urlscan.io logo urlscan.io
SecurityTrails logo

clientarea.genesisray.com Open in urlscan Pro
2606:4700:3031::6812:2488  Public Scan

Go To Rescan Add Verdict Report
URL: https://clientarea.genesisray.com/
Submission: On May 14 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 33 HTTP transactions. The main IP is 2606:4700:3031::6812:2488, located in United States and belongs to CLOUDFLARENET, US. The main domain is clientarea.genesisray.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on May 14th 2020. Valid for: 5 months.
This is the only time clientarea.genesisray.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

24    2606:4700:3031::6812:2488 (United States)

ASN13335 (CLOUDFLARENET, US)
clientarea.genesisray.com
2    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    18.216.23.72 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-216-23-72.us-east-2.compute.amazonaws.com
genesis-ray-energy-dev.onelogin.com
3    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:400c:c0b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:3032::6812:2588 (United States)

ASN13335 (CLOUDFLARENET, US)
www.genesisray.com
Domain Requested by
24 clientarea.genesisray.com clientarea.genesisray.com
3 fonts.gstatic.com clientarea.genesisray.com
3 genesis-ray-energy-dev.onelogin.com 2 redirects clientarea.genesisray.com
2 www.google-analytics.com clientarea.genesisray.com
1 www.genesisray.com clientarea.genesisray.com
1 fonts.googleapis.com clientarea.genesisray.com
1 stats.g.doubleclick.net clientarea.genesisray.com
33 7

This site contains links to these domains. Also see Links.

Domain
genesis-ray-energy-dev.onelogin.com
www.genesisray.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-05-14 -
2020-10-09		 5 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-15 -
2020-07-08		 3 months crt.sh
*.onelogin.com
COMODO RSA Domain Validation Secure Server CA		 2017-06-06 -
2020-06-05		 3 years crt.sh
*.gstatic.com
GTS CA 1O1		 2020-04-15 -
2020-07-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-04-15 -
2020-07-08		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-15 -
2020-07-08		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://clientarea.genesisray.com/
Frame ID: A71572C7AAF99F23ACEB134B9D92103D
Requests: 32 HTTP requests in this frame

Frame: https://genesis-ray-energy-dev.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dlbmVzaXMtcmF5LWVuZXJneS1kZXYub25lbG9naW4uY29tL2xhdW5jaC8xMDQxNzU1P3VzZXJMb2dPdXRVcmw9dHJ1ZSIsImF1ZCI6IkFDQ0VTUyIsImV4cCI6MTU4OTQ5NDM2NiwicGFyYW1zIjp7fSwibWV0aG9kIjoiZ2V0IiwiaXNzIjoiTU9OT1JBSUwifQ.XH7HH4jghIHh0vINdF073zdxDQs-KssMm36tI_VsSSE
Frame ID: 0CECD108635EE442B4FC9DB631665122
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • meta generator /WooCommerce ([\d.]+)/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • meta generator /WooCommerce ([\d.]+)/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • meta generator /WooCommerce ([\d.]+)/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • meta generator /WooCommerce ([\d.]+)/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

33
Requests

100 %
HTTPS

86 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

495 kB
Transfer

1757 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://genesis-ray-energy-dev.onelogin.com/launch/1041755?userLogOutUrl=true HTTP 302
  • https://genesis-ray-energy-dev.onelogin.com/login HTTP 302
  • https://genesis-ray-energy-dev.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dlbmVzaXMtcmF5LWVuZXJneS1kZXYub25lbG9naW4uY29tL2xhdW5jaC8xMDQxNzU1P3VzZXJMb2dPdXRVcmw9dHJ1ZSIsImF1ZCI6IkFDQ0VTUyIsImV4cCI6MTU4OTQ5NDM2NiwicGFyYW1zIjp7fSwibWV0aG9kIjoiZ2V0IiwiaXNzIjoiTU9OT1JBSUwifQ.XH7HH4jghIHh0vINdF073zdxDQs-KssMm36tI_VsSSE

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
clientarea.genesisray.com/ 		25 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clientarea.genesisray.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a25a19784320e58bd9205f55ad1ebf305a63796da4eba7cdcba10468671dfbba

Request headers

:method
GET
:authority
clientarea.genesisray.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 14 May 2020 22:09:43 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d71775d5e5106ddb2eee6404717a6da6e1589494178; expires=Sat, 13-Jun-20 22:09:38 GMT; path=/; domain=.genesisray.com; HttpOnly; SameSite=Lax wpSGCacheBypass=0; expires=Thu, 14-May-2020 21:09:43 GMT; Max-Age=0; path=/
cache-control
max-age=15552000
cf-railgun
direct (starting new WAN connection)
expires
Tue, 10 Nov 2020 22:09:39 GMT
host-header
6b7412fb82ca5edfd0917e3957f05d89
link
<https://clientarea.genesisray.com/wp-json/>; rel="https://api.w.org/", <https://clientarea.genesisray.com/>; rel=shortlink
p3p
CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM"
vary
Accept-Encoding Accept-Encoding
x-cache-enabled
True
x-httpd
1
x-proxy-cache
MISS
x-proxy-cache-info
0 NC:000000 UP:0
x-tec-api-origin
https://clientarea.genesisray.com
x-tec-api-root
https://clientarea.genesisray.com/wp-json/tribe/events/v1/
x-tec-api-version
v1
x-ua-compatible
IE=edge
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5937f1d86d1c05d0-FRA
content-encoding
br
cf-request-id
02b6d57b3f000005d0331b8200000001
siteground-optimizer-combined-css-0179e98e6296faf44cb4ed3c886eaec5.min.css
clientarea.genesisray.com/wp-content/uploads/siteground-optimizer-assets/ 		1 MB
120 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://clientarea.genesisray.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-0179e98e6296faf44cb4ed3c886eaec5.min.css?ver=5.5.1
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5e0e8d47aa59af26a3298341634ebf261686e91b7a0e2bab650ec7f05b6f338

