urlscan.io logo urlscan.io
SecurityTrails logo

grand-chang.top Open in urlscan Pro
104.21.36.183  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://grand-chang.top/
Effective URL: https://grand-chang.top/
Submission: On September 20 via automatic, source phishtank — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 64 HTTP transactions. The main IP is 104.21.36.183, located in and belongs to CLOUDFLARENET, US. The main domain is grand-chang.top.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 7th 2021. Valid for: a year.
This is the only time grand-chang.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 25 104.21.36.183 13335 (CLOUDFLAR...)
4 142.250.186.170 15169 (GOOGLE)
7 142.250.74.195 15169 (GOOGLE)
28 104.22.24.131 13335 (CLOUDFLAR...)
1 151.101.1.229 54113 (FASTLY)
64 5
25    104.21.36.183 (None, )

ASN13335 (CLOUDFLARENET, US)
grand-chang.top
4    142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net
fonts.googleapis.com
7    142.250.74.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net
fonts.gstatic.com
28    104.22.24.131 (None, )

ASN13335 (CLOUDFLARENET, US)
embed.tawk.to
va.tawk.to
vsb97.tawk.to
1    151.101.1.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
Domain Requested by
25 grand-chang.top 1 redirects grand-chang.top
22 embed.tawk.to grand-chang.top
embed.tawk.to
7 fonts.gstatic.com fonts.googleapis.com
4 fonts.googleapis.com grand-chang.top
embed.tawk.to
3 vsb97.tawk.to embed.tawk.to
3 va.tawk.to embed.tawk.to
1 cdn.jsdelivr.net embed.tawk.to
64 7

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-07 -
2022-09-06		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh

This page contains 5 frames:

Primary Page: https://grand-chang.top/
Frame ID: A4D3AB93E1CE01C275248B6CEC58F8E5
Requests: 54 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/61483167bf6/css/min-widget.css
Frame ID: A3A02EB9642C618CECABDAC8084C1373
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/61483167bf6/css/bubble-widget.css
Frame ID: A5188E3D5D847324EEDE6E5AF978772F
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/61483167bf6/css/message-preview.css
Frame ID: 4AEB8D9D8E9AE6059E100E4C4F35BBAA
Requests: 2 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/61483167bf6/css/max-widget.css
Frame ID: BD897469AB563A5A29E611531E0EFBFF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Grand-chang.top - Обменный пункт

Page URL History Show full URLs

  1. http://grand-chang.top/ HTTP 301
    https://grand-chang.top/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • //embed\.tawk\.to
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

64
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

5
IPs

2
Countries

526 kB
Transfer

1642 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://grand-chang.top/ HTTP 301
    https://grand-chang.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
grand-chang.top/
Redirect Chain
  • http://grand-chang.top/
  • https://grand-chang.top/
36 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://grand-chang.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.3.29
Resource Hash
5ed6988cb4bf725b6d11c02a4553f179f4c8f770f8170edd5d62e888d1877695

Request headers

:method
GET
:authority
grand-chang.top
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
PHPSESSID=2e18023142d0b8085965f03ba8f9e159
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/5.3.29
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
link
<https://grand-chang.top/wp-json/>; rel="https://api.w.org/", <https://grand-chang.top/>; rel=shortlink
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKvOllvNyTtLNqt6Qka6bTxc2GezbopfBM6MDeTtg62TaVXVF4QL7ydMh%2Fhc9%2Fl7j3wyd60n%2F%2FhYLwGYj6GOdI0OdfZjfSZfMqyhgWHDptnAV42WzTNZ1yYFDRfAI1fQPh0%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6919e4d199b93a2f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Mon, 20 Sep 2021 09:05:45 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
x-powered-by
PHP/5.3.29
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
set-cookie
PHPSESSID=2e18023142d0b8085965f03ba8f9e159; path=/
location
https://grand-chang.top/
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3p6i1KC71dQY1BSXsz%2BNgF%2Bn2XotKxPZqh%2F%2BDaMhr%2FlPivC%2BkygDFuecyzZjGBld1uhoUCO6tWfTvnQeAW1Hij0M8iC%2BZ8rpxegNtGG7j%2BicMnADpzVO6DbeGUtrshSWxo%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6919e4cfb91539b1-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C700italic%2C400%2C300%2C600%2C700&subset=latin%2Ccyrillic-ext%2Ccyrillic&ver=1.0
Requested by
Host: grand-chang.top
URL: https://grand-chang.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
2c109dc4b41df91368d22ad30014165fdc8c6129ebb8acf378bba4130f2ec986
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 09:05:45 GMT
server
ESF
date
Mon, 20 Sep 2021 09:05:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Sep 2021 09:05:45 GMT
style.css
grand-chang.top/wp-content/themes/exchangeboxtheme2/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://grand-chang.top/wp-content/themes/exchangeboxtheme2/style.css?ver=1.0
Requested by
Host: grand-chang.top
URL: https://grand-chang.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
193075df6eb8b3fe59d6bb17e5bf5bc9cebc717f31f07a29e898cc63d63d69f9

Request headers

:path
/wp-content/themes/exchangeboxtheme2/style.css?ver=1.0
pragma
no-cache
cookie
PHPSESSID=2e18023142d0b8085965f03ba8f9e159
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
grand-chang.top
referer
https://grand-chang.top/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590380
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 25 Dec 2015 21:41:48 GMT
server
cloudflare
etag
W/"567db81c-a50e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0PMxsSZLnDQay7PgYH1k%2BCKSgQBpxFilELBit0RQOCgze6OLz5vYA%2FtPBz4Tc%2F5AdslQMuTIwhzWkXeoc6zBN0fa3YofwFTRy%2FUk82LO8GUwKdUAE9OsYL1%2BXS6XXxzv34%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=3888000
cf-ray
6919e4d41ddd3a2f-CDG
expires
Thu, 28 Oct 2021 13:06:05 GMT
jquery-1.8.3.min.js
grand-chang.top/wp-content/themes/exchangeboxtheme2/js/ 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grand-chang.top/wp-content/themes/exchangeboxtheme2/js/jquery-1.8.3.min.js?ver=1.8.3
Requested by
Host: grand-chang.top
URL: https://grand-chang.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Request headers

