frame 58F1 254 KB
69 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909141409590/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3ca4488292fb1fd13688f92a1ee491690ff4658a54cacb7858c832e8c607d0b8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "ab317f6c7c2104bb"
age: 104516
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 70266
x-xss-protection: 0
server: sffe
date: Wed, 18 Sep 2019 19:13:40 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Thu, 17 Sep 2020 19:13:40 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011909141409590/v0/ Frame 58F1 150 KB
40 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909141409590/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019091201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8c28fa54ecb251c654ccc0711d9a00b8cf3932b0f4ccce198fabe7bdccb7b327

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "bbc25587dbd9a8c1"
age: 457734
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 41071
x-xss-protection: 0
server: sffe
date: Sat, 14 Sep 2019 17:06:42 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Sun, 13 Sep 2020 17:06:42 GMT

GET
DATA 200
OK truncated
/ Frame 58F1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 282e7d2d7e52b1ed022a65ec65ee31e6bd89c210b94be2faadd57a85528d7852

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 3267877504623782966
tpc.googlesyndication.com/simgad/ Frame 3D73 230 KB
230 KB 68ms
67ms Image
image/gif 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3267877504623782966

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b94cf5774cb89ae597dd701eff7b209c620b6da500fdc1cbf4132fc2d825b838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Sep 2019 00:15:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 20:28:06 GMT
server: sffe
status: 200
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 235057
x-xss-protection: 0
expires: Sat, 19 Sep 2020 00:15:36 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3D73 0
58 B 16ms
16ms Image
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsst8bP_95VHuX66mHMZzssjII5k1u8L6vi47E-a1Qa0SfQ5nQFEcJ2NA_wPLQ9hBJd1oL_ukDf01LsY6i3qk3Luj_wbrrrKvU5qaFEWB2iPeEALadRyyaPACvVMhhk4qIdc3C3pS1QSyUps1m4cr3nimLglKoXlt_90O72aafrBO8PCpqcg1CsXYnlM3SztXF2XXdtTyfLL3fhJSIq2_T68SUMTEW3WTqsAfQsSINWSdOf_Y_LspB4GkVlkPsgO58j9TzSwVh8a_zB9Ogor&sig=Cg0ArKJSzPLjCKN8zO9QEAE&adurl=

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Sep 2019 00:15:36 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3D73 0
0 14ms
14ms Image
text/html 2a00:1450:4001:81f::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7dk1o-Hw6LnF8NXBXdP-O1xdKJV5yFDczBrGfqVfbOI3zJoHM0oGLucb11JDq7QbScEw7bhiu2KXawy_Y-rb_5paQyw
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

POST
H/1.1 201
Created ofcr Show response
olytics.cygnus.com/events/cygnus/ 16 B
345 B 197ms
108ms XHR
application/json 54.160.175.116
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://olytics.cygnus.com/events/cygnus/ofcr
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.19.1/raven.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.175.116 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-160-175-116.compute-1.amazonaws.com
Software: Apache/2.4.25 (Debian) / PHP/5.6.40
Resource Hash: 56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Fri, 20 Sep 2019 00:15:36 GMT
Server: Apache/2.4.25 (Debian)
X-Powered-By: PHP/5.6.40
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache=Set-Cookie, private, s-maxage=0
Content-Length: 16
Expires: Sat, 01 Jan 2000 01:01:01 GMT

POST
H/1.1 201
Created ofcr Show response
olytics.cygnus.com/events/cygnus/ 16 B
345 B 105ms
105ms XHR
application/json 54.160.175.116
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://olytics.cygnus.com/events/cygnus/ofcr
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.19.1/raven.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.175.116 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-160-175-116.compute-1.amazonaws.com
Software: Apache/2.4.25 (Debian) / PHP/5.6.40
Resource Hash: 56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Fri, 20 Sep 2019 00:15:36 GMT
Server: Apache/2.4.25 (Debian)
X-Powered-By: PHP/5.6.40
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache=Set-Cookie, private, s-maxage=0
Content-Length: 16
Expires: Sat, 01 Jan 2000 01:01:01 GMT