Request headers

Referer
https://clientarea.genesisray.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 22:09:44 GMT
content-encoding
br
cf-cache-status
MISS
x-proxy-cache-info
DT:1
status
200
host-header
8441280b0c35cbc1147f8ba998a563a7
cf-request-id
02b6d58fd2000005d033008200000001
last-modified
Thu, 14 May 2020 12:24:14 GMT
server
cloudflare
etag
W/"5ebd386e-1011c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
cf-ray
5937f1f95ffc05d0-FRA
expires
Fri, 14 May 2021 22:09:44 GMT
jquery.js
clientarea.genesisray.com/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientarea.genesisray.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://clientarea.genesisray.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 22:09:44 GMT
content-encoding
br
cf-cache-status
MISS
x-proxy-cache-info
DT:1
status
200
host-header
8441280b0c35cbc1147f8ba998a563a7
cf-request-id
02b6d58fd2000005d033009200000001
last-modified
Sat, 18 Apr 2020 18:14:28 GMT
server
cloudflare
etag
W/"5e9b4384-17a69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
5937f1f95fff05d0-FRA
expires
Fri, 14 May 2021 22:09:44 GMT
jquery-migrate.min.js
clientarea.genesisray.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientarea.genesisray.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://clientarea.genesisray.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 22:09:44 GMT
content-encoding
br
cf-cache-status
MISS
x-proxy-cache-info
DT:1
status
200
host-header
8441280b0c35cbc1147f8ba998a563a7
cf-request-id
02b6d58fd2000005d03300a200000001
last-modified
Sat, 18 Apr 2020 18:14:28 GMT
server
cloudflare
etag
W/"5e9b4384-2748"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
5937f1f9580105d0-FRA
expires
Fri, 14 May 2021 22:09:44 GMT
frontend.min.js
clientarea.genesisray.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientarea.genesisray.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.10.4
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63a6d926d277a3d64d30e349fa0ea2b0630e9801d173e1947ff3bd6060147ef4

Request headers

Referer
https://clientarea.genesisray.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 22:09:45 GMT
content-encoding
br
cf-cache-status
MISS
x-proxy-cache-info
DT:1
status
200
host-header
8441280b0c35cbc1147f8ba998a563a7
cf-request-id
02b6d593de000005d03305e200000001
last-modified
Fri, 24 Apr 2020 00:02:42 GMT
server
cloudflare
etag
W/"5ea22ca2-2452"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
5937f1ffca7105d0-FRA
expires
Fri, 14 May 2021 22:09:45 GMT
jquery.blockUI.min.js
clientarea.genesisray.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientarea.genesisray.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
120aaf6681ca6d34a40c559779f0a0038582a79fce1b868ff901c94d27c89c72

Request headers

Referer
https://clientarea.genesisray.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 22:09:45 GMT
content-encoding
br
cf-cache-status
MISS
x-proxy-cache-info
DT:1
status
200
host-header
8441280b0c35cbc1147f8ba998a563a7
cf-request-id
02b6d59435000005d033073200000001
last-modified
Fri, 24 Apr 2020 00:02:26 GMT
server
cloudflare
etag
W/"5ea22c92-255e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
5937f2005c0005d0-FRA
expires
Fri, 14 May 2021 22:09:45 GMT
add-to-cart.min.js
clientarea.genesisray.com/wp-content/plugins/woocommerce/assets/js/frontend/ 		3 KB
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://clientarea.genesisray.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=4.0.1
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93876e0d8f7d122135eb104033837c88045aad594e355d0e866bddc3c9aeae84

Request headers

Referer
https://clientarea.genesisray.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 22:09:45 GMT
content-encoding
br
cf-cache-status
MISS
x-proxy-cache-info
DT:1
status
200
host-header
8441280b0c35cbc1147f8ba998a563a7
cf-request-id
02b6d5945c000005d033079200000001
last-modified
Fri, 24 Apr 2020 00:02:26 GMT
server
cloudflare
etag
W/"5ea22c92-ae9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
5937f2009ce205d0-FRA
expires
Fri, 14 May 2021 22:09:45 GMT
vc_woocommerce-add-to-cart-js.min.js
clientarea.genesisray.com/wp-content/uploads/siteground-optimizer-assets/ 		810 B
394 B 		Script
General
Check archive.org
Download Go to
Full URL
https://clientarea.genesisray.com/wp-content/uploads/siteground-optimizer-assets/vc_woocommerce-add-to-cart-js.min.js?ver=6.1
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc708da0b4460bd7114c067ffd7a422339778449deb8f9e188b3d7d824345608

Request headers

Referer
https://clientarea.genesisray.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 22:09:45 GMT
content-encoding
br
cf-cache-status
MISS
x-proxy-cache-info
DT:1
status
200
host-header
8441280b0c35cbc1147f8ba998a563a7
cf-request-id
02b6d5945d000005d03307a200000001
last-modified
Fri, 24 Apr 2020 00:40:21 GMT
server
cloudflare
etag
W/"5ea23575-32a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
5937f2009ce805d0-FRA
expires
Fri, 14 May 2021 22:09:45 GMT
lazysizes.min.js
clientarea.genesisray.com/wp-content/plugins/sg-cachepress/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientarea.genesisray.com/wp-content/plugins/sg-cachepress/assets/js/lazysizes.min.js?ver=5.5.1
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
876b4c12685e991d88378c1b6dd3638fd2da0c88f3c24da1ada950c1f26604e1