:path
/wp-content/themes/exchangeboxtheme2/js/jquery-1.8.3.min.js?ver=1.8.3
pragma
no-cache
cookie
PHPSESSID=2e18023142d0b8085965f03ba8f9e159
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
grand-chang.top
referer
https://grand-chang.top/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590380
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 11 Aug 2013 15:07:16 GMT
server
cloudflare
etag
W/"5207a8a4-16dc5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dagY2VlZ%2FuYN2lmkdOJYfjVgOL4GhnCda6%2Fw4uS8KyEUEKQcn6A9YqBA5lDjlttiTFPTGcbaKyWmDt1Pa%2BSk4iAvzi2TwCZTqyGRcWePYxhQ0%2BI6MlhtQFsMhvZdQzZjnXI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3888000
cf-ray
6919e4d42ddf3a2f-CDG
expires
Thu, 28 Oct 2021 13:06:05 GMT
jquery-ui-1.9.2.custom.min.js
grand-chang.top/wp-content/plugins/exchangebox/js/ 		232 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grand-chang.top/wp-content/plugins/exchangebox/js/jquery-ui-1.9.2.custom.min.js?ver=1.9.2
Requested by
Host: grand-chang.top
URL: https://grand-chang.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f87153921ae6b43428f4cb607b862453667493c5cbf8eaded2c378c225e9a53f

Request headers

:path
/wp-content/plugins/exchangebox/js/jquery-ui-1.9.2.custom.min.js?ver=1.9.2
pragma
no-cache
cookie
PHPSESSID=2e18023142d0b8085965f03ba8f9e159
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
grand-chang.top
referer
https://grand-chang.top/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590379
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 03 Oct 2015 15:41:46 GMT
server
cloudflare
etag
W/"560ff73a-3a0ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4qX5FB75JccgQvpFxp%2BWOwXFiQOYCFwjLS4cyA%2Fs%2F7FeFqCVAf1rMClojuyJAgni3waP63A%2BqqBuwIS%2BnjCHooQzyMOdBBIaj5WoaYIiet5COGz1GuuxCXfY9ybfVtrHBw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3888000
cf-ray
6919e4d42de23a2f-CDG
expires
Thu, 28 Oct 2021 13:06:06 GMT
jquery.form.js
grand-chang.top/wp-content/plugins/exchangebox/js/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grand-chang.top/wp-content/plugins/exchangebox/js/jquery.form.js?ver=3.51
Requested by
Host: grand-chang.top
URL: https://grand-chang.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a16fd80d67008f1c947cf93ebb20e2af2ed1a6317e194d35ed15046076c4211

Request headers

:path
/wp-content/plugins/exchangebox/js/jquery.form.js?ver=3.51
pragma
no-cache
cookie
PHPSESSID=2e18023142d0b8085965f03ba8f9e159
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
grand-chang.top
referer
https://grand-chang.top/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590379
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 03 Oct 2015 15:41:46 GMT
server
cloudflare
etag
W/"560ff73a-ab74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lL%2BWXJJvcUf4f%2Fvsj77uDyMV00Lo9Xi94Mcar8Rx3TtAAwmpFjFVdnctlEIPizaVepyZgp7Jm4eDhy3v63NOhvKICJ9OHQqtNZTerBL6bjTUNtKCg0MgHkS%2BLkHLh36kMfs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3888000
cf-ray
6919e4d42de33a2f-CDG
expires
Thu, 28 Oct 2021 13:06:06 GMT
all.js
grand-chang.top/wp-content/themes/exchangeboxtheme2/js/ 		2 KB
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://grand-chang.top/wp-content/themes/exchangeboxtheme2/js/all.js?ver=1.0
Requested by
Host: grand-chang.top
URL: https://grand-chang.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7299291b90162227d949c4683c7f118c3ee3673455d9de62ebfae1058abe74d1

Request headers

:path
/wp-content/themes/exchangeboxtheme2/js/all.js?ver=1.0
pragma
no-cache
cookie
PHPSESSID=2e18023142d0b8085965f03ba8f9e159
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
grand-chang.top
referer
https://grand-chang.top/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590379
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 07 Aug 2015 18:40:02 GMT
server
cloudflare
etag
W/"55c4fb82-73c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sUGwifcWtKywcAYl%2Bt1l8p8Zq7ChG1hzspUZe9vf7ZyoJgxD0DRdv46CdQfqqunBTiSWvR1YJneqCYlmuddR3TtPHiF%2B%2FCArHRNOfASOOrmw7U7wc6lzD2VOqRnBskHBqLE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3888000
cf-ray
6919e4d42de53a2f-CDG
expires
Thu, 28 Oct 2021 13:06:06 GMT
js.php
grand-chang.top/wp-content/plugins/exchangebox/jsphp/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grand-chang.top/wp-content/plugins/exchangebox/jsphp/js.php?ver=1.0
Requested by
Host: grand-chang.top
URL: https://grand-chang.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.3.29
Resource Hash
63ba9d7223071fda16f9b2ed7a6f1bab6c391243c32f25738e6a6a18d0b10f90

Request headers

:path
/wp-content/plugins/exchangebox/jsphp/js.php?ver=1.0
pragma
no-cache
cookie
PHPSESSID=2e18023142d0b8085965f03ba8f9e159
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
grand-chang.top
referer
https://grand-chang.top/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Sep 2021 09:05:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.3.29
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aHfE3JqGDTTPBlSA6wGA7DUQJ%2FYaqhMIJVFDr63vC9x4PewmkNuRbkCcAoJQvvLPxHYo0%2BYkdQrLbJF4op%2BhD5FUIYjuSwoWxPshJseaWfyJ%2FXOiqYMkN4FcVMlTk%2BVmrlY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6919e4d42de63a2f-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
gray.css
grand-chang.top/wp-content/themes/exchangeboxtheme2/ 		2 KB
981 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://grand-chang.top/wp-content/themes/exchangeboxtheme2/gray.css
Requested by
Host: grand-chang.top
URL: https://grand-chang.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bcfce8d55157c45ecba6fc028b86b792dfa1691f1fa096497f031937fd4e8e5

Request headers

:path
/wp-content/themes/exchangeboxtheme2/gray.css
pragma
no-cache
cookie
PHPSESSID=2e18023142d0b8085965f03ba8f9e159
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
grand-chang.top
referer
https://grand-chang.top/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590380
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 09 Aug 2015 02:50:12 GMT
server
cloudflare
etag
W/"55c6bfe4-846"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YrqzLNjY4VRAN%2BIhhOC7K1%2BvR%2BJZJOYiJ%2FJxwIL6GrsCIl5G34jXnxXns1qCI4YGq9SYPySSMWWkqz0P468%2BQx7hN7P9%2FXRj1HD2oLsEBFq4YTuKdDIA1BP%2BunBAb2nFtL8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=3888000
cf-ray
6919e4d42de03a2f-CDG
expires
Thu, 28 Oct 2021 13:06:05 GMT
email-decode.min.js
grand-chang.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grand-chang.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: grand-chang.top
URL: https://grand-chang.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
PHPSESSID=2e18023142d0b8085965f03ba8f9e159
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
grand-chang.top
referer
https://grand-chang.top/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Sep 2021 09:29:40 GMT
server
cloudflare
etag
W/"61446004-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WaI%2Bz6SqN0KfJFHUjTRKxCCVTMOcIFyvnXqaB4pdYvplLx5UBjAd52rswltTelzTVnZx996ymuvFuwUszxOed7gy9Alz2k%2FLs4kmEyEM7L9JxdAj4ZRJuj6zYvZ2JEE40Yg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6919e4d42de73a2f-CDG
vary
Accept-Encoding
expires
Wed, 22 Sep 2021 09:05:45 GMT
wp-embed.min.js
grand-chang.top/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grand-chang.top/wp-includes/js/wp-embed.min.js?ver=4.4.1
Requested by
Host: grand-chang.top
URL: https://grand-chang.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
589a84de177852a12044bfd1abe2921522f5eccdb573d1c818cc13760b8faab0

