www.officesupply.com Open in urlscan Pro
100.26.82.144 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mail.officesupply.com/q/SCiWRqv9l5n0XLGrNYFMNOS7wHOeRzcuyKPZcOJam1pdGNoZWxsMkBiY2JzbS5jb23DiAi44eOvhTcLyLbeZBawMNGuI6HHw
Effective URL:
https://www.officesupply.com/signin
Submission: On May 20 via api (May 20th 2022, 4:23:28 pm UTC) from US — Scanned from DE

Summary HTTP 123 Redirects Behaviour Indicators

Summary

This website contacted 56 IPs in 8 countries across 43 domains to perform 123 HTTP transactions. The main IP is 100.26.82.144, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.officesupply.com. The Cisco Umbrella rank of the primary domain is 123861.
TLS certificate: Issued by Amazon on September 9th 2021. Valid for: a year.

This is the only time www.officesupply.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.18.29.128 104.18.29.128	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	100.26.82.144 100.26.82.144	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
11	2600:9000:231... 2600:9000:2315:b800:e:32fa:9b40:21	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
2	18.66.130.11 18.66.130.11	16509 (AMAZON-02) (AMAZON-02)
2 3	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	104.18.7.244 104.18.7.244	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.12.251 104.18.12.251	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 5	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2620:1ec:27::... 2620:1ec:27::cafe:1774	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:194c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
3	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	3.248.113.119 3.248.113.119	16509 (AMAZON-02) (AMAZON-02)
1	23.205.241.117 23.205.241.117	16625 (AKAMAI-AS) (AKAMAI-AS)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.255 64.202.112.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	18.185.246.45 18.185.246.45	16509 (AMAZON-02) (AMAZON-02)
1	34.255.141.199 34.255.141.199	16509 (AMAZON-02) (AMAZON-02)
1	104.89.28.165 104.89.28.165	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	185.86.139.114 185.86.139.114	201081 (SMARTADSE...) (SMARTADSERVER)
1	18.193.24.254 18.193.24.254	16509 (AMAZON-02) (AMAZON-02)
1 2	54.171.56.144 54.171.56.144	16509 (AMAZON-02) (AMAZON-02)
2 2	34.200.203.167 34.200.203.167	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:444... 2600:1f18:444a:4680:8e84:2ba7:9e48:8cf5	14618 (AMAZON-AES) (AMAZON-AES)
1	18.235.197.108 18.235.197.108	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:612... 2600:1f18:612b:4216:1045:b1b6:a84f:9c3b	14618 (AMAZON-AES) (AMAZON-AES)
1 1	104.79.89.79 104.79.89.79	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (STACKPATH...) (STACKPATH-CDN)
1	3.124.27.94 3.124.27.94	16509 (AMAZON-02) (AMAZON-02)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
9	2606:4700::68... 2606:4700::6812:184c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	108.157.4.42 108.157.4.42	16509 (AMAZON-02) (AMAZON-02)
123	56

1 104.18.29.128 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mail.officesupply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 100.26.82.144 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-26-82-144.compute-1.amazonaws.com

www.officesupply.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:2315:b800:e:32fa:9b40:21 (United States)

ASN16509 (AMAZON-02, US)

de2wfhoo6xqi5.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.130.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-130-11.fra60.r.cloudfront.net

cdn.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.7.244 (None, )

ASN13335 (CLOUDFLARENET, US)

s1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
at1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.12.251 (None, )

ASN13335 (CLOUDFLARENET, US)

services.listrak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googlecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:27::cafe:1774 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:194c (United States)

ASN13335 (CLOUDFLARENET, US)

ws.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.113.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-113-119.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.241.117 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-241-117.deploy.static.akamaitechnologies.com

c.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.255 (Harrodsburg, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.38 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.244 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.247 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.246.45 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-246-45.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.141.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-141-199.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.89.28.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-28-165.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.114 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.24.254 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-24-254.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.56.144 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-56-144.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.200.203.167 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-203-167.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4680:8e84:2ba7:9e48:8cf5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.235.197.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-197-108.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:1045:b1b6:a84f:9c3b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.79.89.79 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-89-79.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.27.94 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-27-94.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6812:184c (United States)

ASN13335 (CLOUDFLARENET, US)

wsv3cdn.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-42.dus51.r.cloudfront.net

analytics.audioeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	google.com www.google.com — Cisco Umbrella Rank: 7 apis.google.com — Cisco Umbrella Rank: 100 play.google.com — Cisco Umbrella Rank: 30	295 KB
12	gstatic.com www.gstatic.com fonts.gstatic.com	538 KB
11	audioeye.com ws.audioeye.com — Cisco Umbrella Rank: 4402 wsv3cdn.audioeye.com — Cisco Umbrella Rank: 3856 analytics.audioeye.com — Cisco Umbrella Rank: 4260	246 KB
11	cloudfront.net de2wfhoo6xqi5.cloudfront.net	180 KB
9	criteo.com 3 redirects gum.criteo.com — Cisco Umbrella Rank: 393 mug.criteo.com — Cisco Umbrella Rank: 2669 sslwidget.criteo.com — Cisco Umbrella Rank: 1705 widget.us.criteo.com — Cisco Umbrella Rank: 18771 dis.criteo.com — Cisco Umbrella Rank: 725	17 KB
7	adnxs.com 6 redirects secure.adnxs.com — Cisco Umbrella Rank: 424 ib.adnxs.com — Cisco Umbrella Rank: 240	7 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1266 c.clarity.ms — Cisco Umbrella Rank: 668	26 KB
6	listrakbi.com cdn.listrakbi.com — Cisco Umbrella Rank: 9796 s1.listrakbi.com — Cisco Umbrella Rank: 10131 at1.listrakbi.com — Cisco Umbrella Rank: 10913	51 KB
5	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 375 c.bing.com — Cisco Umbrella Rank: 232	13 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	58 KB
4	yahoo.com 1 redirects sp.analytics.yahoo.com — Cisco Umbrella Rank: 849 ads.yahoo.com — Cisco Umbrella Rank: 1156 ups.analytics.yahoo.com — Cisco Umbrella Rank: 297	1 KB
4	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 92 cm.g.doubleclick.net — Cisco Umbrella Rank: 212 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44	3 KB
3	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 525 i6.liadm.com — Cisco Umbrella Rank: 1678	1 KB
3	officesupply.com 2 redirects mail.officesupply.com — Cisco Umbrella Rank: 704102 www.officesupply.com — Cisco Umbrella Rank: 123861	24 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 675 cdn.stickyadstv.com — Cisco Umbrella Rank: 2389	1 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 646	854 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1551	2 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 414	738 B
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 330	626 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	388 B
2	google.de www.google.de — Cisco Umbrella Rank: 5483	565 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	113 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	139 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 110	15 KB
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1467	40 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2097	183 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1181	427 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 634	262 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 611	163 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1259	99 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1779	172 B
1	revcontent.com trends.revcontent.com — Cisco Umbrella Rank: 1872	336 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 526	785 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 606	585 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 354	239 B
1	addthis.com cw.addthis.com — Cisco Umbrella Rank: 1413	426 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 782	476 B
1	aaxads.com c.aaxads.com — Cisco Umbrella Rank: 3513	234 B
1	mediawallahscript.com partner.mediawallahscript.com — Cisco Umbrella Rank: 1869	232 B
1	googlecommerce.com www.googlecommerce.com — Cisco Umbrella Rank: 19407	1 KB
1	listrak.com services.listrak.com — Cisco Umbrella Rank: 15943	3 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 621	14 KB
123	43

	Domain	Requested by
15	www.google.com	www.officesupply.com www.gstatic.com www.googlecommerce.com www.google.com apis.google.com
11	de2wfhoo6xqi5.cloudfront.net	www.officesupply.com
9	wsv3cdn.audioeye.com	ws.audioeye.com wsv3cdn.audioeye.com
8	www.gstatic.com	www.google.com www.gstatic.com
5	apis.google.com	www.google.com apis.google.com
5	www.google-analytics.com	www.officesupply.com www.google-analytics.com www.googletagmanager.com
4	secure.adnxs.com	3 redirects
4	fonts.gstatic.com	www.officesupply.com wsv3cdn.audioeye.com
4	www.clarity.ms	bat.bing.com www.clarity.ms
4	bat.bing.com	www.officesupply.com bat.bing.com
3	ib.adnxs.com	3 redirects
3	dis.criteo.com
3	at1.listrakbi.com	cdn.listrakbi.com
3	gum.criteo.com	2 redirects static.criteo.net
2	i.liadm.com	2 redirects
2	ad.360yield.com	1 redirects
2	x.bidswitch.net	1 redirects
2	r.casalemedia.com	1 redirects
2	eb2.3lift.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	idsync.rlcdn.com
2	cm.g.doubleclick.net	2 redirects
2	c.clarity.ms	1 redirects
2	www.facebook.com	www.officesupply.com
2	www.google.de	www.officesupply.com
2	connect.facebook.net	www.officesupply.com connect.facebook.net
2	cdn.listrakbi.com	www.officesupply.com cdn.listrakbi.com
2	www.googletagmanager.com	www.officesupply.com www.googletagmanager.com
2	www.officesupply.com	1 redirects
1	analytics.audioeye.com	wsv3cdn.audioeye.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	play.google.com	www.google.com
1	www.googleadservices.com	www.googletagmanager.com
1	exchange.mediavine.com
1	cdn.stickyadstv.com
1	ads.stickyadstv.com	1 redirects
1	criteo-partners.tremorhub.com
1	jadserve.postrelease.com
1	i6.liadm.com
1	match.sharethrough.com
1	rtb-csync.smartadserver.com
1	sync-t1.taboola.com
1	criteo-sync.teads.tv
1	trends.revcontent.com
1	contextual.media.net
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	cw.addthis.com
1	sync.outbrain.com
1	ads.yahoo.com
1	sp.analytics.yahoo.com
1	c.aaxads.com
1	partner.mediawallahscript.com
1	c.bing.com	1 redirects
1	ws.audioeye.com	www.officesupply.com
1	widget.us.criteo.com	www.officesupply.com
1	sslwidget.criteo.com	1 redirects
1	www.googlecommerce.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	services.listrak.com	cdn.listrakbi.com
1	s1.listrakbi.com	cdn.listrakbi.com
1	mug.criteo.com	www.officesupply.com
1	static.criteo.net	www.officesupply.com
1	mail.officesupply.com	1 redirects
123	64

This site contains no links.

Subject Issuer	Validity	Valid
www.officesupply.com Amazon	`2021-09-09` - `2022-10-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.listrakbi.com Amazon	`2022-01-10` - `2023-02-06`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
listrakbi.com Cloudflare Inc ECC CA-3	`2021-08-09` - `2022-08-08`	a year	crt.sh
listrak.com Cloudflare Inc ECC CA-3	`2022-04-11` - `2023-04-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-27` - `2022-05-28`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-03`	a year	crt.sh
*.mediawallahscript.com Amazon	`2022-05-04` - `2023-06-01`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.aaxads.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-05-02` - `2022-06-22`	2 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.postrelease.com Amazon	`2021-12-28` - `2023-01-25`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
exchange.mediavine.com Amazon	`2021-08-05` - `2022-09-03`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.audioeye.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-14` - `2022-06-14`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.officesupply.com/signin
Frame ID: C401656B933C503B8F366245DB31B3EB
Requests: 66 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.officesupply.com&origin=onetag
Frame ID: 36C66C25D775ADCBE9D3D8116157C5F2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LenDS4UAAAAAKTJl8-2I2txe2D7PxFi2BkOqkTa&co=aHR0cHM6Ly93d3cub2ZmaWNlc3VwcGx5LmNvbTo0NDM.&hl=en&type=image&v=M-QqaF9xk6BpjLH22uHZRhXt&theme=light&size=invisible&badge=bottomleft&cb=9lgj02agk7f3
Frame ID: 49A7803A43CDD94F5B3325BFF612EB03
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6LenDS4UAAAAAKTJl8-2I2txe2D7PxFi2BkOqkTa
Frame ID: 24FDE25D6EF6FBFADB534F512B4E55A3
Requests: 11 HTTP requests in this frame

Frame: https://www.google.com/shopping/customerreviews/proxy?ts_id=403298&origin=https%3A%2F%2Fwww.officesupply.com&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xpRpP2dSg9Q.O%2Fd%3D1%2Frs%3DAHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA%2Fm%3D__features__
Frame ID: C023BF6BD974D92138DC18C91314F524
Requests: 9 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RaN6-bBTNHxoZqOY-6YS9CULv0Nr8FfaMYTiQQ&google_gid=CAESEG4Z9z809yER6-O5-nnX9s8&google_cver=1&google_ula=913071,0
Frame ID: BAB28D7E703891EB4504D2405C706BDE
Requests: 30 HTTP requests in this frame

Frame: https://wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=
Frame ID: 7DF85CC70C39B66324AF4331A4EB692E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In | OfficeSupply.comclose carousel

Page URL History Show full URLs

http://mail.officesupply.com/q/SCiWRqv9l5n0XLGrNYFMNOS7wHOeRzcuyKPZcOJam1pdGNoZWxsMkBiY2JzbS5jb23DiAi44eO... HTTP 302
https://www.officesupply.com/account/?trk_msg=LURHPK9N9IH497BUHCTGI6KBHO&trk_contact=6IPCRPGLLJHN154V9N64... HTTP 302
https://www.officesupply.com/signin Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

AudioEye (Accessibility) Expand

Overall confidence: 100%
Detected patterns

audioeye\.com/ae\.js

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

123
Requests

88 %
HTTPS

39 %
IPv6

43
Domains

64
Subdomains

56
IPs

8
Countries

1743 kB
Transfer

4863 kB
Size

81
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mail.officesupply.com/q/SCiWRqv9l5n0XLGrNYFMNOS7wHOeRzcuyKPZcOJam1pdGNoZWxsMkBiY2JzbS5jb23DiAi44eOvhTcLyLbeZBawMNGuI6HHw HTTP 302
https://www.officesupply.com/account/?trk_msg=LURHPK9N9IH497BUHCTGI6KBHO&trk_contact=6IPCRPGLLJHN154V9N641SG4EO&trk_module=bna&trk_sid=VFGM4NBMC6UAECEUJRBVS677E4&trk_link=HITRSBGAP1HK135A9IJ6JS7JEC&contactId=448AE4FD8459F504D433747837&utm_source=Listrak&utm_medium=Email&utm_term=Account&utm_campaign=BnA&utm_content=Browse-Product-1 HTTP 302
https://www.officesupply.com/signin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://gum.criteo.com/sid/json?origin=onetag&domain=officesupply.com&sn=ChromeSyncframe&so=0&topUrl=www.officesupply.com&cw=1&lsw=1&topicsavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=i8cuCXxzOGlNeVp5OW81TlB4Q2pabS80Y0lnL2N3aERUVm1TOVF3bnBDQXlacGZsV1czSUtxTkxTa2hPdzRYeklpS3V4Mmp2QXFwSkdGMlZRaTBZZzNiM01lWUNPMktpRU1nU0theXYxejhIeXpvdGpWMGFzL0tXcUhRc3RYekFPNEtLVnZpY1V3SjJKeDBVcW91aGFHTFp5aXdaYlkyTWp2R1pIQW1BS09FcldsWFE3MTJBNmNDaUNmQmtFbDZYYnBlaSsvL0dWeDZFUDBiM1JKV0tmdUZMdU1oMWhva3ZxWE1uZ1A2OTErS0RnVUMyU2xJblk4cVFHRWdqQ2dub1hRS0FjUkkwSllHdTFGa0JzNFh3TmtWZU1QQT09fA&cppv=2