POST
H/1.1 201
Created ofcr Show response
olytics.cygnus.com/events/cygnus/ 16 B
345 B 105ms
105ms XHR
application/json 54.160.175.116
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://olytics.cygnus.com/events/cygnus/ofcr
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.19.1/raven.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.175.116 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-160-175-116.compute-1.amazonaws.com
Software: Apache/2.4.25 (Debian) / PHP/5.6.40
Resource Hash: 56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Fri, 20 Sep 2019 00:15:36 GMT
Server: Apache/2.4.25 (Debian)
X-Powered-By: PHP/5.6.40
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache=Set-Cookie, private, s-maxage=0
Content-Length: 16
Expires: Sat, 01 Jan 2000 01:01:01 GMT

GET
H2 200 8366714957594287864
tpc.googlesyndication.com/simgad/ Frame AA9A 154 KB
154 KB 100ms
99ms Image
image/jpeg 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8366714957594287864

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

30c543a53c32ba7304728e1643d000db20876383fd14af945b477e34782f82ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Sep 2019 00:15:36 GMT
x-content-type-options: nosniff
last-modified: Mon, 18 Feb 2019 03:29:41 GMT
server: sffe
status: 200
x-dns-prefetch-control: off
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 157739
x-xss-protection: 0
expires: Sat, 19 Sep 2020 00:15:36 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame AA9A 0
58 B 17ms
15ms Image
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTd2PVpMh6d3HJI9mx5Zar1nreU1mioCaJz2wsXwMUyEKI1DYQ7QlpT0Np9XI5SjsyNPOkRbpqTG1aaDs6tzETfeH6X2W8-tCiX9YtMOmSnnpjQ_C_MDbo13BAjTNzyMdxwv9x7sxr-SF3GDBBh_Lf5f5XWz3iitKB7lfrndngMKO2xCLnvfRKa9ZY8smRjEN00iKpCfuK-CdEfDj80IJfR7dMINuIiiUQszpCvblHvB6OYFiDHBv6LXl-UBTdHhrI6WjSmn9HZ7JCzSTL&sig=Cg0ArKJSzLLKOJHsxZ9gEAE&adurl=

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Sep 2019 00:15:36 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 204 l
www.google.com/ads/measurement/ Frame AA9A 0
0 15ms
14ms Image
text/html 2a00:1450:4001:81f::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTCWxR40MqvEECEj9AGyEoH0E5PE-EHOcgIbjIQGX1y7aoxsTcSHZiWGtdqXqM0fTrhztATCV5ltuGlLc0cZ4EGmx8DqA
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 183544651567700098
tpc.googlesyndication.com/simgad/ Frame 58F1 22 KB
23 KB 7ms
6ms Image
image/gif 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/183544651567700098

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8adb41b89c24e4f0a8bc3c32e644321055fcd52a69e160bce7ac40817c549a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 18:29:55 GMT
x-content-type-options: nosniff
age: 539141
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 22983
x-xss-protection: 0
last-modified: Fri, 13 Sep 2019 17:01:12 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Sep 2020 18:29:55 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 58F1 0
58 B 15ms
15ms Image
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNQCJNuPh8vtvSSBRI4hvo0TWiuIJgnW6h0sPkUBSO8cPc4nhl4vLZh6l-z25znEQGEn8r55lvBoXeNxG9WKBNwcvflbrAo5m_s6YglnLcFuoZbSwOVUK8co60W6Jhk2wRPuAA4E0iH40s51F_vuWa770PXFZYSgTITWJhZlZC29dcPIewwuBoRJj06Q7f20om88bGSTUoq7LzWSL5GmNb8uSysJvtGX1euinftOOWQe2n1sKKCApney5eQrcf9IHSZ-QbnRiFPWMV8U7a&sig=Cg0ArKJSzIuuC6oxs0eJEAE&adurl=

Requested by

Host: www.officer.com
URL: https://www.officer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Sep 2019 00:15:36 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 204 l
www.google.com/ads/measurement/ Frame 58F1 0
0 17ms
11ms Image
text/html 2a00:1450:4001:81f::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWfqs21rJq0eaZLIx7EnDenKJRRBXymFloEukvw-66vG1EWIQUvVLeeyEG0GEhXua8FtZrsHBxpKYugKp0vSKJpckXSw
Requested by: Host: www.officer.com
URL: https://www.officer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 183544651567700098
tpc.googlesyndication.com/simgad/ Frame 58F1 22 KB
23 KB 7ms
6ms Image
image/gif 2a00:1450:4001:80b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/183544651567700098