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=4.4.1
pragma
no-cache
cookie
PHPSESSID=2e18023142d0b8085965f03ba8f9e159
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
grand-chang.top
referer
https://grand-chang.top/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590378
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 03 Dec 2015 17:17:26 GMT
server
cloudflare
etag
W/"56607926-5ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hIqY8%2BZX0cznq29hs5e3FQ%2BDCKn%2B2zVE%2BPYcjhHQpGYmowH8S8UdMGvO1VUmK3NzjeRjjPszHFY5K55Y%2FMBKVf91rIP5RsB%2BPnmmop6fxuTT3w3rbz3dK5Lt7JvIfK1%2F%2BaQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3888000
cf-ray
6919e4d42de83a2f-CDG
expires
Thu, 28 Oct 2021 13:06:07 GMT
dlogo.png
grand-chang.top/wp-content/themes/exchangeboxtheme2/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grand-chang.top/wp-content/themes/exchangeboxtheme2/images/dlogo.png
Requested by
Host: grand-chang.top
URL: https://grand-chang.top/wp-content/themes/exchangeboxtheme2/style.css?ver=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e86f791007650d3bf94f17c849dd9dea638b558fc92d03f4a8480259fd270b76

Request headers

:path
/wp-content/themes/exchangeboxtheme2/images/dlogo.png
pragma
no-cache
cookie
PHPSESSID=2e18023142d0b8085965f03ba8f9e159
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
grand-chang.top
referer
https://grand-chang.top/wp-content/themes/exchangeboxtheme2/style.css?ver=1.0
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/wp-content/themes/exchangeboxtheme2/style.css?ver=1.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590378
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2197
last-modified
Tue, 25 Nov 2014 07:23:34 GMT
server
cloudflare
etag
"54742e76-895"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fq%2FA8HKFtonYRIqa29i5WvFV944w7Vv0GEs8C2e3Gd2WpKIYLhW74RcJ2wukYSKe0i7UN5yoKGOUoaSVyZ32SlgUm8ni4CwJ2A%2F4uUiwrn5NTfR%2BbnAYNXLnzT%2BaDgV8Z8k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=3888000
accept-ranges
bytes
cf-ray
6919e4d56dae3ba3-CDG
expires
Thu, 28 Oct 2021 13:06:07 GMT
icq2.png
grand-chang.top/wp-content/themes/exchangeboxtheme2/images/ 		655 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grand-chang.top/wp-content/themes/exchangeboxtheme2/images/icq2.png
Requested by
Host: grand-chang.top
URL: https://grand-chang.top/wp-content/themes/exchangeboxtheme2/gray.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0182e3aa9f3d1380fdae6abcab9429fba9845af979994b7abbd9cb3db2bd470

Request headers

:path
/wp-content/themes/exchangeboxtheme2/images/icq2.png
pragma
no-cache
cookie
PHPSESSID=2e18023142d0b8085965f03ba8f9e159
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
grand-chang.top
referer
https://grand-chang.top/wp-content/themes/exchangeboxtheme2/gray.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/wp-content/themes/exchangeboxtheme2/gray.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590378
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
655
last-modified
Sun, 12 Sep 2021 19:09:25 GMT
server
cloudflare
etag
"613e5065-28f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2SZfNyEJsJmHQv8R9JnR6K7q1TeiuJWGK6dDumgw2yy30jo1tdt9mLGcEWRoVO3xHuyQrg32AV0nR8755q5%2FVcwv5ENwbiDzmuiNOvzPcMm88Ktxb7WQaupOciSfyWprDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=3888000
accept-ranges
bytes
cf-ray
6919e4d56db03ba3-CDG
expires
Thu, 28 Oct 2021 13:06:07 GMT
email2.png
grand-chang.top/wp-content/themes/exchangeboxtheme2/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grand-chang.top/wp-content/themes/exchangeboxtheme2/images/email2.png
Requested by
Host: grand-chang.top
URL: https://grand-chang.top/wp-content/themes/exchangeboxtheme2/gray.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b65664d893902e7a0295c275806fd0f0b99f14354edabe24121a9a908b5e702

Request headers

:path
/wp-content/themes/exchangeboxtheme2/images/email2.png
pragma
no-cache
cookie
PHPSESSID=2e18023142d0b8085965f03ba8f9e159
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
grand-chang.top
referer
https://grand-chang.top/wp-content/themes/exchangeboxtheme2/gray.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/wp-content/themes/exchangeboxtheme2/gray.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590377
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1585
last-modified
Tue, 25 Nov 2014 07:45:52 GMT
server
cloudflare
etag
"547433b0-631"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aY5F2R9LG4rnr8oE%2FK1rkhQGqV3q%2BoE5%2F7kSJITY0Il5YHd0kJTWNZ2t%2BbBsKQ%2B1CRepU%2B3VnQaSRHQJJUS7LiC08IyiCPl%2F3B6n49ZzuC7h1%2BKrepSIY7T1OjvhOAdNwFE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=3888000
accept-ranges
bytes
cf-ray
6919e4d56db33ba3-CDG
expires
Thu, 28 Oct 2021 13:06:08 GMT
tel.png
grand-chang.top/wp-content/themes/exchangeboxtheme2/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grand-chang.top/wp-content/themes/exchangeboxtheme2/images/tel.png
Requested by
Host: grand-chang.top
URL: https://grand-chang.top/wp-content/themes/exchangeboxtheme2/style.css?ver=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff821416c23568b3f5cfe2d0be63eed995de1bcde4e81c2f60a822bd09a92aa7