Request Chain 28

https://sslwidget.criteo.com/event?a=15983&v=5.10.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Ddis&adce=1&bundle=NOqm-19rY1lHZVVQaCUyRnZrcms4RndXSnNUMU8lMkJSZkVXS05hcld5NXBwalZGVDVqUGgxUzlab2wwallyQldobWdSOFpWa1lndFFRSnZobmNSR3lXUEc4aCUyQkNUMFdtU3piMElRZWdrcWc3SEJhNzYwSUFZQjRHSHRZMEFvNUolMkZDdUl4Rlc2Sk42VUdzUFd3WGpWU1ROT25QU1FFTVlxZ1pWbG5kckMzZnhVYjF3VHUyWSUzRA&tld=officesupply.com&fu=https%3A%2F%2Fwww.officesupply.com%2Fsignin&dtycbr=58586 HTTP 302
https://widget.us.criteo.com/event?a=15983&v=5.10.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Ddis&adce=1&bundle=NOqm-19rY1lHZVVQaCUyRnZrcms4RndXSnNUMU8lMkJSZkVXS05hcld5NXBwalZGVDVqUGgxUzlab2wwallyQldobWdSOFpWa1lndFFRSnZobmNSR3lXUEc4aCUyQkNUMFdtU3piMElRZWdrcWc3SEJhNzYwSUFZQjRHSHRZMEFvNUolMkZDdUl4Rlc2Sk42VUdzUFd3WGpWU1ROT25QU1FFTVlxZ1pWbG5kckMzZnhVYjF3VHUyWSUzRA&tld=officesupply.com&fu=https%3A%2F%2Fwww.officesupply.com%2Fsignin&dtycbr=58586

Request Chain 66

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=C1E5749C1D6E4E1DB9F2E4F8CB0EE340&RedC=c.clarity.ms&MXFR=1042BBF1418363211415AA5B45836D4F HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=C1E5749C1D6E4E1DB9F2E4F8CB0EE340&MUID=0302CD7601B065E71ABADCDC00DB64D9

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-RaN6-bBTNHxoZqOY-6YS9CULv0Nr8FfaMYTiQQ&google_cm&google_hm=ay1SYU42LWJCVE5IeG9acU9ZLTZZUzlDVUx2ME5yOEZmYU1ZVGlRUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-RaN6-bBTNHxoZqOY-6YS9CULv0Nr8FfaMYTiQQ&google_cm=&google_hm=ay1SYU42LWJCVE5IeG9acU9ZLTZZUzlDVUx2ME5yOEZmYU1ZVGlRUQ&google_tc= HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RaN6-bBTNHxoZqOY-6YS9CULv0Nr8FfaMYTiQQ&google_gid=CAESEG4Z9z809yER6-O5-nnX9s8&google_cver=1&google_ula=913071,0

Request Chain 69

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=SMuP32KcjRjR_633JEMeSXOv-cm_bXsL

Request Chain 75

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-8xT0F7BTNHxoZqOY-6YS9CULv0ODMtpqJijbtA HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-8xT0F7BTNHxoZqOY-6YS9CULv0ODMtpqJijbtA&verify=true

Request Chain 79

https://secure.adnxs.com/setuid?entity=52&code=k-xPay5LBTNHxoZqOY-6YS9CULv0NPbMy7jM9FXw&seg=95287 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-xPay5LBTNHxoZqOY-6YS9CULv0NPbMy7jM9FXw%26seg%3D95287

Request Chain 80

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fappnxsid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8946835252365372708

Request Chain 82

https://eb2.3lift.com/xuid?mid=2711&xuid=k-EubzSLBTNHxoZqOY-6YS9CULv0Oc81-Pv2U0Gg&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-EubzSLBTNHxoZqOY-6YS9CULv0Oc81-Pv2U0Gg&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

Request Chain 84

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-g4oJ_rBTNHxoZqOY-6YS9CULv0OVvGJ7Akc99A HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-g4oJ_rBTNHxoZqOY-6YS9CULv0OVvGJ7Akc99A&C=1

Request Chain 85

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-cb1m_7BTNHxoZqOY-6YS9CULv0NP58b-FWPJxw&expires=30&user_group=5 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-cb1m_7BTNHxoZqOY-6YS9CULv0NP58b-FWPJxw&expires=30&user_group=5

Request Chain 91

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-eNhFSLBTNHxoZqOY-6YS9CULv0P7BTJ_HB7WqA HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-eNhFSLBTNHxoZqOY-6YS9CULv0P7BTJ_HB7WqA

Request Chain 92

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-S9YhH7BTNHxoZqOY-6YS9CULv0O6UZQDB6h6Nw HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-S9YhH7BTNHxoZqOY-6YS9CULv0O6UZQDB6h6Nw&_li_chk=true&previous_uuid=a7f7c18a20b842cab04662bd84db1793 HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-S9YhH7BTNHxoZqOY-6YS9CULv0O6UZQDB6h6Nw

Request Chain 95

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-IPzAfLBTNHxoZqOY-6YS9CULv0MFhBGKlV0Kmw&redirectId=69 HTTP 302
https://cdn.stickyadstv.com/one-shot/empty.gif

Request Chain 104

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8946835252365372708

123 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request signin Show response
www.officesupply.com/
Redirect Chain

http://mail.officesupply.com/q/SCiWRqv9l5n0XLGrNYFMNOS7wHOeRzcuyKPZcOJam1pdGNoZWxsMkBiY2JzbS5jb23DiAi44eOvhTcLyLbeZBawMNGuI6HHw
https://www.officesupply.com/account/?trk_msg=LURHPK9N9IH497BUHCTGI6KBHO&trk_contact=6IPCRPGLLJHN154V9N641SG4EO&trk_module=bna&trk_sid=VFGM4NBMC6UAECEUJRBVS677E4&trk_link=HITRSBGAP1HK135A9IJ6JS7JEC...
https://www.officesupply.com/signin

56 KB
23 KB

258ms
258ms

Document
text/html

100.26.82.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.officesupply.com/signin

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.26.82.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-26-82-144.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f2dd4ba5708fabf238c3a4201e7261d523281c8e3cc3842af39727b689ab3799

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, must-revalidate, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 20 May 2022 16:23:21 GMT
Expires: Fri, 20 May 2022 16:23:21 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000;
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge

Redirect headers

Cache-Control: max-age=0, must-revalidate, private
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 20 May 2022 16:23:21 GMT
Expires: Fri, 20 May 2022 16:23:21 GMT
Location: https://www.officesupply.com/signin
Server: nginx
Strict-Transport-Security: max-age=31536000;
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 122ms
36ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.officesupply.com
URL: https://www.officesupply.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2916
date: Fri, 20 May 2022 15:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 20 May 2022 17:34:46 GMT

GET
H2 200 public_onload.css
de2wfhoo6xqi5.cloudfront.net/assets/d6626ae116/assets/ 222 KB
36 KB 88ms
27ms Stylesheet
text/css 2600:9000:2315:b800:e:32fa:9b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://de2wfhoo6xqi5.cloudfront.net/assets/d6626ae116/assets/public_onload.css
Requested by: Host: www.officesupply.com
URL: https://www.officesupply.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:b800:e:32fa:9b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 49c21e6847103314bd37d4f05aa442bb41514c759a0cf6fb80d216c4cc6002b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:57:14 GMT
content-encoding: gzip
age: 8769
x-cache: Hit from cloudfront
content-length: 36856
last-modified: Fri, 20 May 2022 13:51:52 GMT
server: AmazonS3
etag: "d24741a9988560e6de5174c28a0665de"
x-amz-version-id: plykFu6RMKwVP7Ebzwk8HFYxWMjAroQD
via: 1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-type: text/css
x-amz-cf-id: auxWVakEvJoWZZFX48YjPo2LH6mqd67lZPtTQgkkSiD0ppDYMvNPqA==
expires: Sat, 20 May 2023 13:51:21 GMT

GET
H2 200 runtime.js Show response
de2wfhoo6xqi5.cloudfront.net/assets/d6626ae116/assets/ 1 KB
1 KB 107ms
45ms Script
application/javascript 2600:9000:2315:b800:e:32fa:9b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://de2wfhoo6xqi5.cloudfront.net/assets/d6626ae116/assets/runtime.js
Requested by: Host: www.officesupply.com
URL: https://www.officesupply.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:b800:e:32fa:9b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 183115f8b50520c0df0aca0f7000f395d60f259557423595021b713a07edb4f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:57:14 GMT
content-encoding: gzip
age: 8769
x-cache: Hit from cloudfront
content-length: 788
last-modified: Fri, 20 May 2022 13:51:52 GMT
server: AmazonS3
etag: "06a8a623c17d44a3a519ffe974fcc7c8"
x-amz-version-id: 1Y5bIzaE6o3CVFYgQf3CjBKpTDZRkhlZ
via: 1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: zCyKVPd-lkbaYsHUiKU8BRXC3qGd7NHRhWhOIWOgrs-9eqVYVhYHQA==
expires: Sat, 20 May 2023 13:51:21 GMT

GET
H2 200 public_head_onload.js Show response
de2wfhoo6xqi5.cloudfront.net/assets/d6626ae116/assets/ 247 B
673 B 107ms
46ms Script
application/javascript 2600:9000:2315:b800:e:32fa:9b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://de2wfhoo6xqi5.cloudfront.net/assets/d6626ae116/assets/public_head_onload.js
Requested by: Host: www.officesupply.com
URL: https://www.officesupply.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:b800:e:32fa:9b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e612b9a5fd017401b64dec55f175c781047c1f72d660fa64daa9102f29c62bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:57:14 GMT
content-encoding: gzip
age: 8768
x-cache: Hit from cloudfront
content-length: 203
last-modified: Fri, 20 May 2022 13:51:52 GMT
server: AmazonS3
etag: "57914ea159573339b43d7444c388d907"
x-amz-version-id: qe9bNNMU70Nu6YitXUbnrPd5atzFRp_5
via: 1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: ejKwyVrsB-2Hn6bjDtL5XRn0Qjo6msO_RD8gjn_bqK3l0p5FPocBMw==
expires: Sat, 20 May 2023 13:51:21 GMT

GET
H2 200 OS-official-logo-color.svg
de2wfhoo6xqi5.cloudfront.net/logos/ 11 KB
11 KB 55ms
54ms Image
image/svg+xml 2600:9000:2315:b800:e:32fa:9b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de2wfhoo6xqi5.cloudfront.net/logos/OS-official-logo-color.svg
Requested by: Host: www.officesupply.com
URL: https://www.officesupply.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:b800:e:32fa:9b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6d7c802e27065ccb923c752b1465e15fd30ae95e021948f0ccbd151b9c1d7fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: LmY_.ktwxlGHLlkc66z9f1Yw7mE1_V9Z
via: 1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
last-modified: Mon, 08 Oct 2018 15:58:41 GMT
server: AmazonS3
age: 34649
etag: "0009b96e08b93d989e215e4f23608db0"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=86400, s-maxage=86400, public
date: Fri, 20 May 2022 16:23:22 GMT
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 11354
x-amz-cf-id: oJgSBSeZyIw6r5BIBGwpTeuvOgi46j57lU9KGOensg2AS-2VkgYRmw==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
966 B 135ms
46ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en_US

Requested by

Host: www.officesupply.com
URL: https://www.officesupply.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

28f7867ed82ffde54a0078cff53dd4aec1d6989a30b2899b9116e6f0c05984f0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Fri, 20 May 2022 16:23:22 GMT

GET
H2 200 9755.js Show response
de2wfhoo6xqi5.cloudfront.net/assets/d6626ae116/assets/ 88 KB
31 KB 26ms
26ms Script
application/javascript 2600:9000:2315:b800:e:32fa:9b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://de2wfhoo6xqi5.cloudfront.net/assets/d6626ae116/assets/9755.js
Requested by: Host: www.officesupply.com
URL: https://www.officesupply.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:b800:e:32fa:9b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f19ee76c15ced040032b03ca5f2877f21f90d260cb334256d2587d4d1061990

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:57:15 GMT
content-encoding: gzip
age: 8768
x-cache: Hit from cloudfront
content-length: 30894
last-modified: Fri, 20 May 2022 13:51:51 GMT
server: AmazonS3
etag: "48c299eb94e6d258de8d504e4ce24f94"
x-amz-version-id: hLz5eqmKpK47qQg48_GkZlqvRf4IR2m5
via: 1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: vA5Y-BN-PjRI3tiw8wdRTIgDHQTXXNYsA7v-_N9BXCN-QIdlHwk58A==
expires: Sat, 20 May 2023 13:51:21 GMT

GET
H2 200 5197.js Show response
de2wfhoo6xqi5.cloudfront.net/assets/d6626ae116/assets/ 156 KB
51 KB 32ms
31ms Script
application/javascript 2600:9000:2315:b800:e:32fa:9b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://de2wfhoo6xqi5.cloudfront.net/assets/d6626ae116/assets/5197.js
Requested by: Host: www.officesupply.com
URL: https://www.officesupply.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:b800:e:32fa:9b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40def5c03d2e65a91346f45721cb2817c0aa3d59e19609fc19b4559c8cedc8aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:57:15 GMT
content-encoding: gzip
age: 8768
x-cache: Hit from cloudfront
content-length: 51675
last-modified: Fri, 20 May 2022 13:51:51 GMT
server: AmazonS3
etag: "9ef1a2182d005452f3fb100efa903431"
x-amz-version-id: A_9z.X6OrSLJiti8nzWqRfgX0yez2smb
via: 1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: x6WvbILw_jW9l1DgdzMhi8ib1kM5RPKD-1FYzKl8-_i7U7Z5GiGpVg==
expires: Sat, 20 May 2023 13:51:21 GMT