Request headers

Referer
https://clientarea.genesisray.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 22:09:45 GMT
content-encoding
br
cf-cache-status
MISS
x-proxy-cache-info
DT:1
status
200
host-header
8441280b0c35cbc1147f8ba998a563a7
cf-request-id
02b6d5945d000005d03307b200000001
last-modified
Thu, 30 Apr 2020 08:46:39 GMT
server
cloudflare
etag
W/"5eaa906f-1c43"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
5937f2009cea05d0-FRA
expires
Fri, 14 May 2021 22:09:45 GMT
js.cookie.min.js
clientarea.genesisray.com/wp-content/plugins/woocommerce/assets/js/js-cookie/ 		2 KB
994 B 		Script
General
Check archive.org
Download Go to
Full URL
https://clientarea.genesisray.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50de09b0bb8d0ac656aa9b3a1e4ef58a3f2d1abd734cad68b0e12191e9d215ea

Request headers

Referer
https://clientarea.genesisray.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 22:09:45 GMT
content-encoding
br
cf-cache-status
MISS
x-proxy-cache-info
DT:1
status
200
host-header
8441280b0c35cbc1147f8ba998a563a7
cf-request-id
02b6d5945d000005d03307c200000001
last-modified
Fri, 24 Apr 2020 00:02:26 GMT
server
cloudflare
etag
W/"5ea22c92-736"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
5937f2009cec05d0-FRA
expires
Fri, 14 May 2021 22:09:45 GMT
woocommerce.min.js
clientarea.genesisray.com/wp-content/plugins/woocommerce/assets/js/frontend/ 		2 KB
883 B 		Script
General
Check archive.org
Download Go to
Full URL
https://clientarea.genesisray.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=4.0.1
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51792d876ad46401a206cb2ff927b6906e60ffec5e03676d6f4f4d92a33c3490

Request headers

Referer
https://clientarea.genesisray.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 22:09:46 GMT
content-encoding
br
cf-cache-status
MISS
x-proxy-cache-info
DT:1
status
200
host-header
8441280b0c35cbc1147f8ba998a563a7
cf-request-id
02b6d596bb000005d0330b4200000001
last-modified
Fri, 24 Apr 2020 00:02:26 GMT
server
cloudflare
etag
W/"5ea22c92-7c1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
5937f2045fe805d0-FRA
expires
Fri, 14 May 2021 22:09:46 GMT
cart-fragments.min.js
clientarea.genesisray.com/wp-content/plugins/woocommerce/assets/js/frontend/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientarea.genesisray.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=4.0.1
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bed0bd033705c33f1742d8fab2bfed8e945567319fd00e529838392eca49eac0

Request headers

Referer
https://clientarea.genesisray.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 22:09:46 GMT
content-encoding
br
cf-cache-status
MISS
x-proxy-cache-info
DT:1
status
200
host-header
8441280b0c35cbc1147f8ba998a563a7
cf-request-id
02b6d596e0000005d0330b9200000001
last-modified
Fri, 24 Apr 2020 00:02:26 GMT
server
cloudflare
etag
W/"5ea22c92-b7c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
5937f204988805d0-FRA
expires
Fri, 14 May 2021 22:09:46 GMT
total.min.js
clientarea.genesisray.com/wp-content/themes/Total/assets/js/ 		141 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientarea.genesisray.com/wp-content/themes/Total/assets/js/total.min.js?ver=4.9.1
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f299adafad06de852788fa9f36ec36ced75e31598a5e5d6092dd9395f5a59a6

Request headers

Referer
https://clientarea.genesisray.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 22:09:46 GMT
content-encoding
br
cf-cache-status
MISS
x-proxy-cache-info
DT:1
status
200
host-header
8441280b0c35cbc1147f8ba998a563a7
cf-request-id
02b6d596eb000005d0330ba200000001
last-modified
Fri, 24 Apr 2020 00:42:16 GMT
server
cloudflare
etag
W/"5ea235e8-235ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
5937f204a8ba05d0-FRA
expires
Fri, 14 May 2021 22:09:46 GMT
wpex-wc-functions.min.js
clientarea.genesisray.com/wp-content/themes/Total/assets/js/dynamic/woocommerce/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientarea.genesisray.com/wp-content/themes/Total/assets/js/dynamic/woocommerce/wpex-wc-functions.min.js?ver=4.9.1
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40b0b59b9ab7a77883f482acd7a4fcfc8c670ae39fd7499f810e3f453f5677cb

Request headers

Referer
https://clientarea.genesisray.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 22:09:46 GMT
content-encoding
br
cf-cache-status
MISS
x-proxy-cache-info
DT:1
status
200
host-header
8441280b0c35cbc1147f8ba998a563a7
cf-request-id
02b6d596eb000005d0330bb200000001
last-modified
Fri, 24 Apr 2020 00:42:16 GMT
server
cloudflare
etag
W/"5ea235e8-abd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
5937f204a8bb05d0-FRA
expires
Fri, 14 May 2021 22:09:46 GMT
ai-js.min.js
clientarea.genesisray.com/wp-content/uploads/siteground-optimizer-assets/ 		47 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientarea.genesisray.com/wp-content/uploads/siteground-optimizer-assets/ai-js.min.js?ver=305321
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c2b072869484e51ea9d6a4cb04bc81527cd945b1c9a50b06ca708e0f2a32660