Request headers

:path
/wp-content/themes/exchangeboxtheme2/images/tel.png
pragma
no-cache
cookie
PHPSESSID=2e18023142d0b8085965f03ba8f9e159
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
grand-chang.top
referer
https://grand-chang.top/wp-content/themes/exchangeboxtheme2/style.css?ver=1.0
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/wp-content/themes/exchangeboxtheme2/style.css?ver=1.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590377
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1248
last-modified
Tue, 25 Nov 2014 11:30:08 GMT
server
cloudflare
etag
"54746840-4e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99ftniatz3rwjR5COwVcFcvFRs7kPkOaRk6j6P%2FqNpmwLMCtgK5cbmigiGQFJ4d17gM4sltDX3VzL7dpo%2BMhTyFSsdnUb4CeYXKU3m8z6p20MwMUJwHHQxdfht3vK%2F%2FYpl8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=3888000
accept-ranges
bytes
cf-ray
6919e4d56db63ba3-CDG
expires
Thu, 28 Oct 2021 13:06:08 GMT
marr3.png
grand-chang.top/wp-content/themes/exchangeboxtheme2/images/ 		1007 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grand-chang.top/wp-content/themes/exchangeboxtheme2/images/marr3.png
Requested by
Host: grand-chang.top
URL: https://grand-chang.top/wp-content/themes/exchangeboxtheme2/gray.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a93af06689ccb40ecf3a7947165d72d18cacc94d54ecc7d84718bff64307637

Request headers

:path
/wp-content/themes/exchangeboxtheme2/images/marr3.png
pragma
no-cache
cookie
PHPSESSID=2e18023142d0b8085965f03ba8f9e159
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
grand-chang.top
referer
https://grand-chang.top/wp-content/themes/exchangeboxtheme2/gray.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/wp-content/themes/exchangeboxtheme2/gray.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6372
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1007
last-modified
Tue, 25 Nov 2014 12:17:12 GMT
server
cloudflare
etag
"54747348-3ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0enqcQ10%2FphsdSDJHqDRPhfrULUq9X9QsQ2mUPehV5tP%2Fvw7Sf%2F2jZXB%2FIniW5rSe7bvVJ9vlfEr%2FyYpcO2ezkQCzuhHiOt8rgNE1OMMXjoEtX6H5COAIkf9%2F0k%2BOhQx1Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=3888000
accept-ranges
bytes
cf-ray
6919e4d56db73ba3-CDG
expires
Thu, 04 Nov 2021 07:19:33 GMT
payeer-3.png
grand-chang.top/wp-content/uploads/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grand-chang.top/wp-content/uploads/payeer-3.png
Requested by
Host: grand-chang.top
URL: https://grand-chang.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4e28361f599f2dbf676ab23fdd85cb5451999b3e4cef8a57c96c686b1887492

Request headers

:path
/wp-content/uploads/payeer-3.png
pragma
no-cache
cookie
PHPSESSID=2e18023142d0b8085965f03ba8f9e159
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
grand-chang.top
referer
https://grand-chang.top/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590377
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2747
last-modified
Thu, 09 Sep 2021 18:04:24 GMT
server
cloudflare
etag
"613a4ca8-abb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsOzbAi3KFnhV%2BfnhxIZAVG94OapBbnYxKYsa1seNxnkceJM6ohhB2ilRf06MUM2wl2XkN3p2pdeL%2BrjEoRcDXHDuc8kLd2wfMpQYQlB6t0xs3Cu%2Bkf2oGmrkF126mB6Hh0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=3888000
accept-ranges
bytes
cf-ray
6919e4d56db93ba3-CDG
expires
Thu, 28 Oct 2021 13:06:08 GMT
qw.png
grand-chang.top/images/payment_icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grand-chang.top/images/payment_icons/qw.png
Requested by
Host: grand-chang.top
URL: https://grand-chang.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8e34dbde5ff3af546278ab96890cf57762a852fdd8ad692df8a317c6b972016

Request headers

:path
/images/payment_icons/qw.png
pragma
no-cache
cookie
PHPSESSID=2e18023142d0b8085965f03ba8f9e159
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
grand-chang.top
referer
https://grand-chang.top/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590377
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1615
last-modified
Thu, 30 May 2013 07:24:40 GMT
server
cloudflare
etag
"51a6feb8-64f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=diCjBRLJtoifNpcJ1roEocQGjLZUwQGOMkE4sZpMrts02mpXLM3ahJ6MpGcFBRUPKdcoFxCLOdNiNtX%2FFGjMJc%2FHEVVFHKqJ8EpEdSVewtGlf1OpIxRvEs%2F0l43fTIWjapg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=3888000
accept-ranges
bytes
cf-ray
6919e4d57dbe3ba3-CDG
expires
Thu, 28 Oct 2021 13:06:08 GMT
sb.png
grand-chang.top/images/payment_icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grand-chang.top/images/payment_icons/sb.png
Requested by
Host: grand-chang.top
URL: https://grand-chang.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
442d01674cf6fc0655a92f020646443283dce4191906f032334bb631bc3b5d21

Request headers

:path
/images/payment_icons/sb.png
pragma
no-cache
cookie
PHPSESSID=2e18023142d0b8085965f03ba8f9e159
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
grand-chang.top
referer
https://grand-chang.top/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
351251
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1761
last-modified
Fri, 17 May 2013 06:17:58 GMT
server
cloudflare
etag
"5195cb96-6e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBbdKZBh0KujLg6Kw%2BfHGmrcxbIzfKw%2BuTd6%2FN0s2eKqHrFNhsJjiLBNNS4GpsYUinEO4XF3eL1ns4%2F6TDui18OhtXoPwFs8gi6eT98zUE3VVXIvd7xAeeOrsO8%2FJOtqD4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=3888000
accept-ranges
bytes
cf-ray
6919e4d57dc23ba3-CDG
expires
Sun, 31 Oct 2021 07:31:34 GMT
prv24.png
grand-chang.top/images/payment_icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grand-chang.top/images/payment_icons/prv24.png
Requested by
Host: grand-chang.top
URL: https://grand-chang.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13bafb1b98fc6f5ee48573b8e7c9307b13004f7f25657097aec5cff289b8be5c

Request headers

:path
/images/payment_icons/prv24.png
pragma
no-cache
cookie
PHPSESSID=2e18023142d0b8085965f03ba8f9e159
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
grand-chang.top
referer
https://grand-chang.top/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590377
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1554
last-modified
Fri, 17 May 2013 06:18:16 GMT
server
cloudflare
etag
"5195cba8-612"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PreQik7B1uMAkal5436MYKiWBmEhGEm%2B%2Fvus54b1CUbR2uFO%2Fr7iG%2FWRehV2Ys9VcClOSpU8QWJQrYruqkgrm5gWuxJ%2FOTMAEWd11cJd8Ea1K8cBgR2UaNwotFTm2s4rQYo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=3888000
accept-ranges
bytes
cf-ray
6919e4d57dc43ba3-CDG
expires
Thu, 28 Oct 2021 13:06:08 GMT
vm.png
grand-chang.top/wp-content/uploads/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grand-chang.top/wp-content/uploads/vm.png
Requested by
Host: grand-chang.top
URL: https://grand-chang.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18a061fbcfdc987e160f403a93ca43ae37c524e32c0e91495059930abec63386