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011909141409590/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8adb41b89c24e4f0a8bc3c32e644321055fcd52a69e160bce7ac40817c549a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 18:29:55 GMT
x-content-type-options: nosniff
age: 539141
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 22983
x-xss-protection: 0
last-modified: Fri, 13 Sep 2019 17:01:12 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Sep 2020 18:29:55 GMT

POST
H/1.1 200
OK p Show response
olytics.omeda.com/olytics/segments/ 20 B
341 B 133ms
133ms XHR
application/json 204.180.130.159
Omeda Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/segments/p

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.19.1/raven.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 Chicago, United States, ASN53866 (QTS-AS - Omeda Communications, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

a8e427db11a8744bebbcdfd050f7b9d0a84b5a1754d086f1787c40db21955264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 20 Sep 2019 00:15:35 GMT
X-Content-Type-Options: nosniff
Server: Apache
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
X-Cnection: close
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked

POST
H/1.1 200
OK / Show response
olytics.omeda.com/olytics/segments/form/check/ 20 B
322 B 114ms
113ms XHR
application/json 204.180.130.159
Omeda Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/segments/form/check/

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.19.1/raven.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 Chicago, United States, ASN53866 (QTS-AS - Omeda Communications, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

dd0103b71a9f800bf8509fb3f34f29a1af4b26a10ceef71cea5bb29ae4ea106d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 20 Sep 2019 00:15:42 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 58F1 42 B
121 B 14ms
13ms Image
image/gif 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOHjoj2-so7SZLr_Eo_l3Rgqamn0VmW92fyfYovJm9c3wgK22ICPKpkGYpyJkwc1DmUmX3fgvb3jEx6r5bLCK524eR9B9iQ6ozf4xT-vY&sig=Cg0ArKJSzP3ygulcWXn1EAE&id=ampim&o=996,989&d=300,50&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=55&tls=1055&g=100&h=100&pt=96&tt=1055&rpt=96&rst=1568938536166&r=v&adk=4066269172&avms=ampa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Sep 2019 00:15:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3D73 42 B
121 B 14ms
14ms Image
image/gif 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuXRukImTDBEuFac-OASLwtk6yBvFnHGKreiU1fEa61yqyt3LuQqwntbDu_lAtYEGyq11otKBIyiodBFSguthZDc_JAsdI9Jp9NKJJlVO4&sig=Cg0ArKJSzHdiM3u1WZUeEAE&id=ampim&o=308,108&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=100&tls=1100&g=100&h=100&pt=186&tt=1100&rpt=186&rst=1568938536153&r=v&adk=1236182683&avms=ampa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.officer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Sep 2019 00:15:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 13:10:34	Name: IDE Value: AHWqTUlTPTC12QxrI6pGUEVGezwreJPclhcXoZjahZbzvc3LsCX2cOj1gtSU-LnE
.officer.com/	1970-01-19 12:34:34	Name: oly_enc_id Value: null
.officer.com/	1970-01-19 05:58:34	Name: _fbp Value: fb.1.1568938535452.1405109968
www.officer.com/	1970-01-19 03:49:00	Name: __sapience_s Value: %7B%22id%22%3A%22ded9edc3-1d73-4420-a27a-37e61204a89b%22%2C%22createdAt%22%3A%22Fri%2C%2020%20Sep%202019%2000%3A15%3A35%20GMT%22%7D
www.officer.com/	1970-01-19 21:20:10	Name: __sapience_v Value: %7B%22id%22%3A%22155d1ef5-7e63-4dc0-85a9-065c168f213e%22%2C%22customerId%22%3Anull%7D
.officer.com/	1970-01-19 03:48:58	Name: _gat Value: 1
.www.officer.com/	1970-01-19 12:34:34	Name: __ar_v4 Value: %7CCGRSLPLE3JDWJFYOQV236W%3A20190920%3A1%7CQ6KTWFY4MRCUHA2WFIK4AK%3A20190920%3A1%7C6PKGRBAYNJDJBNH4GIQLHT%3A20190920%3A1
.officer.com/	1970-01-19 03:50:24	Name: _gid Value: GA1.2.1624540014.1568938535
.www.officer.com/	1970-01-20 23:36:58	Name: __adroll_fpc Value: 6c2a1e60e07d93a1f1a716f57092682f-s2-1568938534951
.officer.com/	1970-01-19 05:58:34	Name: _gcl_au Value: 1.1.1424817374.1568938535
.officer.com/	1970-01-19 21:20:10	Name: _ga Value: GA1.2.543036466.1568938535