GET
H2 200 6983.js Show response
de2wfhoo6xqi5.cloudfront.net/assets/d6626ae116/assets/ 51 KB
13 KB 47ms
45ms Script
application/javascript 2600:9000:2315:b800:e:32fa:9b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://de2wfhoo6xqi5.cloudfront.net/assets/d6626ae116/assets/6983.js
Requested by: Host: www.officesupply.com
URL: https://www.officesupply.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:b800:e:32fa:9b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a85a400138f1600a3e7c787a33042b7614717217f94b8bfc7ed9ae345bc9d25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:57:15 GMT
content-encoding: gzip
age: 8768
x-cache: Hit from cloudfront
content-length: 13330
last-modified: Fri, 20 May 2022 13:51:51 GMT
server: AmazonS3
etag: "c5c5060a336b9344b025f7b5f2f0349d"
x-amz-version-id: IGP6Wkp8kpPDD5ZUQqszVm7IPddUfJ_U
via: 1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: BBQWjZnQDgqWF_-kULvOLsFPnsmQWH9C45viJes2RcuLGfrI2Eniug==
expires: Sat, 20 May 2023 13:51:21 GMT

GET
H2 200 7421.js Show response
de2wfhoo6xqi5.cloudfront.net/assets/d6626ae116/assets/ 19 KB
5 KB 48ms
46ms Script
application/javascript 2600:9000:2315:b800:e:32fa:9b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://de2wfhoo6xqi5.cloudfront.net/assets/d6626ae116/assets/7421.js
Requested by: Host: www.officesupply.com
URL: https://www.officesupply.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:b800:e:32fa:9b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b034479c2970209cbcf8342fb1c9e6d481ee1462fcda0e863f0bf93960c1851a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:57:15 GMT
content-encoding: gzip
age: 8768
x-cache: Hit from cloudfront
content-length: 4411
last-modified: Fri, 20 May 2022 13:51:51 GMT
server: AmazonS3
etag: "760c95c2c1a0b726e0f487dace11eac9"
x-amz-version-id: cnevf5LMXlGOCk2eV2fdSO7wlV_g9lwG
via: 1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: x2ccyt3_m6H_gTb4qCPREPCyYjlerP3neXVnZiEObAjPKY1PtDSaVA==
expires: Sat, 20 May 2023 13:51:21 GMT

GET
H2 200 4698.js Show response
de2wfhoo6xqi5.cloudfront.net/assets/d6626ae116/assets/ 12 KB
5 KB 49ms
48ms Script
application/javascript 2600:9000:2315:b800:e:32fa:9b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://de2wfhoo6xqi5.cloudfront.net/assets/d6626ae116/assets/4698.js
Requested by: Host: www.officesupply.com
URL: https://www.officesupply.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:b800:e:32fa:9b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ae1eb794794fea69fd083cd91547040ec2e1b2a395bec224d42c94ee251b96d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:57:15 GMT
content-encoding: gzip
age: 8768
x-cache: Hit from cloudfront
content-length: 4703
last-modified: Fri, 20 May 2022 13:51:51 GMT
server: AmazonS3
etag: "dfcbd5174e616d60e78fddcdac2fb7f3"
x-amz-version-id: IAj90Vbbav2B9QI.XoTzOlVbSYl9VQan
via: 1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: xd6uNCKYU6Y2sWK_z6aIlM6A1Lc2UsrsxHS6oXaQJhITd7cT2Aio0Q==
expires: Sat, 20 May 2023 13:51:21 GMT

GET
H2 200 public_onload.js Show response
de2wfhoo6xqi5.cloudfront.net/assets/d6626ae116/assets/ 78 KB
22 KB 52ms
51ms Script
application/javascript 2600:9000:2315:b800:e:32fa:9b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://de2wfhoo6xqi5.cloudfront.net/assets/d6626ae116/assets/public_onload.js
Requested by: Host: www.officesupply.com
URL: https://www.officesupply.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:b800:e:32fa:9b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5125b7c106e5757fc6a1cdc94b1a5f8280e1192bbe66bf563d605b278804ee94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:57:15 GMT
content-encoding: gzip
age: 8768
x-cache: Hit from cloudfront
content-length: 22133
last-modified: Fri, 20 May 2022 13:51:52 GMT
server: AmazonS3
etag: "5376471b7ef5ab0f8b583ffe9e1381be"
x-amz-version-id: IzX6jr8U9rOGw8S3qtaAGRysocbedWmq
via: 1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: MqMrgORnTo5EdlfJG0TtTTUlYq98ujwW76yNRfnR9BmokcSMdBuGZQ==
expires: Sat, 20 May 2023 13:51:21 GMT

GET
H2 200 public_login.js Show response
de2wfhoo6xqi5.cloudfront.net/assets/d6626ae116/assets/ 7 KB
3 KB 56ms
55ms Script
application/javascript 2600:9000:2315:b800:e:32fa:9b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://de2wfhoo6xqi5.cloudfront.net/assets/d6626ae116/assets/public_login.js
Requested by: Host: www.officesupply.com
URL: https://www.officesupply.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:b800:e:32fa:9b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26d946546e172051ad41be8b1dac34a86f26927398cdefc7ca3328eff02bdfc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 13:57:45 GMT
content-encoding: gzip
age: 8738
x-cache: Hit from cloudfront
content-length: 2528
last-modified: Fri, 20 May 2022 13:51:52 GMT
server: AmazonS3
etag: "5add4dcc39e8243d6777b7cf843275d6"
x-amz-version-id: JVpn7Db47TZnz93Jcbe9Ew0YGLAfmzDC
via: 1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: fXb9abWAVumtA-6gGTP2mxP38c1ObOObUUsy2H2GyfrJcmhweUAj6g==
expires: Sat, 20 May 2023 13:51:21 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 41 KB
14 KB 62ms
24ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js?a=15983

Requested by

Host: www.officesupply.com
URL: https://www.officesupply.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0722e77458fcedadb2b7596ee392d9cedf6e69d241d325798759adc50c5599c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:22 GMT
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 06:27:13 GMT
server: nginx
etag: W/"626a33c1-a5a0"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 21 May 2022 16:23:22 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 208 KB
71 KB 142ms
54ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-53PFC7

Requested by

Host: www.officesupply.com
URL: https://www.officesupply.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e72ad80f3abf501a83d37acfc177f7334c7fc6d410cbfbbb951aad0bc2d8b3f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72455
x-xss-protection: 0
last-modified: Fri, 20 May 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 20 May 2022 16:23:22 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 98 KB
38 KB 51ms
50ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-MXSMR89&cid=1752644291.1653063802

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c60542088d31d94b9c3dea25638a77b86b391135d7914e78ef3bab46b81748f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:22 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38538
x-xss-protection: 0
expires: Fri, 20 May 2022 16:23:22 GMT

GET
H/1.1 200
OK script.js Show response
cdn.listrakbi.com/scripts/ 159 KB
46 KB 83ms
10ms Script
text/javascript 18.66.130.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/scripts/script.js?m=a8LiLKPVympc&v=1
Requested by: Host: www.officesupply.com
URL: https://www.officesupply.com/signin
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.130.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-130-11.fra60.r.cloudfront.net
Software: cloudflare / ASP.NET
Resource Hash: aa723a0a7dd37a18d00e674a466352bdc3bb5ce2839e3daf9224bdc448bcee08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 16:15:24 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
X-AspNet-Version: 4.0.30319
Age: 478
X-Powered-By: ASP.NET
X-Cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Connection: keep-alive
Content-Length: 46370
Last-Modified: Fri, 20 May 2022 16:08:27 GMT
Server: cloudflare
X-ltk: 5/20/2022 12:15:24 PM
ETag: "pnyQAAHWyWmil2MNllo5PA=="
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
Cache-Control: public, no-transform, max-age=3600, s-maxage=600
X-Amz-Cf-Pop: FRA60-P2
Accept-Ranges: bytes
CF-RAY: 70e65ef1cf0f9b37-FRA
X-Amz-Cf-Id: BtKx3idq0u36-FmLCYzh9Xnb3H-TMVSoYvYYlulqxZm2DPd8vBcmIw==
Expires: Fri, 20 May 2022 17:15:24 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 36C6 14 KB
6 KB 46ms
16ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.officesupply.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js?a=15983

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.officesupply.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6039
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 16:23:22 GMT
server-processing-duration-in-ticks: 3075
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ 362 KB
143 KB 129ms
41ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en_US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efd0c5d34e459e8199af5d95b25051222bff7c890303ae723653447aaedc07ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.officesupply.com/
Origin: https://www.officesupply.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146184
x-xss-protection: 0
last-modified: Mon, 16 May 2022 04:03:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 10:35:01 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 36C6
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=officesupply.com&sn=ChromeSyncframe&so=0&topUrl=www.officesupply.com&cw=1&lsw=1&topicsavail=0
https://mug.criteo.com/sid?cpp=i8cuCXxzOGlNeVp5OW81TlB4Q2pabS80Y0lnL2N3aERUVm1TOVF3bnBDQXlacGZsV1czSUtxTkxTa2hPdzRYeklpS3V4Mmp2QXFwSkdGMlZRaTBZZzNiM01lWUNPMktpRU1nU0theXYxejhIeXpvdGpWMGFzL0tXcUhRc3...

452 B
648 B

56ms
18ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=i8cuCXxzOGlNeVp5OW81TlB4Q2pabS80Y0lnL2N3aERUVm1TOVF3bnBDQXlacGZsV1czSUtxTkxTa2hPdzRYeklpS3V4Mmp2QXFwSkdGMlZRaTBZZzNiM01lWUNPMktpRU1nU0theXYxejhIeXpvdGpWMGFzL0tXcUhRc3RYekFPNEtLVnZpY1V3SjJKeDBVcW91aGFHTFp5aXdaYlkyTWp2R1pIQW1BS09FcldsWFE3MTJBNmNDaUNmQmtFbDZYYnBlaSsvL0dWeDZFUDBiM1JKV0tmdUZMdU1oMWhva3ZxWE1uZ1A2OTErS0RnVUMyU2xJblk4cVFHRWdqQ2dub1hRS0FjUkkwSllHdTFGa0JzNFh3TmtWZU1QQT09fA&cppv=2

Requested by

Host: www.officesupply.com
URL: https://www.officesupply.com/signin

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

d3e1c421b8aeb4b4855a688bbc951619a4826004776a059c649686be9203ac5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 16:23:21 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4544
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 16:23:21 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=i8cuCXxzOGlNeVp5OW81TlB4Q2pabS80Y0lnL2N3aERUVm1TOVF3bnBDQXlacGZsV1czSUtxTkxTa2hPdzRYeklpS3V4Mmp2QXFwSkdGMlZRaTBZZzNiM01lWUNPMktpRU1nU0theXYxejhIeXpvdGpWMGFzL0tXcUhRc3RYekFPNEtLVnZpY1V3SjJKeDBVcW91aGFHTFp5aXdaYlkyTWp2R1pIQW1BS09FcldsWFE3MTJBNmNDaUNmQmtFbDZYYnBlaSsvL0dWeDZFUDBiM1JKV0tmdUZMdU1oMWhva3ZxWE1uZ1A2OTErS0RnVUMyU2xJblk4cVFHRWdqQ2dub1hRS0FjUkkwSllHdTFGa0JzNFh3TmtWZU1QQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1325
content-length: 541
expires: 0

GET
H2 200 getIds Show response
s1.listrakbi.com/a8LiLKPVympc/session/ 175 B
1 KB 445ms
387ms Script
application/x-javascript 104.18.7.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.listrakbi.com/a8LiLKPVympc/session/getIds?callback=ltkCallback8913&gsid=&_sid=&_tid=574255&ps=null&dps=true
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=a8LiLKPVympc&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.7.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ad77d28336f042beb272bd43a30bac849ae510d62d52614d032b54e86f342884

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 16:23:22 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type: application/x-javascript; charset=utf-8
cache-control: no-cache
cf-ray: 70e66a9e3a169180-FRA
expires: -1

GET
H2 200 ltkPrefCenterFrame Show response
services.listrak.com/API/S/ 3 KB
3 KB 487ms
415ms Script
text/javascript 104.18.12.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.listrak.com/API/S/ltkPrefCenterFrame
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=a8LiLKPVympc&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3c37cad2a67d4feb6c0adf0a055d0c4730d5f5135f7d56e2df3616baa0d198d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/javascript; charset=utf-8
cache-control: private,no-transform,public,max-age=3600,s-maxage=7200
cf-ray: 70e66a9e5c0c9b1b-FRA
x-aspnet-version: 4.0.30319
content-length: 2729

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 129ms
54ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SES3NZRWEL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53PFC7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

88b6217765b79f9dca0b1567ae3f8953394f12d6a9972bd28cc06042f3eca05e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:22 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69531
x-xss-protection: 0
expires: Fri, 20 May 2022 16:23:22 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 69ms
18ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-61344900-1&cid=1752644291.1653063802&jid=1021603388&gjid=120387155&_gid=1851274665.1653063802&_u=aGDAgEADQAAAAE~&z=2102998156

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.officesupply.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 20 May 2022 16:23:22 GMT
content-type: text/plain
access-control-allow-origin: https://www.officesupply.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googlecommerce.com/trustedstores/api/ 570 B
1 KB 262ms
171ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googlecommerce.com/trustedstores/api/js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53PFC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1af4271fe01142700f715887cc1ce9d122ef79559a745edaada1b6b11a0af673

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/VerifiedReviewsGcrHttp/cspreport, script-src 'report-sample' 'nonce-owywPkpdDLUjwU_gfoj8dA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsGcrHttp/cspreport;worker-src 'self', script-src 'nonce-owywPkpdDLUjwU_gfoj8dA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsGcrHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=14400
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/VerifiedReviewsGcrHttp/cspreport, script-src 'report-sample' 'nonce-owywPkpdDLUjwU_gfoj8dA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsGcrHttp/cspreport;worker-src 'self', script-src 'nonce-owywPkpdDLUjwU_gfoj8dA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsGcrHttp/cspreport
expires: Fri, 20 May 2022 16:23:22 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 33ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.officesupply.com
URL: https://www.officesupply.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: IJHdfBVaN24BCzaBeTGrzQHXRG2H2EKMsJ20jk4UDzPZgS88RNUEUA0EhS4D/h2Sfxiv2YsuaZt9Uuc3693E7A==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 20 May 2022 16:23:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 82ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.officesupply.com
URL: https://www.officesupply.com/signin

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B4126FE71CB846DC89982DC951E2F36E Ref B: FRAEDGE1407 Ref C: 2022-05-20T16:23:22Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Fri, 20 May 2022 16:23:22 GMT
accept-ranges: bytes
content-length: 11347

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 42ms
42ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=4678157&t=pageview&_s=1&dl=https%3A%2F%2Fwww.officesupply.com%2Fsignin&ul=en-us&de=UTF-8&dt=Sign%20In%20%7C%20OfficeSupply.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEADQ~&jid=1021603388&gjid=120387155&cid=1752644291.1653063802&tid=UA-61344900-1&_gid=1851274665.1653063802&gtm=2wg5b053PFC7&z=1770765323

Requested by

Host: www.officesupply.com
URL: https://www.officesupply.com/signin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 15:47:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2179
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=15983&v=5.10.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Ddis&adce=1&bundle=NOqm-19rY1lHZVVQaCUyRnZrcms4RndXSnNUMU8lMkJSZkVXS05hcld5NXBwalZGVDVqUGgxUzlab2wwallyQldobWdSO...
https://widget.us.criteo.com/event?a=15983&v=5.10.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Ddis&adce=1&bundle=NOqm-19rY1lHZVVQaCUyRnZrcms4RndXSnNUMU8lMkJSZkVXS05hcld5NXBwalZGVDVqUGgxUzlab2wwallyQldobWdSO...