Request headers

Referer
https://clientarea.genesisray.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 22:09:47 GMT
content-encoding
br
cf-cache-status
MISS
x-proxy-cache-info
DT:1
status
200
host-header
8441280b0c35cbc1147f8ba998a563a7
cf-request-id
02b6d59719000005d0330bf200000001
last-modified
Fri, 24 Apr 2020 00:34:14 GMT
server
cloudflare
etag
W/"5ea23406-ba55"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
5937f204f98905d0-FRA
expires
Fri, 14 May 2021 22:09:46 GMT
script.min.js
clientarea.genesisray.com/wp-content/plugins/layered-popups/js/ 		49 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientarea.genesisray.com/wp-content/plugins/layered-popups/js/script.min.js?ver=6.64
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d99cd5cb1caa432a75fd11005c52773334caa776cd03a727fd5178b6fb48d797

Request headers

Referer
https://clientarea.genesisray.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 22:09:46 GMT
content-encoding
br
cf-cache-status
MISS
x-proxy-cache-info
DT:1
status
200
host-header
8441280b0c35cbc1147f8ba998a563a7
cf-request-id
02b6d59842000005d0330ea200000001
last-modified
Fri, 24 Apr 2020 00:25:44 GMT
server
cloudflare
etag
W/"5ea23208-c397"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
5937f206deb805d0-FRA
expires
Fri, 14 May 2021 22:09:46 GMT
vcex-front.min.js
clientarea.genesisray.com/wp-content/plugins/total-theme-core/inc/wpbakery/assets/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientarea.genesisray.com/wp-content/plugins/total-theme-core/inc/wpbakery/assets/js/vcex-front.min.js?ver=1.0
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e393e9274e6d1ebadbefcb4c3285ea07b22b78ad0eb23dc0b0ed6868cc13529f

Request headers

Referer
https://clientarea.genesisray.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 22:09:46 GMT
content-encoding
br
cf-cache-status
MISS
x-proxy-cache-info
DT:1
status
200
host-header
8441280b0c35cbc1147f8ba998a563a7
cf-request-id
02b6d59941000005d0330fd200000001
last-modified
Fri, 24 Apr 2020 00:42:48 GMT
server
cloudflare
etag
W/"5ea23608-2102"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
5937f2086b0405d0-FRA
expires
Fri, 14 May 2021 22:09:46 GMT
wp-embed.min.js
clientarea.genesisray.com/wp-includes/js/ 		1 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://clientarea.genesisray.com/wp-includes/js/wp-embed.min.js?ver=5.4.1
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer
https://clientarea.genesisray.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 22:09:44 GMT
content-encoding
br
cf-cache-status
MISS
x-proxy-cache-info
DT:1
status
200
host-header
8441280b0c35cbc1147f8ba998a563a7
cf-request-id
02b6d58fd2000005d03300b200000001
last-modified
Sat, 18 Apr 2020 18:14:28 GMT
server
cloudflare
etag
W/"5e9b4384-59a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
5937f1f9580205d0-FRA
expires
Fri, 14 May 2021 22:09:44 GMT
ads.js
clientarea.genesisray.com/wp-content/plugins/layered-popups/js/ 		22 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://clientarea.genesisray.com/wp-content/plugins/layered-popups/js/ads.js?ver=6.64
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
999d19663950deac608f78d0d9dfe2f794be613e4e09140a1ab1e68641e6b87a

Request headers

Referer
https://clientarea.genesisray.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 22:09:44 GMT
content-encoding
br
cf-cache-status
MISS
x-proxy-cache-info
DT:1
status
200
host-header
8441280b0c35cbc1147f8ba998a563a7
cf-request-id
02b6d58fd2000005d03300c200000001
last-modified
Fri, 24 Apr 2020 00:25:44 GMT
server
cloudflare
etag
W/"5ea23208-16"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
5937f1f9580305d0-FRA
expires
Fri, 14 May 2021 22:09:44 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://clientarea.genesisray.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
4406
date
Thu, 14 May 2020 20:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Thu, 14 May 2020 22:56:19 GMT
/
genesis-ray-energy-dev.onelogin.com/login2/ Frame 0CEC
Redirect Chain
  • https://genesis-ray-energy-dev.onelogin.com/launch/1041755?userLogOutUrl=true
  • https://genesis-ray-energy-dev.onelogin.com/login
  • https://genesis-ray-energy-dev.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dlbmVzaXMtcmF5LWVuZXJneS1kZXYub25lbG9naW4uY29tL2xhdW5jaC8xMDQxNzU1P3VzZXJMb2dPd...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://genesis-ray-energy-dev.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dlbmVzaXMtcmF5LWVuZXJneS1kZXYub25lbG9naW4uY29tL2xhdW5jaC8xMDQxNzU1P3VzZXJMb2dPdXRVcmw9dHJ1ZSIsImF1ZCI6IkFDQ0VTUyIsImV4cCI6MTU4OTQ5NDM2NiwicGFyYW1zIjp7fSwibWV0aG9kIjoiZ2V0IiwiaXNzIjoiTU9OT1JBSUwifQ.XH7HH4jghIHh0vINdF073zdxDQs-KssMm36tI_VsSSE
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.216.23.72 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-23-72.us-east-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Host
genesis-ray-energy-dev.onelogin.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://clientarea.genesisray.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
sub_session_onelogin.com=BAh7CDoOcmV0dXJuX3RvIlJodHRwczovL2dlbmVzaXMtcmF5LWVuZXJneS1kZXYub25lbG9naW4uY29tL2xhdW5jaC8xMDQxNzU1P3VzZXJMb2dPdXRVcmw9dHJ1ZSIfYnJvd3Nlcl92ZXJpZmljYXRpb25fdG9rZW4iRWIwYWU4N2VmZjY5MjBlNTdlYjNjNDVlNzFkMjA1MzhmYjY3ZGY3YzAzZTNmMjU2MjdkOWExMWQ4MTQ5NDZkN2M6D3Nlc3Npb25faWQiKTNlYjFmODgwLTcxYjctNDFmNi1hM2JhLTVkMjIzMDdmZWE1OQ%3D%3D--7f67e0f9fd3dd715d5cd676504100c1128d3b5c7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://clientarea.genesisray.com/