Request headers

:path
/wp-content/uploads/vm.png
pragma
no-cache
cookie
PHPSESSID=2e18023142d0b8085965f03ba8f9e159
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
grand-chang.top
referer
https://grand-chang.top/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590377
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1454
last-modified
Sun, 12 Sep 2021 18:38:19 GMT
server
cloudflare
etag
"613e491b-5ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VnIgZgRh0KBlki9Fuc3i%2B5toWCWCBx%2Ferzp6zzb0kqxWgPSqnq9ky01l9tF3qTAYzBo6PVzDgvenkcNDkopJxdYggY0jHRn7gi3VxdN2FDTavEq%2Bl40clDjsby1aV3pOQ20%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=3888000
accept-ranges
bytes
cf-ray
6919e4d57dc63ba3-CDG
expires
Thu, 28 Oct 2021 13:06:08 GMT
adw.png
grand-chang.top/wp-content/uploads/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grand-chang.top/wp-content/uploads/adw.png
Requested by
Host: grand-chang.top
URL: https://grand-chang.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09968840d4eeaa32ff6cd30436bcda2c59cdac9ac0320fe00fcd9787158f0b84

Request headers

:path
/wp-content/uploads/adw.png
pragma
no-cache
cookie
PHPSESSID=2e18023142d0b8085965f03ba8f9e159
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
grand-chang.top
referer
https://grand-chang.top/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590377
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1600
last-modified
Thu, 09 Sep 2021 18:02:46 GMT
server
cloudflare
etag
"613a4c46-640"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6rfB%2BS558H0fdFjlCK5Z42yLdeIAl2UfzufVD1ztYFohC2WAF%2F2eZOLxXjQZVk5FRghgSUAvAyvDvgyaGcCuJh%2B%2B73zaIYHXLG%2BSQuIFfrN8UsRkNAQkAiyfTHEwJG%2BFzZE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=3888000
accept-ranges
bytes
cf-ray
6919e4d57dc93ba3-CDG
expires
Thu, 28 Oct 2021 13:06:08 GMT
pfm.png
grand-chang.top/images/payment_icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grand-chang.top/images/payment_icons/pfm.png
Requested by
Host: grand-chang.top
URL: https://grand-chang.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cc6d0d0c656e4703294c92c25568d829348cd0a0acd2679fde302fbe578cb57

Request headers

:path
/images/payment_icons/pfm.png
pragma
no-cache
cookie
PHPSESSID=2e18023142d0b8085965f03ba8f9e159
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
grand-chang.top
referer
https://grand-chang.top/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590376
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1378
last-modified
Fri, 17 May 2013 06:17:48 GMT
server
cloudflare
etag
"5195cb8c-562"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2FkBlUPcGb65tnt6PlKiYaxdRuqTr9T5tzzsM5Z3karJkGIXOBh4bWdkBwd%2BuAu4aMn5Mggxj6ucEdrNR6C%2FWoeck56x5DGpKN905N7O205e2CLvtFL5utQnhztcvRq%2F6xQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=3888000
accept-ranges
bytes
cf-ray
6919e4d57dca3ba3-CDG
expires
Thu, 28 Oct 2021 13:06:08 GMT
yd.png
grand-chang.top/images/payment_icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grand-chang.top/images/payment_icons/yd.png
Requested by
Host: grand-chang.top
URL: https://grand-chang.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47125a6c3d6d781efc84fc5f19e1e0729581b5992d54d634dfdc6c3a27fad621

Request headers

:path
/images/payment_icons/yd.png
pragma
no-cache
cookie
PHPSESSID=2e18023142d0b8085965f03ba8f9e159
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
grand-chang.top
referer
https://grand-chang.top/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590376
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1153
last-modified
Thu, 30 May 2013 07:22:56 GMT
server
cloudflare
etag
"51a6fe50-481"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJ4y3loU1yiGjIH3F3S9mjSs76vshwQWflkrO%2Bt2KYCOOWw5mRNQI5OQzAhaLdTFQo7TOxV5dGXrWnNYjdYUPbkojDQXlb7cwE84prNJZ1puhRFrS0YbV4uRW8F1cH9OYAM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=3888000
accept-ranges
bytes
cf-ray
6919e4d57dcf3ba3-CDG
expires
Thu, 28 Oct 2021 13:06:09 GMT
mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C700italic%2C400%2C300%2C600%2C700&subset=latin%2Ccyrillic-ext%2Ccyrillic&ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://grand-chang.top
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:57:15 GMT
x-content-type-options
nosniff
age
565710
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:22:57 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 19:57:15 GMT
mem8YaGs126MiZpBA-UFUZ0bbck.woff2
fonts.gstatic.com/s/opensans/v23/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFUZ0bbck.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C700italic%2C400%2C300%2C600%2C700&subset=latin%2Ccyrillic-ext%2Ccyrillic&ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
547ded99e5139a10d4145e6e5c62ce35fa03495f625ee8d1e457011408428154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://grand-chang.top
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 15:10:26 GMT
x-content-type-options
nosniff
age
582919
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9400
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:16 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 15:10:26 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C700italic%2C400%2C300%2C600%2C700&subset=latin%2Ccyrillic-ext%2Ccyrillic&ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://grand-chang.top
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 14:18:31 GMT
x-content-type-options
nosniff
age
67634
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:25 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 19 Sep 2022 14:18:31 GMT
mem5YaGs126MiZpBA-UNirkOVuhpOqc.woff2
fonts.gstatic.com/s/opensans/v23/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UNirkOVuhpOqc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C700italic%2C400%2C300%2C600%2C700&subset=latin%2Ccyrillic-ext%2Ccyrillic&ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
460b265f6b87442ce02adfe558f1bb4bac1af371b36a1d2c4d0bbf4b6f11e265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://grand-chang.top
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 07:45:50 GMT
x-content-type-options
nosniff
age
263995
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9604
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:24:07 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Sep 2022 07:45:50 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C700italic%2C400%2C300%2C600%2C700&subset=latin%2Ccyrillic-ext%2Ccyrillic&ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://grand-chang.top
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 15:22:16 GMT
x-content-type-options
nosniff
age
582209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14956
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 15:22:16 GMT
mem5YaGs126MiZpBA-UN_r8OVuhpOqc.woff2
fonts.gstatic.com/s/opensans/v23/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN_r8OVuhpOqc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C700italic%2C400%2C300%2C600%2C700&subset=latin%2Ccyrillic-ext%2Ccyrillic&ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
baa1087a72ec2a36cd6fcaeae786064d4041792df022b8e73cd628cb1c7804ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://grand-chang.top
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 07:28:50 GMT
x-content-type-options
nosniff
age
5815
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9588
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:22:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 Sep 2022 07:28:50 GMT
1f0oj3cm6
embed.tawk.to/604e2133f7ce1827092ff17d/ 		2 KB
981 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/604e2133f7ce1827092ff17d/1f0oj3cm6
Requested by
Host: grand-chang.top
URL: https://grand-chang.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be19fe20f4e0ed4d3a0c96303dfbc34e6cca5f10ddb119013a6012e2a974a113
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://grand-chang.top/
Origin
https://grand-chang.top
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
age
127
etag
W/"stable-v4-61483167bf6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=3600
strict-transport-security
max-age=0; includeSubDomains; preload
cf-ray
6919e4d5ce99c49a-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wliarr3.png
grand-chang.top/wp-content/themes/exchangeboxtheme2/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grand-chang.top/wp-content/themes/exchangeboxtheme2/images/wliarr3.png
Requested by
Host: grand-chang.top
URL: https://grand-chang.top/wp-content/themes/exchangeboxtheme2/gray.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.36.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
048bda19c7050b3e3b275df5cbb850dfbcfe5154da08e2857ad59619d2dd42db