7 KB
8 KB

353ms
138ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=15983&v=5.10.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Ddis&adce=1&bundle=NOqm-19rY1lHZVVQaCUyRnZrcms4RndXSnNUMU8lMkJSZkVXS05hcld5NXBwalZGVDVqUGgxUzlab2wwallyQldobWdSOFpWa1lndFFRSnZobmNSR3lXUEc4aCUyQkNUMFdtU3piMElRZWdrcWc3SEJhNzYwSUFZQjRHSHRZMEFvNUolMkZDdUl4Rlc2Sk42VUdzUFd3WGpWU1ROT25QU1FFTVlxZ1pWbG5kckMzZnhVYjF3VHUyWSUzRA&tld=officesupply.com&fu=https%3A%2F%2Fwww.officesupply.com%2Fsignin&dtycbr=58586

Requested by

Host: www.officesupply.com
URL: https://www.officesupply.com/signin

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8c5f1e0aa84a834161c427f9f03234f8126b845a6ee939bf9ff9c65429e29f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 16:23:22 GMT
server: Kestrel
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 39884728
content-type: application/x-javascript
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 16:23:22 GMT
server: Kestrel
location: https://widget.us.criteo.com/event?a=15983&v=5.10.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Ddis&adce=1&bundle=NOqm-19rY1lHZVVQaCUyRnZrcms4RndXSnNUMU8lMkJSZkVXS05hcld5NXBwalZGVDVqUGgxUzlab2wwallyQldobWdSOFpWa1lndFFRSnZobmNSR3lXUEc4aCUyQkNUMFdtU3piMElRZWdrcWc3SEJhNzYwSUFZQjRHSHRZMEFvNUolMkZDdUl4Rlc2Sk42VUdzUFd3WGpWU1ROT25QU1FFTVlxZ1pWbG5kckMzZnhVYjF3VHUyWSUzRA&tld=officesupply.com&fu=https%3A%2F%2Fwww.officesupply.com%2Fsignin&dtycbr=58586
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 13276239
timing-allow-origin: *
content-length: 0
expires: 0

GET
H/1.1 200
OK animate.min.css
cdn.listrakbi.com/css/ 5 KB
2 KB 8ms
7ms Stylesheet
text/css 18.66.130.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/css/animate.min.css
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=a8LiLKPVympc&v=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.130.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-130-11.fra60.r.cloudfront.net
Software: cloudflare / ASP.NET
Resource Hash: bb8fa5f5216fa65fb3b0cfc76de29efaf4e6ff82a281dc540fb568d4767f688e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 22:51:23 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Age: 63120
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 21 Jul 2021 14:43:11 GMT
Server: cloudflare
ETag: W/"f064b7ba3e7ed71:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Content-Type: text/css
Via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
CF-RAY: 709443c378019b43-FRA
X-Amz-Cf-Id: R1hxU_x0cIcIVIAihoe1_pFuBHKI_uukkLzCJDJfHrsh0SNJXemZZg==

GET
H3 200 1753757218229066 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 26ms
11ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1753757218229066?v=2.9.60&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

38cbd27bc3679996b27c018cbf69b04262b1171a40721b592b0bf031fd5bc0d8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88744
x-xss-protection: 0
pragma: public
x-fb-debug: PgsSzIHG/MMhPzoHD/IbKkKXfbYLTrOMUcng12KwznT3NaEBk0yc77E6rV2BNW7DsVaTBWjI9Z6JfiUd4x4Jzg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 20 May 2022 16:23:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 144ms
62ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-61344900-1&cid=1752644291.1653063802&jid=1021603388&_u=aGDAgEADQAAAAE~&z=669214139

Requested by

Host: www.officesupply.com
URL: https://www.officesupply.com/signin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 16:23:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 168ms
74ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-61344900-1&cid=1752644291.1653063802&jid=1021603388&_u=aGDAgEADQAAAAE~&z=669214139

Requested by

Host: www.officesupply.com
URL: https://www.officesupply.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 16:23:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5667473.js Show response
bat.bing.com/p/action/ 218 B
475 B 172ms
172ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5667473.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2888d8feeed5cfa17753c01f613f57d100ac89c3897dec8b52a23c902e5f3bc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 43D705AD756E4FB89988A94DD7BFBD25 Ref B: FRAEDGE1407 Ref C: 2022-05-20T16:23:22Z
date: Fri, 20 May 2022 16:23:22 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 300

GET
H2 204 0
bat.bing.com/action/ 0
174 B 36ms
35ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5667473&Ver=2&mid=887b7dff-34e5-4cb0-b275-696880e684be&sid=2b0340d0d85911ecb82e531b96f2ef9b&vid=2b037940d85911ecb38b678920197cff&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sign%20In%20%7C%20OfficeSupply.com&p=https%3A%2F%2Fwww.officesupply.com%2Fsignin&r=&lt=1203&evt=pageLoad&msclkid=N&sv=1&rn=298125

Requested by

Host: www.officesupply.com
URL: https://www.officesupply.com/signin

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5A4EF735173841F58A85F39A90431A16 Ref B: FRAEDGE1407 Ref C: 2022-05-20T16:23:22Z
date: Fri, 20 May 2022 16:23:22 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
120 B 84ms
83ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.officesupply.com
URL: https://www.officesupply.com/signin

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4E1C5FB364624B96B93C08F6514CA9B5 Ref B: FRAEDGE1407 Ref C: 2022-05-20T16:23:22Z
date: Fri, 20 May 2022 16:23:22 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 27ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1753757218229066&ev=PageView&dl=https%3A%2F%2Fwww.officesupply.com%2Fsignin&rl=&if=false&ts=1653063802726&sw=1600&sh=1200&v=2.9.60&r=stable&ec=0&o=30&fbp=fb.1.1653063802724.516660259&it=1653063802662&coo=false&exp=p1&rqm=GET

Requested by

Host: www.officesupply.com
URL: https://www.officesupply.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 20 May 2022 16:23:22 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 49A7 42 KB
22 KB 59ms
58ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LenDS4UAAAAAKTJl8-2I2txe2D7PxFi2BkOqkTa&co=aHR0cHM6Ly93d3cub2ZmaWNlc3VwcGx5LmNvbTo0NDM.&hl=en&type=image&v=M-QqaF9xk6BpjLH22uHZRhXt&theme=light&size=invisible&badge=bottomleft&cb=9lgj02agk7f3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a05b229b0a88ef36999aa13dd65a51544aaf9ec884ca19ad149232f832c41654

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-S621EP1XhGGrxUZkzwOKzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.officesupply.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22603
content-security-policy: script-src 'report-sample' 'nonce-S621EP1XhGGrxUZkzwOKzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 16:23:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 46ms
46ms Ping
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-SES3NZRWEL&gtm=2oe5b0&_p=4678157&_z=ccd.tbB&cid=1752644291.1653063802&ul=en-us&sr=1600x1200&_s=1&sid=1653063802&sct=1&seg=0&dl=https%3A%2F%2Fwww.officesupply.com%2Fsignin&dt=Sign%20In%20%7C%20OfficeSupply.com&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SES3NZRWEL&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 16:23:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.officesupply.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 49A7 51 KB
24 KB 119ms
39ms Stylesheet
text/css 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LenDS4UAAAAAKTJl8-2I2txe2D7PxFi2BkOqkTa&co=aHR0cHM6Ly93d3cub2ZmaWNlc3VwcGx5LmNvbTo0NDM.&hl=en&type=image&v=M-QqaF9xk6BpjLH22uHZRhXt&theme=light&size=invisible&badge=bottomleft&cb=9lgj02agk7f3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 15:21:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 16 May 2022 04:03:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 15:21:55 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 49A7 362 KB
143 KB 118ms
39ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efd0c5d34e459e8199af5d95b25051222bff7c890303ae723653447aaedc07ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146184
x-xss-protection: 0
last-modified: Mon, 16 May 2022 04:03:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 10:35:01 GMT

GET
H3 200 m=bootstrap Show response
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrBootstrapJs.de.92YKXGNPHas.es5.O/d=1/rs=AC8lLkQeh993CRAhDWyEVhJT5NK4uETuyw/ 17 KB
7 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrBootstrapJs.de.92YKXGNPHas.es5.O/d=1/rs=AC8lLkQeh993CRAhDWyEVhJT5NK4uETuyw/m=bootstrap

Requested by

Host: www.googlecommerce.com
URL: https://www.googlecommerce.com/trustedstores/api/js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae9ce6a9919db143c6175f962b2be4c02a013239f2fb4136439f846ff56d9fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 15:43:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6658
x-xss-protection: 0
last-modified: Wed, 18 May 2022 22:11:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 May 2023 15:43:02 GMT

GET
H2 200 5667473 Show response
www.clarity.ms/tag/uet/ 1 KB
2 KB 263ms
128ms Script
application/x-javascript 2620:1ec:27::cafe:1774
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/5667473
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/5667473.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1774 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 7f333e9e85165b4da2f90e56b94daca7e9adc407b9990be01c263c95283f8d11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:22 GMT
x-powered-by: ASP.NET
x-azure-ref: 0e8CHYgAAAAChs+bAKeYiTZBTaNOQK+7ITElTMDFFREdFMDUxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
content-length: 1508
expires: -1

GET
H2 200 api.js Show response
apis.google.com/js/ 14 KB
6 KB 133ms
46ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrBootstrapJs.de.92YKXGNPHas.es5.O/d=1/rs=AC8lLkQeh993CRAhDWyEVhJT5NK4uETuyw/m=bootstrap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a901d90ba255bf03338f50786eb7f56033a915131982e08ab8473e4817105adb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5541
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Fri, 20 May 2022 16:23:23 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "d9fb14b7bd505434"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 May 2022 16:23:23 GMT

GET
H2 200 a8LiLKPVympc Show response
at1.listrakbi.com/activity/ 111 B
645 B 135ms
116ms Script
text/javascript 104.18.7.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://at1.listrakbi.com/activity/a8LiLKPVympc
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=a8LiLKPVympc&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.7.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a5c197e51fc1575345fc47e63b5c5e959d4edb66937a9ea5c6e352444e7669eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:23 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/javascript; charset=utf-8
cache-control: private
cf-ray: 70e66aa12fe99180-FRA

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/ 94 KB
31 KB 122ms
40ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c1169af4b9684be9983d9d7241121c48f8b2674bcd814a763d63fe0fe58dac3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 23:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 147130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31499
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 15:20:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 May 2023 23:31:13 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 49A7 102 B
134 B 45ms
45ms Other
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=M-QqaF9xk6BpjLH22uHZRhXt

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a032484668d7579488d1120c0ae6421c4448e26f37c29d324d5309bd5fa82eac

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LenDS4UAAAAAKTJl8-2I2txe2D7PxFi2BkOqkTa&co=aHR0cHM6Ly93d3cub2ZmaWNlc3VwcGx5LmNvbTo0NDM.&hl=en&type=image&v=M-QqaF9xk6BpjLH22uHZRhXt&theme=light&size=invisible&badge=bottomleft&cb=9lgj02agk7f3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 20 May 2022 16:23:23 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 24FD 7 KB
1 KB 49ms
48ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6LenDS4UAAAAAKTJl8-2I2txe2D7PxFi2BkOqkTa

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a488c39840c458b859be71815e9e9834c48d2e48b7b39970fbf9491a7cbd46c4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tIMHMmEQXwq4gTqFsDc_Ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.officesupply.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1113
content-security-policy: script-src 'report-sample' 'nonce-tIMHMmEQXwq4gTqFsDc_Ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 20 May 2022 16:23:23 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-f/s/0.6.34/ 53 KB
23 KB 132ms
131ms Script
application/javascript 2620:1ec:27::cafe:1774
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-f/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/5667473
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1774 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:22 GMT
content-encoding: br
etag: "1d86ac05e8dcb54"
last-modified: Wed, 18 May 2022 14:05:46 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0e8CHYgAAAACziPaCWfklTIDGb4EO/RYfTElTMDFFREdFMDUxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
content-length: 23150
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H3 200 proxy Show response
www.google.com/shopping/customerreviews/ Frame C023 21 KB
8 KB 180ms
180ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/shopping/customerreviews/proxy?ts_id=403298&origin=https%3A%2F%2Fwww.officesupply.com&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xpRpP2dSg9Q.O%2Fd%3D1%2Frs%3DAHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ce9c9c853000c3c9e80fa4cf16d65ff6ff9a1fdb3dba82c79f9c41811cdf4b8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NP68gXK-HR8heNxU7Wco3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsGcrProxyUi/cspreport;worker-src 'self' script-src 'nonce-NP68gXK-HR8heNxU7Wco3w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsGcrProxyUi/cspreport require-trusted-types-for 'script';report-uri /_/VerifiedReviewsGcrProxyUi/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.officesupply.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=14400
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-NP68gXK-HR8heNxU7Wco3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsGcrProxyUi/cspreport;worker-src 'self' script-src 'nonce-NP68gXK-HR8heNxU7Wco3w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsGcrProxyUi/cspreport require-trusted-types-for 'script';report-uri /_/VerifiedReviewsGcrProxyUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Fri, 20 May 2022 16:23:23 GMT
expires: Fri, 20 May 2022 16:23:23 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 a8LiLKPVympc Show response
at1.listrakbi.com/activity/ 111 B
495 B 114ms
114ms Script
text/javascript 104.18.7.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://at1.listrakbi.com/activity/a8LiLKPVympc?vuid=97615964-8b52-44f9-b9ab-74713cbb959f&uid=F17EDD51-0A3C-4BE0-A6FB-7F6FF1D0E28C&gsid=28b783c8-0599-4802-86ec-196cf7f10148&sid=53c90976-21a7-4313-a814-9cc1df958753&_t_0=at&t_0=PageBrowse&k_0=https%3A%2F%2Fwww.officesupply.com%2Fsignin
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=a8LiLKPVympc&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.7.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a5c197e51fc1575345fc47e63b5c5e959d4edb66937a9ea5c6e352444e7669eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:23 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/javascript; charset=utf-8
cache-control: private
cf-ray: 70e66aa22a009180-FRA

GET
H2 200 a8LiLKPVympc Show response
at1.listrakbi.com/activity/ 111 B
491 B 116ms
116ms Script
text/javascript 104.18.7.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://at1.listrakbi.com/activity/a8LiLKPVympc?vuid=97615964-8b52-44f9-b9ab-74713cbb959f&uid=F3383709-BF13-4FC2-9293-6F29C5971FC8&gsid=28b783c8-0599-4802-86ec-196cf7f10148&sid=53c90976-21a7-4313-a814-9cc1df958753&_t_0=at&t_0=Identification&k_0=3&_t_1=at&t_1=Identification&k_1=4&_t_2=at&t_2=Identification&k_2=5
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=a8LiLKPVympc&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.7.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a5c197e51fc1575345fc47e63b5c5e959d4edb66937a9ea5c6e352444e7669eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:23 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/javascript; charset=utf-8
cache-control: private
cf-ray: 70e66aa22a019180-FRA