28 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/011909141409590/amp4ads-v0.js(Line 530) Message: Powered by AMP ⚡ HTML – Version 1909141409590 https://www.officer.com/
console-api	log	URL: https://cdn.ravenjs.com/3.19.1/raven.min.js(Line 2) Message: origin must contain dragonforms
console-api	info	URL: https://cdn.ampproject.org/rtv/011909141409590/amp4ads-v0.js(Line 530) Message: Powered by AMP ⚡ HTML – Version 1909141409590 https://www.officer.com/
console-api	info	URL: https://cdn.ampproject.org/rtv/011909141409590/amp4ads-v0.js(Line 530) Message: Powered by AMP ⚡ HTML – Version 1909141409590 https://www.officer.com/
console-api	log	URL: https://cdn.ravenjs.com/3.19.1/raven.min.js(Line 2) Message: origin must contain dragonforms
console-api	log	URL: https://cdn.ravenjs.com/3.19.1/raven.min.js(Line 2) Message: origin must contain dragonforms
console-api	log	URL: https://cdn.ravenjs.com/3.19.1/raven.min.js(Line 2) Message: origin must contain dragonforms
console-api	log	URL: https://cdn.ravenjs.com/3.19.1/raven.min.js(Line 2) Message: origin must contain dragonforms
console-api	log	URL: https://cdn.ravenjs.com/3.19.1/raven.min.js(Line 2) Message: origin must contain dragonforms
console-api	log	URL: https://cdn.ravenjs.com/3.19.1/raven.min.js(Line 2) Message: origin must contain dragonforms
console-api	log	URL: https://cdn.ravenjs.com/3.19.1/raven.min.js(Line 2) Message: origin must contain dragonforms
console-api	log	URL: https://cdn.ravenjs.com/3.19.1/raven.min.js(Line 2) Message: origin must contain dragonforms
console-api	log	URL: https://cdn.ravenjs.com/3.19.1/raven.min.js(Line 2) Message: origin must contain dragonforms
console-api	log	URL: https://cdn.ravenjs.com/3.19.1/raven.min.js(Line 2) Message: origin must contain dragonforms
console-api	log	URL: https://cdn.ravenjs.com/3.19.1/raven.min.js(Line 2) Message: origin must contain dragonforms
console-api	log	URL: https://cdn.ravenjs.com/3.19.1/raven.min.js(Line 2) Message: origin must contain dragonforms
console-api	log	URL: https://cdn.ravenjs.com/3.19.1/raven.min.js(Line 2) Message: origin must contain dragonforms
console-api	log	URL: https://cdn.ravenjs.com/3.19.1/raven.min.js(Line 2) Message: origin must contain dragonforms
console-api	log	URL: https://cdn.ravenjs.com/3.19.1/raven.min.js(Line 2) Message: origin must contain dragonforms
console-api	log	URL: https://cdn.ravenjs.com/3.19.1/raven.min.js(Line 2) Message: origin must contain dragonforms
console-api	log	URL: https://cdn.ravenjs.com/3.19.1/raven.min.js(Line 2) Message: origin must contain dragonforms
console-api	log	URL: https://cdn.ravenjs.com/3.19.1/raven.min.js(Line 2) Message: origin must contain dragonforms
console-api	log	URL: https://cdn.ravenjs.com/3.19.1/raven.min.js(Line 2) Message: origin must contain dragonforms
console-api	log	URL: https://cdn.ravenjs.com/3.19.1/raven.min.js(Line 2) Message: origin must contain dragonforms
console-api	log	URL: https://cdn.ravenjs.com/3.19.1/raven.min.js(Line 2) Message: origin must contain dragonforms
console-api	log	URL: https://cdn.ravenjs.com/3.19.1/raven.min.js(Line 2) Message: origin must contain dragonforms
console-api	log	URL: https://cdn.ravenjs.com/3.19.1/raven.min.js(Line 2) Message: origin must contain dragonforms
console-api	log	URL: https://cdn.ravenjs.com/3.19.1/raven.min.js(Line 2) Message: origin must contain dragonforms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5326342.fls.doubleclick.net