Request headers

:path
/wp-content/themes/exchangeboxtheme2/images/wliarr3.png
pragma
no-cache
cookie
PHPSESSID=2e18023142d0b8085965f03ba8f9e159
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
grand-chang.top
referer
https://grand-chang.top/wp-content/themes/exchangeboxtheme2/gray.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/wp-content/themes/exchangeboxtheme2/gray.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
590376
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1091
last-modified
Tue, 25 Nov 2014 12:36:04 GMT
server
cloudflare
etag
"547477b4-443"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NUceBBsEYZhVgdL1pkhwIzC1Mr%2F7o6zd3jxRLDN%2BnQvUSAENiCWvj1FlZD9ZByPv5%2B4Iuar0vkLLM4O%2Bih8C7jSEKiPvuxsBmz6E67MRiQ%2FKwwEb3zGpK5nxObkL1oF8CbU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=3888000
accept-ranges
bytes
cf-ray
6919e4d59e083ba3-CDG
expires
Thu, 28 Oct 2021 13:06:09 GMT
twk-main.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		121 B
468 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-main.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/604e2133f7ce1827092ff17d/1f0oj3cm6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://grand-chang.top/
Origin
https://grand-chang.top
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
127
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"da5bb1dc647470204df0e49f5afac2de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6919e4d65b1dfafa-DUS
twk-vendor.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-vendor.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/604e2133f7ce1827092ff17d/1f0oj3cm6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://grand-chang.top/
Origin
https://grand-chang.top
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
128
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"7dcb496e4882926f93f2e73fa87062c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6919e4d65b20fafa-DUS
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		191 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-vendors.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/604e2133f7ce1827092ff17d/1f0oj3cm6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ee71aa15bd6f5e9f650cb2fd28073635fe050d7e71b61a7dae31094f5466236
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://grand-chang.top/
Origin
https://grand-chang.top
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
127
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"f5397b5e368531031773bbfe6ac26ab8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6919e4d65b22fafa-DUS
twk-chunk-common.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		136 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-common.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/604e2133f7ce1827092ff17d/1f0oj3cm6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
509e2fdc820147df1cdc5f27fca75ad561761f95af1b68faab42160013f8f2c3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://grand-chang.top/
Origin
https://grand-chang.top
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
127
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"9bc7c334899155070faef320af658bae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6919e4d65b25fafa-DUS
twk-runtime.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/604e2133f7ce1827092ff17d/1f0oj3cm6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
631105904eaf607e58b401a5bb1b8cf111d9c22e0576a6571cb39077aaac3211
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://grand-chang.top/
Origin
https://grand-chang.top
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
127
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"c9988f3f6096def2f280e804e16e18fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6919e4d65b18fafa-DUS
twk-app.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		151 B
528 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/604e2133f7ce1827092ff17d/1f0oj3cm6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://grand-chang.top/
Origin
https://grand-chang.top
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
127
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"e736e189edb5d0d9d5b8e7f23dd9114a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6919e4d65b27fafa-DUS
register
va.tawk.to/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/register
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
513efd5250d6d386f2196fba0b8bf611509a61b6cb13aa0ce34f9c4d450df6a1
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://grand-chang.top/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 20 Sep 2021 09:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
visitor-application-preemptive-9ls9
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://grand-chang.top
vary
Accept-Encoding
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
6919e4d74e31c4db-DUS
access-control-allow-headers
content-type,x-tawk-token
widget-settings
va.tawk.to/v1/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=604e2133f7ce1827092ff17d&widgetId=1f0oj3cm6&sv=undefined
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3a510f5d1e0fda36e0e4cec5beba8c13837afcbbafc0bcc76ce6bae09688c2a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
127
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
visitor-application-preemptive-4l9r
server
cloudflare
etag
W/"2-13-0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=7200, s-maxage=1800
cf-ray
6919e4d708b3c49a-DUS
access-control-allow-headers
content-type,x-tawk-token
ru.js
embed.tawk.to/_s/v4/app/61483167bf6/languages/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/languages/ru.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc671344a1044bbea4beeca56681e06adfc9c735e3dabb982c4e3729831868de
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7414
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"8804bd75220a4bb0a256b02be13f3430"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6919e4d74a75faf6-DUS
twk-chunk-2d0d2b7c.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-2d0d2b7c.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0258bf0904baa243eb5f64f1607f3f568ac3aa3290b3f50f673968c71344c37d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7426
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"722cffb3daa1570354cb1b80cb4846c1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6919e4d8add3faf6-DUS
twk-chunk-2d224aff.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-2d224aff.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51aebceae05d7c7bc2c7b6e081db6f193051f6da42db106e6190a327bfec3887
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7426
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"6da1d3fedb4f02e72841b12ea46a3b69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6919e4d8add8faf6-DUS
twk-chunk-f1596d96.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-f1596d96.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f2dd287b85e6611792422486676043848792c63fd5d37551f4b1de8575bcdb3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7425
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"39ad72483ef8e38d00f38e474d3165a6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6919e4d8addcfaf6-DUS
twk-chunk-48f46bef.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-48f46bef.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d30ff127c1558967e1b8b2ff4c67587c79fef936b5b0ca61a6f8ea02c7d4415
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7426
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"dff7e7b637ab438f5f1b10264d56ebca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6919e4d8bdeffaf6-DUS
twk-chunk-4fe9d5dd.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		942 B
816 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-4fe9d5dd.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7425
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"5f434bdd806571a4e1b385bee9316ff6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6919e4d8bdf6faf6-DUS
twk-chunk-2d0b9454.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		546 B
705 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-2d0b9454.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7425
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"09c3819d373bd4178a620d721429fada"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6919e4d8bdfbfaf6-DUS
twk-chunk-f163fcd0.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-f163fcd0.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf64b7caeb2a605264e93f82d9316b04b5cea1983aaf982020ae3ea6bd836ee8
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7425
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"bd8b7745dd473d1c97cf29616df94bd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6919e4d8be01faf6-DUS
twk-chunk-35f53b3a.js
embed.tawk.to/_s/v4/app/61483167bf6/js/ 		64 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-35f53b3a.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78df5371e5481796ff1ab16bd1f6e74fd2feffc1224680500aee2155589ac3cf
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7426
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:03 GMT
server
cloudflare
etag