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 24FD 51 KB
24 KB 40ms
39ms Stylesheet
text/css 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6LenDS4UAAAAAKTJl8-2I2txe2D7PxFi2BkOqkTa

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 15:21:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 16 May 2022 04:03:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 15:21:55 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 24FD 362 KB
143 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6LenDS4UAAAAAKTJl8-2I2txe2D7PxFi2BkOqkTa

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efd0c5d34e459e8199af5d95b25051222bff7c890303ae723653447aaedc07ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 10:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146184
x-xss-protection: 0
last-modified: Mon, 16 May 2022 04:03:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 10:35:01 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 24FD 38 KB
23 KB 83ms
83ms XHR
application/json 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LenDS4UAAAAAKTJl8-2I2txe2D7PxFi2BkOqkTa

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fe6a00b14a3258079e26fbedba64de123587ef102b09121d5c65c90441c1f625

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6LenDS4UAAAAAKTJl8-2I2txe2D7PxFi2BkOqkTa
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Fri, 20 May 2022 16:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23562
x-xss-protection: 1; mode=block
expires: Fri, 20 May 2022 16:23:23 GMT

POST
H3 404 cspreport
www.google.com/_/VerifiedReviewsGcrProxyUi/ Frame C023 2 KB
2 KB 36ms
36ms Other
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/_/VerifiedReviewsGcrProxyUi/cspreport
Requested by: Host: www.officesupply.com
URL: https://www.officesupply.com/signin
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 667fce7aa7cd4f9311b75e0e9c31d515e516f8ab025b6811b3ffdedbd9040881

Request headers

Referer: https://www.google.com/shopping/customerreviews/proxy?ts_id=403298&origin=https%3A%2F%2Fwww.officesupply.com&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xpRpP2dSg9Q.O%2Fd%3D1%2Frs%3DAHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA%2Fm%3D__features__
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 20 May 2022 16:23:23 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1598
content-type: text/html; charset=UTF-8

GET
H3 200 m=_b,_tp Show response
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.de.NP3FQrj1HiI.es5.O/am=D4A/d=1/excm=_b,_tp,emptyview/ed=1/dg=0/wt=2/esmo=1/rs=A... Frame C023 144 KB
50 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.de.NP3FQrj1HiI.es5.O/am=D4A/d=1/excm=_b,_tp,emptyview/ed=1/dg=0/wt=2/esmo=1/rs=AC8lLkSmAB-i4N7c_y7rD1aaUi4Kd0Og5g/m=_b,_tp

Requested by

Host: www.google.com
URL: https://www.google.com/shopping/customerreviews/proxy?ts_id=403298&origin=https%3A%2F%2Fwww.officesupply.com&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xpRpP2dSg9Q.O%2Fd%3D1%2Frs%3DAHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbd39ef3bf200d7da52ac3511e4545628b4aeddf88014a9d6cde44c519fb60ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 15:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51458
x-xss-protection: 0
last-modified: Fri, 20 May 2022 06:08:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 15:42:40 GMT

POST
H2 204 collect Show response
www.clarity.ms/eus-f/ 0
183 B 163ms
163ms XHR
text/plain 2620:1ec:27::cafe:1774
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-f/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-f/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1774 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.officesupply.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://www.officesupply.com
date: Fri, 20 May 2022 16:23:22 GMT
access-control-allow-credentials: true
x-powered-by: ASP.NET
x-azure-ref: 0e8CHYgAAAABiIHIpBpiGT4fyf8g1dYrKTElTMDFFREdFMDUxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 24FD 600 B
624 B 40ms
39ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 19:52:10 GMT
x-content-type-options: nosniff
age: 246673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Tue, 24 May 2022 19:52:10 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 24FD 530 B
554 B 40ms
40ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 05:44:53 GMT
x-content-type-options: nosniff
age: 211110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 25 May 2022 05:44:53 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 24FD 665 B
688 B 217ms
216ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
expires: Fri, 27 May 2022 16:23:23 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 24FD 15 KB
16 KB 121ms
36ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.officesupply.com
URL: https://www.officesupply.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 256602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 17 May 2023 17:06:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 24FD 15 KB
15 KB 163ms
78ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: www.officesupply.com
URL: https://www.officesupply.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 21:19:14 GMT
x-content-type-options: nosniff
age: 327849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 16 May 2023 21:19:14 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 24FD 15 KB
15 KB 132ms
47ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.officesupply.com
URL: https://www.officesupply.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 14:17:54 GMT
x-content-type-options: nosniff
age: 266729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 17 May 2023 14:17:54 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 24FD 40 KB
40 KB 46ms
44ms Image
image/jpeg 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AGdBq26bwAzzglpifu5pITusPNEfZoCvkWI3BF1h6jA6i5JBF_DyTZIfeVvvu_3aRylz3-bqVIOlReyXjCQQpxOTmqQ5STmhjv4Ihc8tlZeh2TNkGQ-klJ3z_q-N7Igm4rwOY9UMk3dB_RJJ1j2tehpsm3wyIioPdpGBlm-Ferhs28LuKBhhit04liBjKSs_gFPg7CUM5xkNBJ5IDr7zsMLRlGcQ2zcMpg&k=6LenDS4UAAAAAKTJl8-2I2txe2D7PxFi2BkOqkTa

Requested by

Host: www.officesupply.com
URL: https://www.officesupply.com/signin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d0a3e0842d8894b42eede6322ff7f829b145299782262bf38755b5b96e69346d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6LenDS4UAAAAAKTJl8-2I2txe2D7PxFi2BkOqkTa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:23 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41298
x-xss-protection: 1; mode=block
expires: Fri, 20 May 2022 16:23:23 GMT

GET
H2 200 ae.js Show response
ws.audioeye.com/ 1020 B
803 B 87ms
22ms Script
application/javascript 2606:4700::6812:194c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.audioeye.com/ae.js
Requested by: Host: www.officesupply.com
URL: https://www.officesupply.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:194c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e56bd6105d6e24d804d3db97049f580c26390f475a87f7535e066bdc815b2f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cache-tags
date: Fri, 20 May 2022 16:23:23 GMT
content-encoding: gzip
surrogate-keys
cf-cache-status: HIT
server: cloudflare
age: 2462
etag: "c5f5d23dbd841fb0868078e4bfbbd713"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=3600
cf-ray: 70e66aa46ce9911f-FRA

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=C1E5749C1D6E4E1DB9F2E4F8CB0EE340&RedC=c.clarity.ms&MXFR=1042BBF1418363211415AA5B45836D4F
https://c.clarity.ms/c.gif?CtsSyncId=C1E5749C1D6E4E1DB9F2E4F8CB0EE340&MUID=0302CD7601B065E71ABADCDC00DB64D9

42 B
369 B

26ms
26ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=C1E5749C1D6E4E1DB9F2E4F8CB0EE340&MUID=0302CD7601B065E71ABADCDC00DB64D9
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 16:23:22 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 16:23:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9BDC348C3D1C49DAA83ED255E96FECEF Ref B: FRAEDGE1407 Ref C: 2022-05-20T16:23:23Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=C1E5749C1D6E4E1DB9F2E4F8CB0EE340&MUID=0302CD7601B065E71ABADCDC00DB64D9
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 m=byfTOb,lsjVmc,xUdipf,n73qwf,UUJqVe,IZT63,vfuNJf,ws9Tlc,LEikZe,NwH0H,MpJwZc,PrPYRd,gychg,hc6Ubd,pBXhlf Show response
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.de.NP3FQrj1HiI.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.... Frame C023 97 KB
34 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.de.NP3FQrj1HiI.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.f07nSMCSmwY.L.B1.O/am=D4A/d=1/exm=_b,_tp/excm=_b,_tp,emptyview/esmo=1/ed=1/wt=2/rs=AC8lLkT0e1enSgbBQs-rNVobGVi9h2YUlg/ee=nAFL3:NTMZac;oGtAuc:sOXFj;iFQyKf:vfuNJf;cEt90b:ws9Tlc;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,xUdipf,n73qwf,UUJqVe,IZT63,vfuNJf,ws9Tlc,LEikZe,NwH0H,MpJwZc,PrPYRd,gychg,hc6Ubd,pBXhlf

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.de.NP3FQrj1HiI.es5.O/am=D4A/d=1/excm=_b,_tp,emptyview/ed=1/dg=0/wt=2/esmo=1/rs=AC8lLkSmAB-i4N7c_y7rD1aaUi4Kd0Og5g/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df0f1d27bfe38c27102b9a66e0af615057d36276a24ccc13a570b0df171fc6c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 15:42:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34427
x-xss-protection: 0
last-modified: Fri, 20 May 2022 03:09:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 15:42:46 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame BAB2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-RaN6-bBTNHxoZqOY-6YS9CULv0Nr8FfaMYTiQQ&google_cm&google_hm=ay1SYU42LWJCVE5IeG9acU9ZLTZZUzlDVUx2ME5yOEZmY...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-RaN6-bBTNHxoZqOY-6YS9CULv0Nr8FfaMYTiQQ&google_cm=&google_hm=ay1SYU42LWJCVE5IeG9acU9ZLTZZUzlDVUx2ME5yOEZ...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RaN6-bBTNHxoZqOY-6YS9CULv0Nr8FfaMYTiQQ&google_gid=CAESEG4Z9z809yER6-O5-nnX9s8&google_cver=1&google_ula=913071,0

43 B
371 B

62ms
16ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RaN6-bBTNHxoZqOY-6YS9CULv0Nr8FfaMYTiQQ&google_gid=CAESEG4Z9z809yER6-O5-nnX9s8&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 16:23:23 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1122217
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 May 2022 16:23:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-RaN6-bBTNHxoZqOY-6YS9CULv0Nr8FfaMYTiQQ&google_gid=CAESEG4Z9z809yER6-O5-nnX9s8&google_cver=1&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

397596.gif
idsync.rlcdn.com/ Frame BAB2
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=SMuP32KcjRjR_633JEMeSXOv-cm_bXsL

42 B
178 B

108ms
41ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=SMuP32KcjRjR_633JEMeSXOv-cm_bXsL
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 16:23:23 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=SMuP32KcjRjR_633JEMeSXOv-cm_bXsL
date: Fri, 20 May 2022 16:23:23 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2632
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H/1.1 204
NO CONTENT /
partner.mediawallahscript.com/ Frame BAB2 0
232 B 133ms
29ms Image
text/html 3.248.113.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-RaN6-bBTNHxoZqOY-6YS9CULv0Nr8FfaMYTiQQ&custom=&tag_format=img&tag_action=sync&custom=&cb=27606ecc-15a5-4406-8e9f-474ec2197e44
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.113.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-113-119.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 May 2022 16:23:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Server: nginx/1.20.0
Connection: keep-alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 362338.gif
idsync.rlcdn.com/ Frame BAB2 42 B
448 B 125ms
41ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-RaN6-bBTNHxoZqOY-6YS9CULv0Nr8FfaMYTiQQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 May 2022 16:23:23 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 aacxc.php
c.aaxads.com/ Frame BAB2 234 B
234 B 32ms
7ms Image
text/html 23.205.241.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aaxads.com/aacxc.php?fv=3&wbsh=crx&ryvlg=k-RaN6-bBTNHxoZqOY-6YS9CULv0Nr8FfaMYTiQQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-241-117.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=604800
cache-control: max-age=2329122
server: Apache
date: Fri, 20 May 2022 16:23:23 GMT
content-length: 234
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame BAB2 43 B
632 B 144ms
45ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 16:23:23 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Fri, 20 May 2022 16:23:23 GMT

GET
H2 204 v1
ads.yahoo.com/cms/ Frame BAB2 0
194 B 100ms
29ms Image
text/plain 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:23 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame BAB2
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-8xT0F7BTNHxoZqOY-6YS9CULv0ODMtpqJijbtA
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-8xT0F7BTNHxoZqOY-6YS9CULv0ODMtpqJijbtA&verify=true

0
121 B

13ms
11ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-8xT0F7BTNHxoZqOY-6YS9CULv0ODMtpqJijbtA&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:23 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-8xT0F7BTNHxoZqOY-6YS9CULv0ODMtpqJijbtA&verify=true
date: Fri, 20 May 2022 16:23:23 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame BAB2 0
476 B 500ms
92ms Image
text/plain 64.202.112.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-lfJh1bBTNHxoZqOY-6YS9CULv0OKXxflS2kWOQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 Harrodsburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 16:23:23 GMT
Cache-Control: no-cache
X-TraceId: 7ec2ff7cc767021728fb46da4799b6a0
Content-Length: 0

GET
H2 204 t.gif
cw.addthis.com/ Frame BAB2 0
426 B 460ms
167ms Image
text/plain 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-NX4PZ7BTNHxoZqOY-6YS9CULv0MlXsxm8jC02w
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 16:23:24 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 20 May 2022 16:23:24 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame BAB2 0
239 B 41ms
8ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-NX4PZ7BTNHxoZqOY-6YS9CULv0MlXsxm8jC02w&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame BAB2
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-xPay5LBTNHxoZqOY-6YS9CULv0NPbMy7jM9FXw&seg=95287
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-xPay5LBTNHxoZqOY-6YS9CULv0NPbMy7jM9FXw%26seg%3D95287

43 B
1 KB

9ms
8ms

Image
image/gif

37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-xPay5LBTNHxoZqOY-6YS9CULv0NPbMy7jM9FXw%26seg%3D95287

Protocol

HTTP/1.1

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 May 2022 16:23:23 GMT
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f3ed9098-399d-47ea-bba3-002dfb182092
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 May 2022 16:23:23 GMT
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: eb9ee59a-629e-4c1f-a6f0-c7d5fe273ce6
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-xPay5LBTNHxoZqOY-6YS9CULv0NPbMy7jM9FXw%26seg%3D95287
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame BAB2
Redirect Chain

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fa...
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8946835252365372708

43 B
370 B

17ms
16ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8946835252365372708

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 16:23:23 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1969154
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 May 2022 16:23:23 GMT
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 39124f93-ebcf-4f09-a4fc-4b7c50a002b2
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8946835252365372708
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame BAB2 42 B
585 B 240ms
16ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-Ep0g9LBTNHxoZqOY-6YS9CULv0NWRRd4uqNfjQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:23 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

xuid
eb2.3lift.com/ Frame BAB2
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-EubzSLBTNHxoZqOY-6YS9CULv0Oc81-Pv2U0Gg&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-EubzSLBTNHxoZqOY-6YS9CULv0Oc81-Pv2U0Gg&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