Response headers

x-amz-id-2
QdxryTm3o9dWjYB9Jc6bcR76LecKN/QLOPNDp8xhg2kfC95UYX8GA9vOKonUclPObkxVcKcfsRc=
x-amz-request-id
CDB6DE774C164F4C
Date
Thu, 14 May 2020 22:09:47 GMT
Cache-Control
max-age=0
Content-Encoding
gzip
Last-Modified
Mon, 11 May 2020 16:43:56 GMT
x-amz-version-id
7W0nhWM3mGReI6Oz2T6L34cvwhM0b_jR
ETag
"b30d09ad6a3da7857817553d78c19ca4"
Content-Type
text/html
Content-Length
932
Server
AmazonS3

Redirect headers

Cache-Control
no-cache no-store max-age=0 must-revalidate private s-maxage=0
Content-Type
text/html; charset=utf-8
Date
Thu, 14 May 2020 22:09:46 GMT
Expires
0
Location
https://genesis-ray-energy-dev.onelogin.com/login2/?return=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2dlbmVzaXMtcmF5LWVuZXJneS1kZXYub25lbG9naW4uY29tL2xhdW5jaC8xMDQxNzU1P3VzZXJMb2dPdXRVcmw9dHJ1ZSIsImF1ZCI6IkFDQ0VTUyIsImV4cCI6MTU4OTQ5NDM2NiwicGFyYW1zIjp7fSwibWV0aG9kIjoiZ2V0IiwiaXNzIjoiTU9OT1JBSUwifQ.XH7HH4jghIHh0vINdF073zdxDQs-KssMm36tI_VsSSE
P3P
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma
no-cache
Set-Cookie
sub_session_onelogin.com=BAh7CDoOcmV0dXJuX3RvIlJodHRwczovL2dlbmVzaXMtcmF5LWVuZXJneS1kZXYub25lbG9naW4uY29tL2xhdW5jaC8xMDQxNzU1P3VzZXJMb2dPdXRVcmw9dHJ1ZSIfYnJvd3Nlcl92ZXJpZmljYXRpb25fdG9rZW4iRWIwYWU4N2VmZjY5MjBlNTdlYjNjNDVlNzFkMjA1MzhmYjY3ZGY3YzAzZTNmMjU2MjdkOWExMWQ4MTQ5NDZkN2M6D3Nlc3Npb25faWQiKTNlYjFmODgwLTcxYjctNDFmNi1hM2JhLTVkMjIzMDdmZWE1OQ%3D%3D--7f67e0f9fd3dd715d5cd676504100c1128d3b5c7; path=/; secure; HttpOnly
Status
302 Found
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
X-Request-Id
5EBDC1A9-B9ECC994-64AE-0A090316-01BB-1C9F52-0702
X-Xss-Protection
1; mode=block
Content-Length
424
mem8YaGs126MiZpBA-UFVZ0e.ttf
fonts.gstatic.com/s/opensans/v17/ 		26 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0e.ttf
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5669ca033ab68625c0cae6bcf1abb2722c02ea43a0d65323b2f7b023c7afa35e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://clientarea.genesisray.com/
Origin
https://clientarea.genesisray.com

Response headers

date
Mon, 13 Apr 2020 12:59:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2711402
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18276
x-xss-protection
0
last-modified
Tue, 23 Jul 2019 19:30:44 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Apr 2021 12:59:43 GMT
ticons-webfont.woff2
clientarea.genesisray.com/wp-content/themes/Total/assets/lib/ticons/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://clientarea.genesisray.com/wp-content/themes/Total/assets/lib/ticons/fonts/ticons-webfont.woff2?v=4.8
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://clientarea.genesisray.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-0179e98e6296faf44cb4ed3c886eaec5.min.css?ver=5.5.1
Origin
https://clientarea.genesisray.com