W/"4f52ca0830a3e9c2a1955d242f03a199"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6919e4d8be03faf6-DUS
/
vsb97.tawk.to/s/ 		101 B
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsb97.tawk.to/s/?k=61484eeab63ea377fc442e8d&cver=0&pop=false&asver=28137&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MDRlMjEzM2Y3Y2UxODI3MDkyZmYxN2QiLCJ2aWQiOiJiNDMwMjIxMTI3MDA3OTNmMjZlMjUxYzQ5MDM1NmQyN2NhMjRiNzY1ZjUzOTFlMWI0YmIzMDMyOTk2OGJhZGIwIiwiaWF0IjoxNjMyMTI4NzQ2LCJleHAiOjE2MzIxMzA1NDYsImp0aSI6IjVQc1E2cmJKcnpfNWhsV1FCX2lBeCJ9.o1wZm4d5vQfn_jcVDNo4X_lqppKSqd7pzMYJilNo_knd1jryZz29KGrppvo5QA3hWxXa_tC_-o6sDqVl_2W0Qw&EIO=3&transport=polling&__t=Nm2T4Dg
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bf5793d2e02fa8e6929a4809e83319e0f2db207be5ef521cc7d2de2fe6f4ee8
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:46 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://grand-chang.top
access-control-allow-credentials
true
cf-ray
6919e4d8d993c4db-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
101
min-widget.css
embed.tawk.to/_s/v4/app/61483167bf6/css/ Frame A3A0 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/css/min-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-2d0d2b7c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34533e0e1da75160a7daf8a64a6c8e84d3ee9b9265695cfdf0ce3ce7ccac0139
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7424
cf-polished
origSize=25050
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:02 GMT
server
cloudflare
etag
W/"ca07acfc9643befa104a07a93067f7c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6919e4d8fe9efaf6-DUS
cf-bgj
minify
bubble-widget.css
embed.tawk.to/_s/v4/app/61483167bf6/css/ Frame A518 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/css/bubble-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-2d0d2b7c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7423
cf-polished
origSize=13594
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:02 GMT
server
cloudflare
etag
W/"ce7913b80c763449b3895d46419f7a6b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6919e4d90ed1faf6-DUS
cf-bgj
minify
message-preview.css
embed.tawk.to/_s/v4/app/61483167bf6/css/ Frame 4AEB 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/css/message-preview.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-2d0d2b7c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c441a4185403c04c6660b68f8e08dbb2c1006c6a0f792fd454216a35b73fc867
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7424
cf-polished
origSize=37650
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:02 GMT
server
cloudflare
etag
W/"792b46302ed8c4acdf03169ba30069fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6919e4d91eeefaf6-DUS
cf-bgj
minify
max-widget.css
embed.tawk.to/_s/v4/app/61483167bf6/css/ Frame BD89 		72 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/61483167bf6/css/max-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-2d0d2b7c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e21c61919ec004e9d18cfb704145ae487ec9add63437f5b09d84aa04944db103
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
7423
cf-polished
origSize=73817
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 20 Sep 2021 07:01:02 GMT
server
cloudflare
etag
W/"892ddb1a25ecef753428866428aea000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6919e4d92f12faf6-DUS
cf-bgj
minify
css
fonts.googleapis.com/ Frame A3A0 		7 KB
591 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/css/min-widget.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://embed.tawk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 09:03:29 GMT
server
ESF
date
Mon, 20 Sep 2021 09:05:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Sep 2021 09:05:46 GMT
168-r-br.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame A518 		22 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed.tawk.to/_s/v4/assets/images/attention-grabbers/168-r-br.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2215311
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 22 May 2021 07:25:19 GMT
server
cloudflare
etag
W/"f66e029841759471d2ec78b86760dca7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
image/svg+xml
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6919e4d93f2cfaf6-DUS
tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame A518 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/assets/fonts/tawk-font-icon-2.woff2?55755728=
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/css/bubble-widget.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://embed.tawk.to/_s/v4/app/61483167bf6/css/bubble-widget.css
Origin
https://grand-chang.top
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:46 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
127
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10520
last-modified
Sat, 22 May 2021 07:25:13 GMT
server
cloudflare
etag
"054b3b66812d0a4b87ffc6776f0a42f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
font/woff2
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
accept-ranges
bytes
cf-ray
6919e4d9394cfafa-DUS
css
fonts.googleapis.com/ Frame BD89 		7 KB
591 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/css/max-widget.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://embed.tawk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 08:56:45 GMT
server
ESF
date
Mon, 20 Sep 2021 09:05:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Sep 2021 09:05:46 GMT
css
fonts.googleapis.com/ Frame 4AEB 		7 KB
591 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/css/message-preview.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://embed.tawk.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 09:01:19 GMT
server
ESF
date
Mon, 20 Sep 2021 09:05:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Sep 2021 09:05:46 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ Frame A3A0 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://grand-chang.top
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 15:11:30 GMT
x-content-type-options
nosniff
age
582856
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 15:11:30 GMT
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 		295 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
2511323
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
53889
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
x-served-by
cache-fra19134-FRA, cache-hhn4052-HHN
date
Mon, 20 Sep 2021 09:05:46 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
/
vsb97.tawk.to/s/ 		77 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsb97.tawk.to/s/?k=61484eeab63ea377fc442e8d&cver=0&pop=false&asver=28137&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MDRlMjEzM2Y3Y2UxODI3MDkyZmYxN2QiLCJ2aWQiOiJiNDMwMjIxMTI3MDA3OTNmMjZlMjUxYzQ5MDM1NmQyN2NhMjRiNzY1ZjUzOTFlMWI0YmIzMDMyOTk2OGJhZGIwIiwiaWF0IjoxNjMyMTI4NzQ2LCJleHAiOjE2MzIxMzA1NDYsImp0aSI6IjVQc1E2cmJKcnpfNWhsV1FCX2lBeCJ9.o1wZm4d5vQfn_jcVDNo4X_lqppKSqd7pzMYJilNo_knd1jryZz29KGrppvo5QA3hWxXa_tC_-o6sDqVl_2W0Qw&EIO=3&transport=polling&__t=Nm2T4MC.0&sid=ZGZYYa-0Lt2AeieklZ__
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-vendors.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96ba1343b6baf46fdb90a289bb75ef329721959526defdac0a74089716d21c2e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:47 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://grand-chang.top
access-control-allow-credentials
true
cf-ray
6919e4dc1d0cfaf6-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
77
v3
va.tawk.to/log-performance/ 		5 B
384 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://grand-chang.top/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 20 Sep 2021 09:05:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
visitor-application-preemptive-81q1
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://grand-chang.top
vary
Accept-Encoding
access-control-allow-credentials
true
cf-ray
6919e4df3e54fafa-DUS
access-control-allow-headers
content-type,x-tawk-token
/
vsb97.tawk.to/s/ 		4 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsb97.tawk.to/s/?k=61484eeab63ea377fc442e8d&cver=0&pop=false&asver=28137&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MDRlMjEzM2Y3Y2UxODI3MDkyZmYxN2QiLCJ2aWQiOiJiNDMwMjIxMTI3MDA3OTNmMjZlMjUxYzQ5MDM1NmQyN2NhMjRiNzY1ZjUzOTFlMWI0YmIzMDMyOTk2OGJhZGIwIiwiaWF0IjoxNjMyMTI4NzQ2LCJleHAiOjE2MzIxMzA1NDYsImp0aSI6IjVQc1E2cmJKcnpfNWhsV1FCX2lBeCJ9.o1wZm4d5vQfn_jcVDNo4X_lqppKSqd7pzMYJilNo_knd1jryZz29KGrppvo5QA3hWxXa_tC_-o6sDqVl_2W0Qw&EIO=3&transport=polling&__t=Nm2T4T-&sid=ZGZYYa-0Lt2AeieklZ__
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/61483167bf6/js/twk-chunk-vendors.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.24.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://grand-chang.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 09:05:47 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
https://grand-chang.top
access-control-allow-credentials
true
cf-ray
6919e4df3bf8faf6-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery function| DP_jQuery_1632128745713 object| Tawk_API object| Tawk_LoadStart object| wp object| jQuery183038905294900741527 string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| regeneratorRuntime object| Tawk_Window object| emojione