37 B
354 B

13ms
12ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-EubzSLBTNHxoZqOY-6YS9CULv0Oc81-Pv2U0Gg&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-EubzSLBTNHxoZqOY-6YS9CULv0Oc81-Pv2U0Gg&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
date: Fri, 20 May 2022 16:23:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 cksync.php
contextual.media.net/ Frame BAB2 45 B
785 B 228ms
31ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-rWNX17BTNHxoZqOY-6YS9CULv0NQjYS5eDYI4A

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Fri, 20 May 2022 16:23:23 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Fri, 20 May 2022 16:23:23 GMT

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame BAB2
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-g4oJ_rBTNHxoZqOY-6YS9CULv0OVvGJ7Akc99A
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-g4oJ_rBTNHxoZqOY-6YS9CULv0OVvGJ7Akc99A&C=1

43 B
1 KB

13ms
11ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-g4oJ_rBTNHxoZqOY-6YS9CULv0OVvGJ7Akc99A&C=1
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 May 2022 16:23:23 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 May 2022 16:23:23 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 May 2022 16:23:23 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-g4oJ_rBTNHxoZqOY-6YS9CULv0OVvGJ7Akc99A&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 296
Expires: Fri, 20 May 2022 16:23:23 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame BAB2
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-cb1m_7BTNHxoZqOY-6YS9CULv0NP58b-FWPJxw&expires=30&user_group=5
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-cb1m_7BTNHxoZqOY-6YS9CULv0NP58b-FWPJxw&expires=30&user_group=5

43 B
495 B

10ms
10ms

Image
image/gif

18.185.246.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-cb1m_7BTNHxoZqOY-6YS9CULv0NP58b-FWPJxw&expires=30&user_group=5
Protocol: HTTP/1.1
Server: 18.185.246.45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-246-45.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 16:23:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-cb1m_7BTNHxoZqOY-6YS9CULv0NP58b-FWPJxw&expires=30&user_group=5
Date: Fri, 20 May 2022 16:23:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame BAB2 35 B
336 B 206ms
34ms Image
image/gif 34.255.141.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-aivA2rBTNHxoZqOY-6YS9CULv0M5EI9P9tYRgQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.141.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-141-199.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:23 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

GET
H2 200 um
criteo-sync.teads.tv/ Frame BAB2 23 B
172 B 82ms
31ms Image
image/gif 104.89.28.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-vd02IrBTNHxoZqOY-6YS9CULv0PrK5Gmg-eVBA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-28-165.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 16:23:23 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 20 May 2022 16:23:23 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame BAB2 0
99 B 88ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-Prnn0rBTNHxoZqOY-6YS9CULv0OtE4FD-NLeOw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:23 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13766

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame BAB2 43 B
163 B 79ms
17ms Image
image/gif 185.86.139.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-frmeVbBTNHxoZqOY-6YS9CULv0PqjKI1uUqO9Q
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:23 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 v1
match.sharethrough.com/sync/ Frame BAB2 68 B
262 B 70ms
8ms Image
image/png 18.193.24.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-GgOw3LBTNHxoZqOY-6YS9CULv0NVlzAYXTuSCQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.24.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-24-254.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:23 GMT
content-length: 68
content-type: image/png

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame BAB2
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-eNhFSLBTNHxoZqOY-6YS9CULv0P7BTJ_HB7WqA
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-eNhFSLBTNHxoZqOY-6YS9CULv0P7BTJ_HB7WqA

43 B
446 B

30ms
29ms

Image
image/gif

54.171.56.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-eNhFSLBTNHxoZqOY-6YS9CULv0P7BTJ_HB7WqA
Protocol: H2
Server: 54.171.56.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-56-144.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 20 May 2022 16:23:24 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-eNhFSLBTNHxoZqOY-6YS9CULv0P7BTJ_HB7WqA
date: Fri, 20 May 2022 16:23:24 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame BAB2
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-S9YhH7BTNHxoZqOY-6YS9CULv0O6UZQDB6h6Nw
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-S9YhH7BTNHxoZqOY-6YS9CULv0O6UZQDB6h6Nw&_li_chk=true&previous_uuid=a7f7c18a20b842cab04662bd84db1793
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-S9YhH7BTNHxoZqOY-6YS9CULv0O6UZQDB6h6Nw

43 B
419 B

360ms
122ms

Image
image/gif

2600:1f18:444a:4680:8e84:2ba7:9e48:8cf5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-S9YhH7BTNHxoZqOY-6YS9CULv0O6UZQDB6h6Nw

Protocol

HTTP/1.1

Server

2600:1f18:444a:4680:8e84:2ba7:9e48:8cf5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 16:23:24 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-S9YhH7BTNHxoZqOY-6YS9CULv0O6UZQDB6h6Nw
Date: Fri, 20 May 2022 16:23:24 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame BAB2 43 B
427 B 333ms
101ms Image
image/gif 18.235.197.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-yNab5LBTNHxoZqOY-6YS9CULv0MbKQryAf6ZCw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.197.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-197-108.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 16:23:24 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame BAB2 43 B
183 B 368ms
113ms Image
image/gif 2600:1f18:612b:4216:1045:b1b6:a84f:9c3b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-cG3pj7BTNHxoZqOY-6YS9CULv0N2Witn-wUOlQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:1045:b1b6:a84f:9c3b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:24 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H/1.1

200
OK

empty.gif
cdn.stickyadstv.com/one-shot/ Frame BAB2
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-IPzAfLBTNHxoZqOY-6YS9CULv0MFhBGKlV0Kmw&redirectId=69
https://cdn.stickyadstv.com/one-shot/empty.gif?

43 B
438 B

136ms
26ms

Image
image/gif

2001:4de0:ac19::1:b:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.stickyadstv.com/one-shot/empty.gif?
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Fri, 20 May 2022 16:23:24 GMT
Last-Modified: Thu, 28 Feb 2013 15:45:35 GMT
ETag: "1362066335"
X-HW: 1653063804.dop154.am5.t,1653063804.cds215.am5.shn,1653063804.cds215.am5.c
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 43

Redirect headers

Pragma: no-cache
Date: Fri, 20 May 2022 16:23:24 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1653063803962098-426
Expires: Fri, 20 May 2022 16:23:24 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame BAB2 40 B
40 B 35ms
9ms Image
text/html 3.124.27.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-uL7fP7BTNHxoZqOY-6YS9CULv0PK1o3PB_L5aQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.27.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-27-94.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:24 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.de.NP3FQrj1HiI.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.... Frame C023 29 KB
12 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.de.NP3FQrj1HiI.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.f07nSMCSmwY.L.B1.O/am=D4A/d=1/exm=IZT63,LEikZe,MpJwZc,NwH0H,PrPYRd,UUJqVe,_b,_tp,byfTOb,gychg,hc6Ubd,lsjVmc,n73qwf,pBXhlf,vfuNJf,ws9Tlc,xUdipf/excm=_b,_tp,emptyview/esmo=1/ed=1/wt=2/rs=AC8lLkT0e1enSgbBQs-rNVobGVi9h2YUlg/ee=nAFL3:NTMZac;oGtAuc:sOXFj;iFQyKf:vfuNJf;cEt90b:ws9Tlc;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.de.NP3FQrj1HiI.es5.O/am=D4A/d=1/excm=_b,_tp,emptyview/ed=1/dg=0/wt=2/esmo=1/rs=AC8lLkSmAB-i4N7c_y7rD1aaUi4Kd0Og5g/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87d6c1ed8e13513839888dd2c15cac57a89494eb284681f248156f1944d5eaf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 15:42:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12103
x-xss-protection: 0
last-modified: Fri, 20 May 2022 03:09:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 15:42:46 GMT

GET
H3 200 m=lwddkf,EFQ78c Show response
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.de.NP3FQrj1HiI.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.... Frame C023 5 KB
2 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.de.NP3FQrj1HiI.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.f07nSMCSmwY.L.B1.O/am=D4A/d=1/exm=FCpbqb,IZT63,LEikZe,MpJwZc,NwH0H,PrPYRd,UUJqVe,WhJNk,Wt6vjf,_b,_tp,byfTOb,gychg,hc6Ubd,hhhU8,lsjVmc,n73qwf,pBXhlf,vfuNJf,ws9Tlc,xUdipf/excm=_b,_tp,emptyview/esmo=1/ed=1/wt=2/rs=AC8lLkT0e1enSgbBQs-rNVobGVi9h2YUlg/ee=nAFL3:NTMZac;oGtAuc:sOXFj;iFQyKf:vfuNJf;cEt90b:ws9Tlc;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;SNUn3:ZwDk9d/m=lwddkf,EFQ78c

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.de.NP3FQrj1HiI.es5.O/am=D4A/d=1/excm=_b,_tp,emptyview/ed=1/dg=0/wt=2/esmo=1/rs=AC8lLkSmAB-i4N7c_y7rD1aaUi4Kd0Og5g/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f8af4863bdf6c656e5331b5827ec809e347271470cda37f721ea0fb31282e94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 15:42:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2210
x-xss-protection: 0
last-modified: Fri, 20 May 2022 03:09:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 May 2023 15:42:46 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 165ms
75ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53PFC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

0a9adccc17d9e34e3971bce91e3723f1fef884844fed6e6e10085e19745faef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14849
x-xss-protection: 0
server: cafe
etag: 10272469744856839321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 20 May 2022 16:23:24 GMT

GET
H3 200 api.js Show response
apis.google.com/js/ Frame C023 14 KB
5 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.de.NP3FQrj1HiI.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.f07nSMCSmwY.L.B1.O/am=D4A/d=1/exm=_b,_tp/excm=_b,_tp,emptyview/esmo=1/ed=1/wt=2/rs=AC8lLkT0e1enSgbBQs-rNVobGVi9h2YUlg/ee=nAFL3:NTMZac;oGtAuc:sOXFj;iFQyKf:vfuNJf;cEt90b:ws9Tlc;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,xUdipf,n73qwf,UUJqVe,IZT63,vfuNJf,ws9Tlc,LEikZe,NwH0H,MpJwZc,PrPYRd,gychg,hc6Ubd,pBXhlf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a901d90ba255bf03338f50786eb7f56033a915131982e08ab8473e4817105adb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5541
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Fri, 20 May 2022 16:23:23 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "d9fb14b7bd505434"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 May 2022 16:23:23 GMT

POST
H2 200 log Show response
play.google.com/ Frame C023 131 B
672 B 311ms
47ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsGcrProxyUi.de.NP3FQrj1HiI.es5.O/am=D4A/d=1/excm=_b,_tp,emptyview/ed=1/dg=0/wt=2/esmo=1/rs=AC8lLkSmAB-i4N7c_y7rD1aaUi4Kd0Og5g/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 20 May 2022 16:23:23 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://www.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 20 May 2022 16:23:23 GMT

GET
H2 200 bootstrap.js Show response
wsv3cdn.audioeye.com/ 34 KB
12 KB 93ms
31ms Script
application/javascript 2606:4700::6812:184c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/bootstrap.js?d=www.officesupply.com
Requested by: Host: ws.audioeye.com
URL: https://ws.audioeye.com/ae.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:184c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4a9ce58c115532e6e912d5ec3c51f215c64e870bb5742a9a7fef7cd01be3ed0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cache-tags: www.officesupply.com
date: Fri, 20 May 2022 16:23:24 GMT
content-encoding: gzip
surrogate-keys: www.officesupply.com
cf-cache-status: HIT
server: cloudflare
age: 20
etag: "e257beac6291955f7a3e84cbd4b2b634"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=120
cf-ray: 70e66aa75b149036-FRA

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/ Frame C023 94 KB
31 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c1169af4b9684be9983d9d7241121c48f8b2674bcd814a763d63fe0fe58dac3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 23:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 147130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31499
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 15:20:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 May 2023 23:31:13 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame BAB2
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8946835252365372708

43 B
370 B

16ms
16ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8946835252365372708

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 16:23:23 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1591533
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 May 2022 16:23:24 GMT
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5070b5e5-c8f2-4d5f-9022-0a832a0a4070
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8946835252365372708
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 platform.js Show response
apis.google.com/js/ 52 KB
20 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da1240738eef80e8630a5749b9258e33d7669859ba8a5ed1da81978092ed03af

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20361
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Fri, 20 May 2022 16:23:23 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "2cdff035295781be"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 May 2022 16:23:23 GMT

GET
H2 200 loader.js Show response
wsv3cdn.audioeye.com/v2/scripts/ 54 KB
15 KB 54ms
24ms Script
text/javascript 2606:4700::6812:184c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/scripts/loader.js?h=49ca108a0bd55183bae2bd3c6e3b6178&lang=en-US&cb=0847a7d
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?d=www.officesupply.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:184c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29fc344de3545f8ae5b1f5d8642f5d1c5ff86fac087b49e584e8abfb3e8be598

Request headers

Referer: https://www.officesupply.com/
Origin: https://www.officesupply.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:24 GMT
content-encoding: gzip
surrogate-key: prod 49ca108a0bd55183bae2bd3c6e3b6178 0847a7d
last-modified: Wed, 11 May 2022 21:23:21 GMT
server: cloudflare
age: 270
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60, s-maxage=7200, max-stale=86400, stale-while-revalidate=86400, public
accept-ranges: bytes
cf-ray: 70e66aa7cf649b7c-FRA
cf-cache-status: HIT
content-length: 14943

GET
H2 200 jquery.bundle.0847a7d.js Show response
wsv3cdn.audioeye.com/v2/build/ 95 KB
33 KB 35ms
34ms Script
application/javascript 2606:4700::6812:184c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/jquery.bundle.0847a7d.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?d=www.officesupply.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:184c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1086edb1971e90e70951e9216a94547b729c16914570a8d7d578de7704d7992d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 19:17:01 GMT
server: cloudflare
age: 3117
etag: "17bf6-5ded567049761-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 70e66aa79b8a9036-FRA
content-length: 33587

GET
H2 200 startup.bundle.0847a7d.js Show response
wsv3cdn.audioeye.com/v2/build/ 332 KB
86 KB 21ms
20ms Script
application/javascript 2606:4700::6812:184c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.0847a7d.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/bootstrap.js?d=www.officesupply.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:184c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c3e59fdfc2096153a558d9f496d7e0268a4fe1d96c4fbc39491a7df1a454dad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 19:17:01 GMT
server: cloudflare
age: 3461
etag: "52ea5-5ded5670487c1-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 70e66aa79b8b9036-FRA

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1057436707/ 2 KB
2 KB 148ms
59ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1057436707/?random=1653063804149&cv=9&fst=1653063804149&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5b0&sendb=1&ig=1&data=ecomm_pagetype%3Dother&frm=0&url=https%3A%2F%2Fwww.officesupply.com%2Fsignin&tiba=Sign%20In%20%7C%20OfficeSupply.com&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d153c45712a6f048a327b12fc1f0b8bf10b9f135beec5bc8e0b6f41dc3ff50c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 16:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1043
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1753757218229066&ev=Microdata&dl=https%3A%2F%2Fwww.officesupply.com%2Fsignin&rl=&if=false&ts=1653063804229&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sign%20In%20%7C%20OfficeSupply.com%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.60&r=stable&ec=1&o=30&fbp=fb.1.1653063802724.516660259&it=1653063802662&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 20 May 2022 16:23:24 GMT