Response headers

date
Thu, 14 May 2020 22:09:45 GMT
cf-cache-status
MISS
x-proxy-cache-info
DT:1
status
200
host-header
8441280b0c35cbc1147f8ba998a563a7
content-length
77160
cf-request-id
02b6d59487000005d033080200000001
last-modified
Fri, 24 Apr 2020 00:42:16 GMT
server
cloudflare
etag
"5ea235e8-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
5937f200dd9e05d0-FRA
expires
Fri, 14 May 2021 22:09:45 GMT
collect
www.google-analytics.com/ 		35 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j82&a=1958413891&t=pageview&_s=1&dl=https%3A%2F%2Fclientarea.genesisray.com%2F&ul=en-us&de=UTF-8&dt=Client%20Area%20-%20Genesis%20Ray%20Energy%20-%20Data%20%7C%20Analytics%20%7C%20GIS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABC~&jid=833427337&gjid=681387227&cid=1496725404.1589494185&tid=UA-153584904-2&_gid=261127984.1589494185&z=618743040
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://clientarea.genesisray.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 May 2020 01:17:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
161510
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j82&tid=UA-153584904-2&cid=1496725404.1589494185&jid=833427337&gjid=681387227&_gid=261127984.1589494185&_u=YGBAgUABC~&z=1569742473
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://clientarea.genesisray.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 14 May 2020 22:09:45 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
admin-ajax.php
clientarea.genesisray.com/wp-admin/ 		437 B
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clientarea.genesisray.com/wp-admin/admin-ajax.php
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8b3fbe62991bae9f7b10cf859031c9336555c6d44b5b3d890aae3d49b0eb07d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://clientarea.genesisray.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 14 May 2020 22:09:49 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-proxy-cache-info
DT:1
status
200
host-header
8441280b0c35cbc1147f8ba998a563a7
content-length
437
cf-request-id
02b6d59cb0000005d03313f200000001
referrer-policy
strict-origin-when-cross-origin
x-robots-tag
noindex
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://clientarea.genesisray.com
x-httpd
1
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
5937f20de90505d0-FRA
cf-railgun
3251845ee0 stream 0.000000 0200 0dda
expires
Wed, 11 Jan 1984 05:00:00 GMT
/
clientarea.genesisray.com/ 		606 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://clientarea.genesisray.com/?wc-ajax=get_refreshed_fragments
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b90793c1762f6f5dad5663f4f174dba8ec753f03a4539042b6c7bf572b19969a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://clientarea.genesisray.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 14 May 2020 22:09:49 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-proxy-cache-info
DT:1
p3p
CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM"
status
200
host-header
8441280b0c35cbc1147f8ba998a563a7
x-cache-enabled
True
cf-request-id
02b6d59cb8000005d033141200000001
x-ua-compatible
IE=edge
x-robots-tag
noindex
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://clientarea.genesisray.com
x-httpd
1
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
606
cf-ray
5937f20df92805d0-FRA
cf-railgun
e8b0dbc378 stream 0.000000 0200 0dda
expires
Wed, 11 Jan 1984 05:00:00 GMT
admin-ajax.php
clientarea.genesisray.com/wp-admin/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://clientarea.genesisray.com/wp-admin/admin-ajax.php
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
031fd3bf547964c79975846cf2761c72966035af5ab4ffa9bcdb8c2abb756029
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://clientarea.genesisray.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 14 May 2020 22:09:50 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-proxy-cache-info
DT:1
status
200
host-header
8441280b0c35cbc1147f8ba998a563a7
content-length
6978
cf-request-id
02b6d5a671000005d0331ee200000001
referrer-policy
strict-origin-when-cross-origin
x-robots-tag
noindex
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://clientarea.genesisray.com
x-httpd
1
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
5937f21d8c6a05d0-FRA
cf-railgun
021be91127 99.99 0.578468 0030 0dda
expires
Wed, 11 Jan 1984 05:00:00 GMT
css
fonts.googleapis.com/ 		28 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=greek-ext,cyrillic-ext,latin,cyrillic,latin-ext,greek,vietnamese
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
94df22701bd80fca42c776b7064a4505986161b616007963e1ba60adba6f84d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://clientarea.genesisray.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 14 May 2020 22:09:50 GMT
server
ESF
date
Thu, 14 May 2020 22:09:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 May 2020 22:09:50 GMT
admin-ajax.php
clientarea.genesisray.com/wp-admin/ 		15 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clientarea.genesisray.com/wp-admin/admin-ajax.php
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2488 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://clientarea.genesisray.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 14 May 2020 22:09:51 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-proxy-cache-info
DT:1
status
200
host-header
8441280b0c35cbc1147f8ba998a563a7
content-length
15
cf-request-id
02b6d5a961000005d033218200000001
referrer-policy
strict-origin-when-cross-origin
x-robots-tag
noindex
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://clientarea.genesisray.com
x-httpd
1
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
5937f222394a05d0-FRA
cf-railgun
9804ae6a1e 99.99 0.559569 0030 0dda
expires
Wed, 11 Jan 1984 05:00:00 GMT
Windpark_Bernsdorf-Gersdorf_in_Sachsen.2040_origWI-1-1024x635.jpg
www.genesisray.com/wp-content/uploads/2020/04/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.genesisray.com/wp-content/uploads/2020/04/Windpark_Bernsdorf-Gersdorf_in_Sachsen.2040_origWI-1-1024x635.jpg
Requested by
Host: clientarea.genesisray.com
URL: https://clientarea.genesisray.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:2588 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a5619b73e270ac9246dff14ab00f474aab99e994afc6671e61a543be4751b50

Request headers

Referer
https://clientarea.genesisray.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 22:09:51 GMT
cf-cache-status
MISS
x-proxy-cache-info
DT:1
status
200
host-header
8441280b0c35cbc1147f8ba998a563a7
content-length
112579
cf-request-id
02b6d5aa360000062dea060200000001
last-modified
Sun, 26 Apr 2020 02:50:23 GMT
server
cloudflare
etag
"5ea4f6ef-1b7c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
5937f2238bda062d-FRA
expires
Fri, 14 May 2021 22:09:51 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=greek-ext,cyrillic-ext,latin,cyrillic,latin-ext,greek,vietnamese
Origin
https://clientarea.genesisray.com

Response headers

date
Wed, 15 Apr 2020 00:22:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
2584056
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Thu, 15 Apr 2021 00:22:14 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,400,400italic,500,500italic,700,700italic,900,900italic&subset=greek-ext,cyrillic-ext,latin,cyrillic,latin-ext,greek,vietnamese
Origin
https://clientarea.genesisray.com