ads.yahoo.com
adservice.google.com
adservice.google.de
cdn.ampproject.org
cdn.officer.com
cdn.ravenjs.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d24bnj4f1s1f8m.cloudfront.net
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.gstatic.com
ib.adnxs.com
id-me.as3.io
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
officer.com
olytics.cygnus.com
olytics.omeda.com
pagead2.googlesyndication.com
pixel.advertising.com
pixel.rubiconproject.com
radix.officer.com
s.adroll.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
stats.g.doubleclick.net
sync.outbrain.com
tpc.googlesyndication.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
www.baseplatform.io
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.officer.com
x.bidswitch.net
13.32.218.154
13.32.220.201
151.101.114.2
172.217.21.198
172.217.22.34
18.196.141.29
185.33.223.197
185.64.189.110
2.18.233.40
2.18.234.21
204.180.130.159
216.58.206.2
2600:9000:2057:3200:6:b4cc:d980:21
2606:4700::6813:c497
2606:4700::6813:c797
2a00:1288:110:833::4000
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:819::2008
2a00:1450:4001:819::200e
2a00:1450:4001:81d::2003
2a00:1450:4001:81f::2004
2a00:1450:4001:824::2001
2a00:1450:4001:824::2003
2a00:1450:400c:c09::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42::729
3.122.83.132
34.232.11.199
34.95.120.147
35.153.150.254
35.190.72.21
52.57.106.47
52.58.41.129
54.160.175.116
54.160.255.229
54.246.124.184
54.246.153.43
54.81.60.13
69.173.144.136
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0d50069260a432a307781eb4ac8da134623760a0574df550f4f66d984f598653
0d5cd58a5df52140a31571fb456cc919b0d4893d4082795d0029bbfa9282b0f7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
16a298de7894f931fe81fe0a39114d37a2c2ab8ea37589b2cb370abfa8d448f6
1901883b41320f43b0643db4b3e0acec95cd96343ea192995777687b7e3098c4
1cc0720a0f6f6ce2f2e333c57e5e8f61dc9d9e40001fab61f62a55259ac93057
207b0cfec249454f08db962371d5b43ef0457f3052c2be8f8345d79bcac39849
282e7d2d7e52b1ed022a65ec65ee31e6bd89c210b94be2faadd57a85528d7852
28d2634af4341bfdfa057db4b750676254948ce9cfb47eec7328d16a8e2e4e1c
294854484854cb24749fabe1f0be264fff4c770f6c65d9ba0313074176f74b89
30c543a53c32ba7304728e1643d000db20876383fd14af945b477e34782f82ac
33910a2379204fb9c00aeee9ffd5434b7656368dcf721e212f7c4fe0d15434dc
34dba9d950df81e9332b155c31e62478a6536fd378c8011edde113a9f0d0019d
35f2336064dcebd970e282bb31863c86fa57b541c2e9ae7bbd3596fa2e4a0539
3a5a1210063d9c0fbd9fc2e9194f63281aa653a1e21c4c8da2e1f686fa28e630
3a8247fa1aaee292943ed78f7de334d680cea7031a2d8b0a07e865126f803b99
3ca4488292fb1fd13688f92a1ee491690ff4658a54cacb7858c832e8c607d0b8
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
48ce1eeadef597177e7b2fc75ea1a25340040002f43115c655a5fa91f83f0ae0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2e8590b6876b5be57e13395a5d1e0999deb77f674adcca04582f4c861dd6d0
511c23178d504d371d22fb6899174f448db32523e9cacd2860306a2b3b8cc1f5
5177764adca621434b249be6e325d4b8d04c02fb048f1bf3a8a6e810e97c4f5a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c00466505c647315a99f6db85ab0dcc6ab4bea1cdf7e157025803f880bed39
54c6b99a96b757869c6413c91e8ab777968536a721419663eb4312f2be4a5aaf
551ced4538670220c93a5cc2da17efe7fb6f05b71bf8b15ccf6067ceb5ba6789
56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9
5f6188ddfeaf711ed957397d9bab98c3e757aa6f102a264a11b92eadd929f020
5fcbf185c01a65f2615874c57492b4fe0e2445f6f3d4e39bcfe4dfacb8fec869