GET
H2 200 smartrems.bundle.0847a7d.js Show response
wsv3cdn.audioeye.com/v2/build/ 128 KB
38 KB 26ms
26ms Script
application/javascript 2606:4700::6812:184c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/smartrems.bundle.0847a7d.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.0847a7d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:184c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab581bde2408a53d78f650eddc2ba7e885916a36ac89275efaac1b307b297e87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 19:17:01 GMT
server: cloudflare
age: 2901
etag: "1ff15-5ded56704c640-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 70e66aa8ad429036-FRA
content-length: 39294

GET
H3 200 /
www.google.com/pagead/1p-user-list/1057436707/ 42 B
70 B 50ms
50ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1057436707/?random=1653063804149&cv=9&fst=1653062400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5b0&sendb=1&data=ecomm_pagetype%3Dother&frm=0&url=https%3A%2F%2Fwww.officesupply.com%2Fsignin&tiba=Sign%20In%20%7C%20OfficeSupply.com&async=1&fmt=3&is_vtc=1&random=876821770&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 16:23:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1057436707/ 42 B
64 B 135ms
51ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1057436707/?random=1653063804149&cv=9&fst=1653062400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg5b0&sendb=1&data=ecomm_pagetype%3Dother&frm=0&url=https%3A%2F%2Fwww.officesupply.com%2Fsignin&tiba=Sign%20In%20%7C%20OfficeSupply.com&async=1&fmt=3&is_vtc=1&random=876821770&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 16:23:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookieStorage.html Show response
wsv3cdn.audioeye.com/v2/frame/ Frame 7DF8 1 KB
756 B 21ms
21ms Document
text/html 2606:4700::6812:184c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/frame/cookieStorage.html?build=prod/m&pscb=
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.0847a7d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:184c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fc432edf7cd8a6df1278ad9efa2b4be36077b90a0bfaea968ab7f105ed0e22

Request headers

Referer: https://www.officesupply.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2178788
cache-control: public, max-age=365000000, immutable
cf-cache-status: HIT
cf-ray: 70e66aa94e2d9036-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 20 May 2022 16:23:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Thu, 14 Apr 2022 23:59:27 GMT
server: cloudflare
vary: Accept-Encoding

POST
H2 200 send
analytics.audioeye.com/air/v0/ 44 B
403 B 541ms
453ms Ping
application/json 108.157.4.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.audioeye.com/air/v0/send
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.0847a7d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-42.dus51.r.cloudfront.net
Software: /
Resource Hash: 264a9a3fa2fe11c43ece039b85e14387bd5a7a2b2275cc927ad4a4691d9c1986

Request headers

Referer: https://www.officesupply.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 20 May 2022 16:23:24 GMT
via: 1.1 0247123ccdc6a2a86167d7f4de30885a.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amzn-requestid: 034c5b5d-dd78-46aa-83de-30f0a490385b
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6287c07c-355a5df02984332500e35beb
x-amz-apigw-id: SbsDiEsNPHcFx_w=
content-length: 44
x-amz-cf-id: mO09PsFkAM4oPLsBQcwQJe0vcf3nurZFX7G7GVK-RCaXsNz47yZCGg==

GET
H2 200 aggregate.css
wsv3cdn.audioeye.com/v2/css/ 120 KB
24 KB 26ms
26ms Stylesheet
text/css 2606:4700::6812:184c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/css/aggregate.css?files=default|core|ae-firsttime|activity-panel|toolbar|site-menu|rotor|user-settings|help|helpdesk|certification|player|voice&cb=0847a7d
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/jquery.bundle.0847a7d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:184c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3624936b7db438a698fef5abb1e9ebc1666e74e383346561fe41674e6a4c5f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 20 May 2022 14:58:20 GMT
server: cloudflare
age: 19
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
accept-ranges: bytes
cf-ray: 70e66aa95e3d9036-FRA
content-length: 24786

POST
H2 204 collect Show response
www.clarity.ms/eus-f/ 0
135 B 127ms
127ms XHR
text/plain 2620:1ec:27::cafe:1774
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-f/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-f/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1774 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.officesupply.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://www.officesupply.com
date: Fri, 20 May 2022 16:23:23 GMT
access-control-allow-credentials: true
x-powered-by: ASP.NET
x-azure-ref: 0fMCHYgAAAABLh14cG0EhRIZvzTjOMt0wTElTMDFFREdFMDUxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H2 200 launcher.bundle.0847a7d.js Show response
wsv3cdn.audioeye.com/v2/build/ 58 KB
17 KB 20ms
20ms Script
application/javascript 2606:4700::6812:184c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/launcher.bundle.0847a7d.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.0847a7d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:184c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4e72f09172b50799d2ecd976af929f80e2ba6dd20a954ca63c34129197ef55f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 19:16:04 GMT
server: cloudflare
age: 4764
etag: "e9d5-5ded5639ea940-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 70e66abc0c729036-FRA
content-length: 17098

GET
H2 200 compliance.bundle.0847a7d.js Show response
wsv3cdn.audioeye.com/v2/build/ 64 KB
18 KB 22ms
22ms Script
application/javascript 2606:4700::6812:184c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wsv3cdn.audioeye.com/v2/build/compliance.bundle.0847a7d.js
Requested by: Host: wsv3cdn.audioeye.com
URL: https://wsv3cdn.audioeye.com/v2/build/startup.bundle.0847a7d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:184c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4717bd1c8109a606e92ad72ffeadf3d3880229359adb403ff0d0e58a928b969

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 16:23:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 May 2022 19:17:01 GMT
server: cloudflare
age: 4832
etag: "101eb-5ded56704e580-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 70e66abc0c749036-FRA
content-length: 17931

GET
H3 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v22/ 14 KB
14 KB 118ms
40ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wsv3cdn.audioeye.com/
Origin: https://www.officesupply.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 19:31:47 GMT
x-content-type-options: nosniff
age: 161500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13976
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:07 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 18 May 2023 19:31:47 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 46ms
46ms Ping
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-SES3NZRWEL&gtm=2oe5b0&_p=4678157&_z=ccd.tbB&cid=1752644291.1653063802&ul=en-us&sr=1600x1200&_s=2&sid=1653063802&sct=1&seg=0&dl=https%3A%2F%2Fwww.officesupply.com%2Fsignin&dt=Sign%20In%20%7C%20OfficeSupply.com&en=scroll&_et=5&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SES3NZRWEL&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.officesupply.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 May 2022 16:23:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.officesupply.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

81 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.at1.listrakbi.com/activity/a8LiLKPVympc	1970-01-20 03:11:07	Name: _vuid Value: 97615964-8b52-44f9-b9ab-74713cbb959f
.listrakbi.com/a8LiLKPVympc	1970-01-23 18:51:23	Name: gsid Value: GzfED4qiTtasYT2KFRTKZ1KXQu%2fys%2bmwj5weo%2bD4cy9pGRjK6zBepuJZtI5j5%2fYRMyZhNs0NIck%3d
.listrakbi.com/a8LiLKPVympc	1970-01-20 11:56:39	Name: scasid Value: 53c90976-21a7-4313-a814-9cc1df958753
www.google.com/recaptcha	1970-01-20 07:30:15	Name: _GRECAPTCHA Value: 09ACqW7wLTm5OCaQx1RUw2ZTjzq0VDSi0gjDyTB_iGuAUdDWMIOfMf8EWwvJThuXzcxbq5MiAr-Jwu9HQ0b5BSNcQ
i.liadm.com/s	1970-01-20 03:54:15	Name: _li_ss Value: MgkI_____wcQqhI
.www.officesupply.com/	1970-01-20 03:11:47	Name: OfficeSupply Value: 7gf81vlb3c3g29jbdns3576qk4
.www.officesupply.com/	1970-01-20 11:56:39	Name: os_trk Value: lIyQqZJzzlHiBpMEQPxOB7A5
.officesupply.com/	1970-01-20 03:12:30	Name: _gid Value: GA1.2.1851274665.1653063802
.criteo.com/	1970-01-20 12:32:39	Name: uid Value: f5be27d3-9c26-4f8a-ba1b-b3a65be6f1d8
.officesupply.com/	1970-01-20 05:20:39	Name: _gcl_au Value: 1.1.312024068.1653063803
.officesupply.com/	1970-01-20 03:11:03	Name: _dc_gtm_UA-61344900-1 Value: 1
.officesupply.com/	1970-01-20 12:40:27	Name: cto_bundle Value: NOqm-19rY1lHZVVQaCUyRnZrcms4RndXSnNUMU8lMkJSZkVXS05hcld5NXBwalZGVDVqUGgxUzlab2wwallyQldobWdSOFpWa1lndFFRSnZobmNSR3lXUEc4aCUyQkNUMFdtU3piMElRZWdrcWc3SEJhNzYwSUFZQjRHSHRZMEFvNUolMkZDdUl4Rlc2Sk42VUdzUFd3WGpWU1ROT25QU1FFTVlxZ1pWbG5kckMzZnhVYjF3VHUyWSUzRA
.officesupply.com/	1969-12-31 23:59:59	Name: ltkpopup-session-depth Value: 1-2
.bing.com/	1970-01-20 12:32:39	Name: MUID Value: 0302CD7601B065E71ABADCDC00DB64D9
.officesupply.com/	1970-01-20 03:12:30	Name: _uetsid Value: 2b0340d0d85911ecb82e531b96f2ef9b
.officesupply.com/	1970-01-20 12:32:39	Name: _uetvid Value: 2b037940d85911ecb38b678920197cff
.officesupply.com/	1970-01-20 05:20:39	Name: _fbp Value: fb.1.1653063802724.516660259
.officesupply.com/	1970-01-20 20:42:15	Name: _ga_SES3NZRWEL Value: GS1.1.1653063802.1.0.1653063802.0
.officesupply.com/	1970-01-20 20:42:15	Name: _ga Value: GA1.1.1752644291.1653063802
s1.listrakbi.com/	1970-01-20 03:21:08	Name: AWSALBCORS Value: YaCV0bh7Jwu1j1WULnwVuIwHXAu8ZApVqAD+R6HD53gOkWjbt9fy3WjMHpi2lYBVDMQWlFlyTZPJRzscwI8sb4FugUkc0+pOIvzPz2AkLjW3wCA6s5B85Qqq/Psd
.listrakbi.com/	1970-01-20 05:20:39	Name: usid Value: b0dd307cb59749beb07fdcc00984b554
.officesupply.com/	1970-01-23 18:51:23	Name: GSIDa8LiLKPVympc Value: 28b783c8-0599-4802-86ec-196cf7f10148
.officesupply.com/	1970-01-20 11:56:39	Name: STSID574255 Value: 53c90976-21a7-4313-a814-9cc1df958753
.officesupply.com/	1969-12-31 23:59:59	Name: ltkSubscriber-Checkout Value: eyJsdGtUcmlnZ2VyIjoiY2hlY2tvdXQiLCJsdGtTYXZlZCI6dHJ1ZX0%3D
www.clarity.ms/	1970-01-20 11:56:39	Name: CLID Value: 4b38bdd8a19e480282af16a9511880a5.20220520.20230520
www.officesupply.com/	1970-01-20 03:11:07	Name: _vuid Value: 97615964-8b52-44f9-b9ab-74713cbb959f
at1.listrakbi.com/	1970-01-20 03:21:08	Name: AWSALBCORS Value: kXHibN2nE371Hq5ULd2s758VnDjgqpQl7BjUf9hty1mkx+0OU581G7OXUhJfY2SYnguB9ARSAWEnwYcsNz/cUvNuDyA7HVrsFzh2YCASSw4ZJhFMMwuhmPwT1oU/
.officesupply.com/	1970-01-20 11:56:39	Name: _clck Value: gebqxa\|1\|f1m\|0
.analytics.yahoo.com/	1970-01-20 11:56:39	Name: IDSYNC Value: 18zh~24zs
.officesupply.com/	1970-01-20 03:12:30	Name: _clsk Value: 1uoxr2x\|1653063803633\|1\|1\|www.clarity.ms/eus-f/collect
.rlcdn.com/	1970-01-20 11:56:39	Name: rlas3 Value: THRpOAZlVldrAg+Fll1oC7s20Ozv4sK6RQ1yaLYzsZY=
.rlcdn.com/	1970-01-20 04:37:27	Name: pxrc Value: CAA=
.c.bing.com/	1970-01-20 12:32:39	Name: SRM_B Value: 0302CD7601B065E71ABADCDC00DB64D9
.yahoo.com/	1970-01-20 11:57:01	Name: A3 Value: d=AQABBHvAh2ICEOsIpDN0eGpJD5jT4-rPsFQFEgEBAQERiWKRYgAAAAAA_eMAAA&S=AQAAAldNsWjE43R9UVfi9o1KGcI
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 12:32:39	Name: MUID Value: 0302CD7601B065E71ABADCDC00DB64D9
.c.clarity.ms/	1970-01-20 03:11:04	Name: ANONCHK Value: 0
.doubleclick.net/	1970-01-20 12:32:39	Name: IDE Value: AHWqTUkuMkmJntlgYlRiy2cXuGGbKTyoHcLU7l9lNv6FLIvgIsW0a3CFdP_TJXayOz8
.3lift.com/	1970-01-20 05:20:39	Name: tluid Value: 1895215795283735879603
.bidswitch.net/	1970-01-20 11:56:39	Name: tuuid Value: ae6fb99e-f8a3-46d0-9073-c3e1f1a6078b
.bidswitch.net/	1970-01-20 11:56:39	Name: c Value: 1653063803
.bidswitch.net/	1970-01-20 11:56:39	Name: tuuid_lu Value: 1653063803
.casalemedia.com/	1970-01-20 11:56:39	Name: CMID Value: YofAexdGnFe10nSUmss0DQAA
.casalemedia.com/	1970-01-20 05:20:39	Name: CMPS Value: 3269
.pubmatic.com/	1970-01-20 03:54:15	Name: KRTBCOOKIE_97 Value: 3385-uid:k-Ep0g9LBTNHxoZqOY-6YS9CULv0NWRRd4uqNfjQ&KRTB&23144-uid:k-Ep0g9LBTNHxoZqOY-6YS9CULv0NWRRd4uqNfjQ&KRTB&23286-uid:k-Ep0g9LBTNHxoZqOY-6YS9CULv0NWRRd4uqNfjQ&KRTB&23287-uid:k-Ep0g9LBTNHxoZqOY-6YS9CULv0NWRRd4uqNfjQ
.pubmatic.com/	1970-01-20 03:54:15	Name: PugT Value: 1653063803
.adnxs.com/	1970-01-20 05:20:39	Name: uuid2 Value: 8946835252365372708
.media.net/	1970-01-20 11:56:39	Name: visitor-id Value: 2960654038397260000V10
.media.net/	1970-01-20 03:54:15	Name: data-c-ts Value: 1653063803
.media.net/	1970-01-20 03:54:15	Name: data-c Value: k-rWNX17BTNHxoZqOY-6YS9CULv0NQjYS5eDYI4A~~3
.casalemedia.com/	1970-01-20 05:20:39	Name: CMPRO Value: 1218
.casalemedia.com/	1970-01-20 11:56:39	Name: CMRUM3 Value: 146287c07b2760k-g4oJ_rBTNHxoZqOY-6YS9CULv0OVvGJ7Akc99A
.casalemedia.com/	1970-01-20 03:12:30	Name: CMST Value: YofAe2KHwHsA
.revcontent.com/	1970-02-07 09:11:03	Name: __ID Value: d2ee6b43059d449fac60d2a87570277f
.revcontent.com/	1970-01-20 03:54:15	Name: v1_151 Value: 1
.sharethrough.com/	1970-01-20 03:54:15	Name: stx_user_id Value: 39c2c6b1-512d-4105-a587-f8986994d377
exchange.mediavine.com/	1970-01-20 03:31:13	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%222bca9b30-d859-11ec-8961-2924c0473ebe%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 03:31:13	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%222bca9b30-d859-11ec-8961-2924c0473ebe%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 03:31:13	Name: criteo Value: %7B%22id%22%3A%22k-uL7fP7BTNHxoZqOY-6YS9CULv0PK1o3PB_L5aQ%22%2C%22version%22%3A%22criteo%22%7D
.adnxs.com/	1970-01-20 05:20:39	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2ImTIWm-I!A#F(.TSyx/AFZ3=0`_Q.xA2AjEo$ZhdH`O[rIy1k1<b3iU/lXgjTpWflbaagPg2tY3U[$dzx#(j#iP(Md+>)fyb7?sW0
.360yield.com/	1970-01-20 05:20:39	Name: tuuid Value: 2bdfa53f-6504-47e7-b18f-6a0a6ffdd64c
.360yield.com/	1970-01-20 05:20:39	Name: tuuid_lu Value: 1653063804
.addthis.com/	1970-01-20 12:32:39	Name: ouid Value: 6287c07b00018bf32eac0781efc8aafe61dab1724e3a545e8d79
.addthis.com/	1970-01-20 12:32:39	Name: uid Value: 6287c07bc7b8d671
.addthis.com/	1970-01-20 12:32:39	Name: na_id Value: 2022052016232397600013025167
.outbrain.com/	1970-01-20 05:20:39	Name: obuid Value: 58a2f65d-1f91-40c7-8c83-0fa0b4cdc111
.outbrain.com/	1970-01-20 03:39:51	Name: criteo Value: k-lfJh1bBTNHxoZqOY-6YS9CULv0OKXxflS2kWOQ
.360yield.com/	1970-01-20 05:20:39	Name: um Value: !38,5AdSLEYy24-McVtx47rmlCMFXFPSJfb5AjBnV3H7W2..A61oNYKHU1kTotyzroNRD3mb7jAz,1660839804
.360yield.com/	1970-01-20 05:20:39	Name: umeh Value: !38,0,1715271804,-1
ads.stickyadstv.com/	1970-01-20 03:54:15	Name: UID Value: af754fd36366bf58604733e62a8ba078
ads.stickyadstv.com/	1970-01-20 03:54:15	Name: uid-bp-11554 Value: k-IPzAfLBTNHxoZqOY-6YS9CULv0MFhBGKlV0Kmw
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: fdef83624b162cb8f12295632c2e355
.postrelease.com/	1970-01-20 11:56:39	Name: opt_out Value: 1
.liadm.com/	1970-01-20 20:42:15	Name: lidid Value: a7f7c18a-20b8-42ca-b046-62bd84db1793
www.officesupply.com/	1970-01-20 11:56:39	Name: _aeaid Value: 3948e40d-5fd4-475c-a51b-ea28e4652d3f
www.officesupply.com/	1970-01-21 03:11:03	Name: aelastsite Value: t8Hyu%2FYa%2FhCzrZ665xFj75km3gUUQFwA2BfMCYYXsYsIG99zUK7FM5UEMtluah8x
www.officesupply.com/	1969-12-31 23:59:59	Name: aelreadersettings Value: %7B%22c_big%22%3A0%2C%22rg%22%3A0%2C%22memph%22%3A0%2C%22contrast_setting%22%3A0%2C%22colorshift_setting%22%3A0%2C%22text_size_setting%22%3A0%2C%22space_setting%22%3A0%2C%22font_setting%22%3A0%2C%22k%22%3A0%2C%22k_disable_default%22%3A0%2C%22hlt%22%3A0%2C%22disable_animations%22%3A0%2C%22display_alt_desc%22%3A0%7D
wsv3cdn.audioeye.com/	1970-01-21 03:11:03	Name: aelastsite Value: t8Hyu%2FYa%2FhCzrZ665xFj75km3gUUQFwA2BfMCYYXsYsIG99zUK7FM5UEMtluah8x
wsv3cdn.audioeye.com/	1969-12-31 23:59:59	Name: aelreadersettings Value: %7B%22c_big%22%3A0%2C%22rg%22%3A0%2C%22memph%22%3A0%2C%22contrast_setting%22%3A0%2C%22colorshift_setting%22%3A0%2C%22text_size_setting%22%3A0%2C%22space_setting%22%3A0%2C%22font_setting%22%3A0%2C%22k%22%3A0%2C%22k_disable_default%22%3A0%2C%22hlt%22%3A0%2C%22disable_animations%22%3A0%2C%22display_alt_desc%22%3A0%7D
www.officesupply.com/	1969-12-31 23:59:59	Name: aeatstartmessage Value: true
wsv3cdn.audioeye.com/	1969-12-31 23:59:59	Name: aeatstartmessage Value: true