Response headers

date
Tue, 14 Apr 2020 23:26:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
2587371
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Wed, 14 Apr 2021 23:26:59 GMT

Verdicts & Comments Add Verdict or Comment

226 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| mi_version boolean| mi_track_user string| mi_no_track_reason string| disableStr function| __gaTrackerIsOptedOut function| __gaTrackerOptout string| GoogleAnalyticsObject function| __gaTracker undefined| $ function| jQuery object| monsterinsights_frontend object| wc_add_to_cart_params object| ulp_custom_handlers string| ulp_cookie_value string| ulp_onload_popup string| ulp_onload_mode number| ulp_onload_period string| ulp_onscroll_popup string| ulp_onscroll_mode number| ulp_onscroll_period string| ulp_onexit_popup string| ulp_onexit_mode number| ulp_onexit_period string| ulp_onidle_popup string| ulp_onidle_mode number| ulp_onidle_period string| ulp_onabd_popup string| ulp_onabd_mode number| ulp_onabd_period number| ulp_onload_delay number| ulp_onload_close_delay number| ulp_onscroll_offset number| ulp_onidle_delay string| ulp_recaptcha_enable string| ulp_content_id number| ai_iframe_width_advanced_iframe number| ai_iframe_height_advanced_iframe function| aiReceiveMessageadvanced_iframe boolean| aiIsIe8 string| aiOnloadScrollTop object| aiReadyCallbacks function| aiShowIframeId function| aiResizeIframeHeight function| aiResizeIframeHeightId function| loadElem_advanced_iframe function| aiModifyParent_advanced_iframe function| aiReadyAiFunct_advanced_iframe object| ifrm_advanced_iframe boolean| hiddenTabsDoneadvanced_iframe function| resizeCallbackadvanced_iframe function| aiChangeUrl number| recalculateIframeResizeadvanced_iframe number| recalculateIframeOrientationchangeadvanced_iframe function| recalculateIframeadvanced_iframe function| initResponsiveIframeadvanced_iframe object| tribe_l10n_datatables string| c object| woocommerce_params object| wc_cart_fragments_params object| wpexLocalize object| wpexWC object| MyAjax object| wp string| ulp_ajax_url string| ulp_count_impressions string| ulp_async_init string| ulp_css3_enable string| ulp_ga_tracking string| ulp_km_tracking string| ulp_onexit_limits string| ulp_no_preload object| ulp_campaigns object| ulp_overlays boolean| ulp_noadb object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| MonsterInsights object| MonsterInsightsObject object| lazySizes function| Cookies object| wpex object| browserPrefixes object| jQuery112406386974689026796 function| wpexWooQBPrepend function| wpexWooQBActions boolean| aiEnableCookie string| aiId number| aiExtraSpace number| aiAccTime number| aiOnloadEventsCounter boolean| aiCallbackExists function| aiResizeIframe function| aiGetIframeHash function| aiGetIframeHeight function| aiGetIframeWidth function| aiGetParentIframeWidth function| aiResizeIframeHeightById function| aiScrollToTop function| aiWriteCookie function| aiUseCookie function| aiIsNumeric function| aiDisableHeight function| aiEnableHeight function| aiShowElementOnly function| aiCheckIfValidTarget function| aiOpenSelectorWindow function| aiDisableAiResizeOptions function| aiDisablePartOfIframeOptions function| aiDisableLazyLoadOptions function| aiDisableIframeAsLayerOptions function| aiDisableTextSection undefined| aiInstance function| aiInitAdminConfiguration function| aiSettingsSearch function| aiResizeIframeRatio function| aiGenerateShortcode function| aiGenerateTextShortcodeWithDefault function| aiGenerateTextShortcode function| aiGenerateRadioShortcode function| aiAddCssClassAllParents function| aiAutoZoomExternalHeight function| aiAutoZoomExternal function| aiAutoZoom function| aiSetZoom function| aiAutoZoomViewport function| aiResetAiSettings function| aiCheckInputNumber function| aiCheckInputNumberOnly function| aiShowHeader function| aiSetScrollposition function| aiResetShowPartOfAnIframe function| aiShowLayerIframe function| aiHideLayerIframe object| aiLayerIframeHrefs function| aiCheckReload function| aiChangeUrlParam function| aiGetUrlMappingUrl function| aiSetBrowserUrl function| aiRemoveQueryString function| aiGetUrlMapping function| closeInfoPermanent function| aiSupportsHistoryApi function| aigetIframeLocation function| aiSetGetParameter function| aiRemoveURLParameter function| aiEndsWidth function| aiAddCss function| aiAddCssFile function| aiAddJsFile function| aiPresetFullscreen function| aiDisableCheckIframes function| aiProcessMessage function| aiProcessDebug function| aiProcessScrollToTop function| aiProcessHeight function| aiProcessShow function| aiRemoveElementsFromHeight undefined| ulp_timeout object| ulp_viewport undefined| ulp_onidle_timer string| ulp_active_window_id string| ulp_active_campaign boolean| ulp_subscribing boolean| ulp_onload_displayed boolean| ulp_onexit_displayed boolean| ulp_onscroll_displayed boolean| ulp_onidle_displayed boolean| ulp_onabd_displayed boolean| ulp_no_preload_loading number| ulp_onidle_counter number| ulp_position_margin string| ulp_forced_location object| ulp_recaptcha_queue object| ulp_css3_animations_in object| ulp_css3_animations_out boolean| ulp_mobile function| ulp_popup_id function| ulp_prepare_ids function| ulp_inline_open function| _ulp_inline_hide_confirmation function| _ulp_inline_open function| _ulp_inline_subscribe function| ulp_open function| _ulp_open function| ulp_close function| ulp_self_close function| ulp_reset_recaptcha function| ulp_subscribe function| ulp_onload_open function| _ulp_init function| ulp_init function| ulp_onidle_counter_handler function| ulp_read_cookie function| ulp_write_cookie function| ulp_ready function| ulp_utf8encode function| ulp_encode64 function| ulp_utf8decode function| ulp_decode64 function| ulp_track function| ulp_share function| ulp_social_google_plusone function| ulp_social_linkedin_share function| ulp_close_forever function| ulp_unlock_links function| ulp_clear_form function| ulp_recaptcha_loaded function| ulp_hex2rgba function| ulp_datetimepicker_init function| vcexResponsiveText function| vcexHovers function| vcexResponsiveCSS function| vcexCarousels function| vcexCountDown function| vcexAnimatedText function| vcexMilestone function| vcexSkillbar function| vcexBeforeAfter function| vcexIsotopeGrids function| vcexNavbarFilterLinks function| vcexStickyNavbar function| vcexNavbarMobileSelect