6a5862cec71ec62c1d809d12c7919541d611156c4afe375bf8cf7b5ddd7e406d
6a8466d729c03a3f87ea7d1ea02379eae9ffc52171cd62b9428a39ca71675814
6ca19d70def89831ee636a9a0ff20430686597eacf06f0d6253b5babc5f72e9f
6d0527ef5b1506d7e27c5ae254a72dcae2db1e69b1437c41eff3d03c75ebb041
77cab2c273902fed85436e73722094b3ee92e34a3eb2df93a2ed9c1bdb149bae
7c92ffc225aed56f82019862b155c8d84902352620250d029bbf653a3d7eab61
7e98e381189d908e1981b6e535bcdd7f3edceafdb0e7095f3e04292e8aac6a0c
7f72bc3654c5f0571a43ad1118a7e67f6afd36a36cea145220274a3c10d4571c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a475346ed0689eed446e087634fd32236a8e88c173165e225b267953b5a0b4e
8adb41b89c24e4f0a8bc3c32e644321055fcd52a69e160bce7ac40817c549a5d
8c0029e5f45b2e6a5eb14c686d0af7e384dcd26a1f35fd1814060467a990475c
8c28fa54ecb251c654ccc0711d9a00b8cf3932b0f4ccce198fabe7bdccb7b327
91edcf8830247c93b6dbb8a13ac5dbe6bb43afa3a9fd7fc5fbce5ea597aa3ae3
9b8994559abbeed2aaa7714c8b78fa7759443ff6e71c00c841c273c5d98b731d
9cfc3adb1c025be672c3f295560b932ad8fb49bfab1bf80c2fc8ecea9f334d72
9f2235f4d5a7ac2c5a4b6cbb312e73b0e7595ca4c4e0a49950d24efda707ecf2
9fd21956b5ba6af75a94c971e7a8b8eb80cd7700bcca41793419de3c04fae1e1
a4dbc187ea5bc92f39626bb29b04b3fd13e1b20ce043c3c5820d969bc9377527
a8e427db11a8744bebbcdfd050f7b9d0a84b5a1754d086f1787c40db21955264
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b20212b0968a7c2facad6b495692a27ba3b388f257009c196e5e24b954ba4a16
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
b7917c3622df1869f737865a6bbbf2509dcb6b8b8a6ec09b4c9a17c48a67ad10
b94cf5774cb89ae597dd701eff7b209c620b6da500fdc1cbf4132fc2d825b838
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd3cad6b7ba79270dee54a5ba1482ac6b522b147dc8f9d04791050711ada7865
c8a59bd04ab2de75273ca546fb3dd24a5872a323750bf07eaa5170e66039a30b
ca14491a16d46d8b2dd8c60c542d79c3d924fc5cdae38649576b23f69c8b8138
d737f67927b1edb198219dbb7cc571aaab1429f6ed8282147d12ec096f91ebb9
d883dc03843180782ea18965f7c9297d65ac504822281ac981d6f5fc555e8084
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dd0103b71a9f800bf8509fb3f34f29a1af4b26a10ceef71cea5bb29ae4ea106d
defded29e77735f4f5d72e09fc94d121226262115c419ea379a302b33bbd394e
e1cf1f63739939d962fa3d899f419d78cd0015cc538f4fde22f6eda0c13b9145
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6358fb458012c8b0fa955a8963acd4e7b205758a4a0e7289c30bc083f5bb5e6
e798ac47f3e8534ab9464394c649680162d949f419c6a4bb8067de3f1a8b3c49
e79a4000e7d85effd45a1ffec0ff79372b5b80bc6533f66a7f8d3c8711805098
ec7f586b11ea3951b02b31ca829a15cc8020a1995263a794b62e1c289ca552e0
edae30db9ca350de62aaea880dcbc16f9ba13b52c8e9bc6c11349204b3b14a17
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef562a0811fd79b4de40bc858808c943447f9f95755ea62f0691aae806985015
fb3d6905876ffe6759b88214e4a0d29f03a78540973303ce5fd7262b935e3899
fedd2b741ffb042ad1d323fc6533f0ba7e150dc07c6a8bf350eff1d716a3ce5d

www.officer.com Open in urlscan Pro 54.160.255.229 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

106 Requests

100 %HTTPS

39 %IPv6

32 Domains

44 Subdomains

38 IPs

7 Countries

2113 kBTransfer

5083 kBSize

11 Cookies

8 Outgoing links

Page URL History

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

www.officer.com Open in urlscan Pro
54.160.255.229 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

100 %
HTTPS

39 %
IPv6

32
Domains

44
Subdomains

38
IPs

7
Countries

2113 kB
Transfer

5083 kB
Size

11
Cookies

106 HTTP transactions
3 data transactions