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://static.criteo.net/js/ld/ld.js?a=15983 Message: Unrecognized feature: 'attribution-reporting'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://www.google.com/_/VerifiedReviewsGcrProxyUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ads.stickyadstv.com
ads.yahoo.com
analytics.audioeye.com
apis.google.com
at1.listrakbi.com
bat.bing.com
c.aaxads.com
c.bing.com
c.clarity.ms
cdn.listrakbi.com
cdn.stickyadstv.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
cw.addthis.com
de2wfhoo6xqi5.cloudfront.net
dis.criteo.com
eb2.3lift.com
exchange.mediavine.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
idsync.rlcdn.com
jadserve.postrelease.com
mail.officesupply.com
match.sharethrough.com
mug.criteo.com
partner.mediawallahscript.com
pixel.rubiconproject.com
play.google.com
r.casalemedia.com
rtb-csync.smartadserver.com
s1.listrakbi.com
secure.adnxs.com
services.listrak.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync.outbrain.com
trends.revcontent.com
ups.analytics.yahoo.com
widget.us.criteo.com
ws.audioeye.com
wsv3cdn.audioeye.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googlecommerce.com
www.googletagmanager.com
www.gstatic.com
www.officesupply.com
x.bidswitch.net
100.26.82.144
104.18.12.251
104.18.29.128
104.18.7.244
104.75.88.126
104.79.89.79
104.89.28.165
108.157.4.42
13.248.245.213
141.226.228.48
172.217.16.130
178.250.0.163
178.250.2.146
178.250.2.151
18.156.0.31
18.185.246.45
18.193.24.254
18.235.197.108
18.66.130.11
185.33.220.244
185.64.190.80
185.86.139.114
2001:4de0:ac19::1:b:1b
212.82.100.181
216.58.212.130
23.205.241.117
23.35.228.23
23.35.236.247
2600:1f18:444a:4680:8e84:2ba7:9e48:8cf5
2600:1f18:612b:4216:1045:b1b6:a84f:9c3b
2600:9000:2315:b800:e:32fa:9b40:21
2606:4700::6812:184c
2606:4700::6812:194c
2620:1ec:27::cafe:1774
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:809::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2004
2a00:1450:4001:812::2003
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2003
2a00:1450:4001:828::200e
2a00:1450:4001:830::200e
2a00:1450:400c:c0c::9d
2a02:2638:1::13
2a02:2638:1::3
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.124.27.94
3.248.113.119
34.200.203.167
34.255.141.199
35.244.174.68
37.252.172.38
52.142.114.2
54.171.56.144
64.202.112.255
69.173.144.139
74.119.119.150
0722e77458fcedadb2b7596ee392d9cedf6e69d241d325798759adc50c5599c6
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
0a9adccc17d9e34e3971bce91e3723f1fef884844fed6e6e10085e19745faef5
0c1169af4b9684be9983d9d7241121c48f8b2674bcd814a763d63fe0fe58dac3
0d153c45712a6f048a327b12fc1f0b8bf10b9f135beec5bc8e0b6f41dc3ff50c
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f19ee76c15ced040032b03ca5f2877f21f90d260cb334256d2587d4d1061990
1086edb1971e90e70951e9216a94547b729c16914570a8d7d578de7704d7992d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
183115f8b50520c0df0aca0f7000f395d60f259557423595021b713a07edb4f9
1a85a400138f1600a3e7c787a33042b7614717217f94b8bfc7ed9ae345bc9d25
1af4271fe01142700f715887cc1ce9d122ef79559a745edaada1b6b11a0af673
264a9a3fa2fe11c43ece039b85e14387bd5a7a2b2275cc927ad4a4691d9c1986
26d946546e172051ad41be8b1dac34a86f26927398cdefc7ca3328eff02bdfc2
2888d8feeed5cfa17753c01f613f57d100ac89c3897dec8b52a23c902e5f3bc9
28f7867ed82ffde54a0078cff53dd4aec1d6989a30b2899b9116e6f0c05984f0
29fc344de3545f8ae5b1f5d8642f5d1c5ff86fac087b49e584e8abfb3e8be598
2ce9c9c853000c3c9e80fa4cf16d65ff6ff9a1fdb3dba82c79f9c41811cdf4b8
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
38cbd27bc3679996b27c018cbf69b04262b1171a40721b592b0bf031fd5bc0d8
3c37cad2a67d4feb6c0adf0a055d0c4730d5f5135f7d56e2df3616baa0d198d9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40def5c03d2e65a91346f45721cb2817c0aa3d59e19609fc19b4559c8cedc8aa
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
49c21e6847103314bd37d4f05aa442bb41514c759a0cf6fb80d216c4cc6002b0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5125b7c106e5757fc6a1cdc94b1a5f8280e1192bbe66bf563d605b278804ee94
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c3e59fdfc2096153a558d9f496d7e0268a4fe1d96c4fbc39491a7df1a454dad
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
667fce7aa7cd4f9311b75e0e9c31d515e516f8ab025b6811b3ffdedbd9040881
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae1eb794794fea69fd083cd91547040ec2e1b2a395bec224d42c94ee251b96d
6f8af4863bdf6c656e5331b5827ec809e347271470cda37f721ea0fb31282e94
7f333e9e85165b4da2f90e56b94daca7e9adc407b9990be01c263c95283f8d11
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
87d6c1ed8e13513839888dd2c15cac57a89494eb284681f248156f1944d5eaf1
88b6217765b79f9dca0b1567ae3f8953394f12d6a9972bd28cc06042f3eca05e
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c5f1e0aa84a834161c427f9f03234f8126b845a6ee939bf9ff9c65429e29f81
8e612b9a5fd017401b64dec55f175c781047c1f72d660fa64daa9102f29c62bf
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9e56bd6105d6e24d804d3db97049f580c26390f475a87f7535e066bdc815b2f2
a032484668d7579488d1120c0ae6421c4448e26f37c29d324d5309bd5fa82eac
a05b229b0a88ef36999aa13dd65a51544aaf9ec884ca19ad149232f832c41654
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3624936b7db438a698fef5abb1e9ebc1666e74e383346561fe41674e6a4c5f2
a488c39840c458b859be71815e9e9834c48d2e48b7b39970fbf9491a7cbd46c4
a4a9ce58c115532e6e912d5ec3c51f215c64e870bb5742a9a7fef7cd01be3ed0
a5c197e51fc1575345fc47e63b5c5e959d4edb66937a9ea5c6e352444e7669eb
a901d90ba255bf03338f50786eb7f56033a915131982e08ab8473e4817105adb
aa723a0a7dd37a18d00e674a466352bdc3bb5ce2839e3daf9224bdc448bcee08
ab581bde2408a53d78f650eddc2ba7e885916a36ac89275efaac1b307b297e87
acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1
ad77d28336f042beb272bd43a30bac849ae510d62d52614d032b54e86f342884
ae9ce6a9919db143c6175f962b2be4c02a013239f2fb4136439f846ff56d9fda
b034479c2970209cbcf8342fb1c9e6d481ee1462fcda0e863f0bf93960c1851a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb8fa5f5216fa65fb3b0cfc76de29efaf4e6ff82a281dc540fb568d4767f688e
c60542088d31d94b9c3dea25638a77b86b391135d7914e78ef3bab46b81748f4
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbd39ef3bf200d7da52ac3511e4545628b4aeddf88014a9d6cde44c519fb60ef
d0a3e0842d8894b42eede6322ff7f829b145299782262bf38755b5b96e69346d
d3e1c421b8aeb4b4855a688bbc951619a4826004776a059c649686be9203ac5a
d4717bd1c8109a606e92ad72ffeadf3d3880229359adb403ff0d0e58a928b969
d4e72f09172b50799d2ecd976af929f80e2ba6dd20a954ca63c34129197ef55f
da1240738eef80e8630a5749b9258e33d7669859ba8a5ed1da81978092ed03af
df0f1d27bfe38c27102b9a66e0af615057d36276a24ccc13a570b0df171fc6c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d7c802e27065ccb923c752b1465e15fd30ae95e021948f0ccbd151b9c1d7fc
e72ad80f3abf501a83d37acfc177f7334c7fc6d410cbfbbb951aad0bc2d8b3f8
e8fc432edf7cd8a6df1278ad9efa2b4be36077b90a0bfaea968ab7f105ed0e22
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd0c5d34e459e8199af5d95b25051222bff7c890303ae723653447aaedc07ea
f2dd4ba5708fabf238c3a4201e7261d523281c8e3cc3842af39727b689ab3799
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fe6a00b14a3258079e26fbedba64de123587ef102b09121d5c65c90441c1f625

www.officesupply.com Open in urlscan Pro 100.26.82.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

123 Requests

88 %HTTPS

39 %IPv6

43 Domains

64 Subdomains

56 IPs

8 Countries

1743 kBTransfer

4863 kBSize

81 Cookies

0 Outgoing links

Page URL History

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.officesupply.com Open in urlscan Pro
100.26.82.144 Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

88 %
HTTPS

39 %
IPv6

43
Domains

64
Subdomains

56
IPs

8
Countries

1743 kB
Transfer

4863 kB
Size

81
Cookies

123 HTTP transactions
0 data transactions