5 Cookies

Domain/Path Name / Value
.genesisray.com/ Name: _gat
Value: 1
.genesisray.com/ Name: _ga
Value: GA1.2.1496725404.1589494185
genesis-ray-energy-dev.onelogin.com/ Name: sub_session_onelogin.com
Value: BAh7CDoOcmV0dXJuX3RvIlJodHRwczovL2dlbmVzaXMtcmF5LWVuZXJneS1kZXYub25lbG9naW4uY29tL2xhdW5jaC8xMDQxNzU1P3VzZXJMb2dPdXRVcmw9dHJ1ZSIfYnJvd3Nlcl92ZXJpZmljYXRpb25fdG9rZW4iRWIwYWU4N2VmZjY5MjBlNTdlYjNjNDVlNzFkMjA1MzhmYjY3ZGY3YzAzZTNmMjU2MjdkOWExMWQ4MTQ5NDZkN2M6D3Nlc3Npb25faWQiKTNlYjFmODgwLTcxYjctNDFmNi1hM2JhLTVkMjIzMDdmZWE1OQ%3D%3D--7f67e0f9fd3dd715d5cd676504100c1128d3b5c7
.genesisray.com/ Name: _gid
Value: GA1.2.261127984.1589494185
.genesisray.com/ Name: __cfduid
Value: d71775d5e5106ddb2eee6404717a6da6e1589494178

1 Console Messages

Source Level URL
Text
console-api log URL: https://clientarea.genesisray.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clientarea.genesisray.com
fonts.googleapis.com
fonts.gstatic.com
genesis-ray-energy-dev.onelogin.com
stats.g.doubleclick.net
www.genesisray.com
www.google-analytics.com
18.216.23.72
2606:4700:3031::6812:2488
2606:4700:3032::6812:2588
2a00:1450:4001:809::2003
2a00:1450:4001:817::200a
2a00:1450:4001:81c::200e
2a00:1450:400c:c0b::9d
031fd3bf547964c79975846cf2761c72966035af5ab4ffa9bcdb8c2abb756029
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f299adafad06de852788fa9f36ec36ced75e31598a5e5d6092dd9395f5a59a6
120aaf6681ca6d34a40c559779f0a0038582a79fce1b868ff901c94d27c89c72
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
40b0b59b9ab7a77883f482acd7a4fcfc8c670ae39fd7499f810e3f453f5677cb
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
50de09b0bb8d0ac656aa9b3a1e4ef58a3f2d1abd734cad68b0e12191e9d215ea
51792d876ad46401a206cb2ff927b6906e60ffec5e03676d6f4f4d92a33c3490
5669ca033ab68625c0cae6bcf1abb2722c02ea43a0d65323b2f7b023c7afa35e
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
63a6d926d277a3d64d30e349fa0ea2b0630e9801d173e1947ff3bd6060147ef4
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
7c2b072869484e51ea9d6a4cb04bc81527cd945b1c9a50b06ca708e0f2a32660
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
876b4c12685e991d88378c1b6dd3638fd2da0c88f3c24da1ada950c1f26604e1
93876e0d8f7d122135eb104033837c88045aad594e355d0e866bddc3c9aeae84
94df22701bd80fca42c776b7064a4505986161b616007963e1ba60adba6f84d5
999d19663950deac608f78d0d9dfe2f794be613e4e09140a1ab1e68641e6b87a
9a5619b73e270ac9246dff14ab00f474aab99e994afc6671e61a543be4751b50
a25a19784320e58bd9205f55ad1ebf305a63796da4eba7cdcba10468671dfbba
a5e0e8d47aa59af26a3298341634ebf261686e91b7a0e2bab650ec7f05b6f338
b90793c1762f6f5dad5663f4f174dba8ec753f03a4539042b6c7bf572b19969a
bed0bd033705c33f1742d8fab2bfed8e945567319fd00e529838392eca49eac0
d99cd5cb1caa432a75fd11005c52773334caa776cd03a727fd5178b6fb48d797
dc708da0b4460bd7114c067ffd7a422339778449deb8f9e188b3d7d824345608
e393e9274e6d1ebadbefcb4c3285ea07b22b78ad0eb23dc0b0ed6868cc13529f
f8b3fbe62991bae9f7b10cf859031c9336555c6d44b5b3d890aae3d49b0eb07d