5 Cookies

Domain/Path Name / Value
grand-chang.top/ Name: PHPSESSID
Value: 2e18023142d0b8085965f03ba8f9e159
va.tawk.to/ Name: ss
Value: g9twimbcgl
va.tawk.to/ Name: tawkUUID
Value: GqihBK7QMqkEZkOOIg3UuZUqrtE7X%2BlVZT9UnOmPOWVCdNorcPcXuPZfqjqkDhNh%7C%7C2
grand-chang.top/ Name: TawkConnectionTime
Value: 0
.grand-chang.top/ Name: __tawkuuid
Value: e::grand-chang.top::XL58FwB3EmtN8gdV1rU+BitqiVuvMEq+mIVdC73Cs95EJ55Qld1gOCKkXzLAbW6H::2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
grand-chang.top
va.tawk.to
vsb97.tawk.to
104.21.36.183
104.22.24.131
142.250.186.170
142.250.74.195
151.101.1.229
0258bf0904baa243eb5f64f1607f3f568ac3aa3290b3f50f673968c71344c37d
048bda19c7050b3e3b275df5cbb850dfbcfe5154da08e2857ad59619d2dd42db
09968840d4eeaa32ff6cd30436bcda2c59cdac9ac0320fe00fcd9787158f0b84
0b65664d893902e7a0295c275806fd0f0b99f14354edabe24121a9a908b5e702
0bf5793d2e02fa8e6929a4809e83319e0f2db207be5ef521cc7d2de2fe6f4ee8
13bafb1b98fc6f5ee48573b8e7c9307b13004f7f25657097aec5cff289b8be5c
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
18a061fbcfdc987e160f403a93ca43ae37c524e32c0e91495059930abec63386
193075df6eb8b3fe59d6bb17e5bf5bc9cebc717f31f07a29e898cc63d63d69f9
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c109dc4b41df91368d22ad30014165fdc8c6129ebb8acf378bba4130f2ec986
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
34533e0e1da75160a7daf8a64a6c8e84d3ee9b9265695cfdf0ce3ce7ccac0139
3a16fd80d67008f1c947cf93ebb20e2af2ed1a6317e194d35ed15046076c4211
442d01674cf6fc0655a92f020646443283dce4191906f032334bb631bc3b5d21
460b265f6b87442ce02adfe558f1bb4bac1af371b36a1d2c4d0bbf4b6f11e265
47125a6c3d6d781efc84fc5f19e1e0729581b5992d54d634dfdc6c3a27fad621
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
4d30ff127c1558967e1b8b2ff4c67587c79fef936b5b0ca61a6f8ea02c7d4415
509e2fdc820147df1cdc5f27fca75ad561761f95af1b68faab42160013f8f2c3
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
513efd5250d6d386f2196fba0b8bf611509a61b6cb13aa0ce34f9c4d450df6a1
51aebceae05d7c7bc2c7b6e081db6f193051f6da42db106e6190a327bfec3887
547ded99e5139a10d4145e6e5c62ce35fa03495f625ee8d1e457011408428154
589a84de177852a12044bfd1abe2921522f5eccdb573d1c818cc13760b8faab0
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
5ed6988cb4bf725b6d11c02a4553f179f4c8f770f8170edd5d62e888d1877695
631105904eaf607e58b401a5bb1b8cf111d9c22e0576a6571cb39077aaac3211
63ba9d7223071fda16f9b2ed7a6f1bab6c391243c32f25738e6a6a18d0b10f90
6a93af06689ccb40ecf3a7947165d72d18cacc94d54ecc7d84718bff64307637
6bcfce8d55157c45ecba6fc028b86b792dfa1691f1fa096497f031937fd4e8e5
6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89
6f2dd287b85e6611792422486676043848792c63fd5d37551f4b1de8575bcdb3
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
7299291b90162227d949c4683c7f118c3ee3673455d9de62ebfae1058abe74d1
78df5371e5481796ff1ab16bd1f6e74fd2feffc1224680500aee2155589ac3cf
7cc6d0d0c656e4703294c92c25568d829348cd0a0acd2679fde302fbe578cb57
7ee71aa15bd6f5e9f650cb2fd28073635fe050d7e71b61a7dae31094f5466236
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
96ba1343b6baf46fdb90a289bb75ef329721959526defdac0a74089716d21c2e
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
b8e34dbde5ff3af546278ab96890cf57762a852fdd8ad692df8a317c6b972016
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
baa1087a72ec2a36cd6fcaeae786064d4041792df022b8e73cd628cb1c7804ee
be19fe20f4e0ed4d3a0c96303dfbc34e6cca5f10ddb119013a6012e2a974a113
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c441a4185403c04c6660b68f8e08dbb2c1006c6a0f792fd454216a35b73fc867
c4e28361f599f2dbf676ab23fdd85cb5451999b3e4cef8a57c96c686b1887492
cf64b7caeb2a605264e93f82d9316b04b5cea1983aaf982020ae3ea6bd836ee8
e0182e3aa9f3d1380fdae6abcab9429fba9845af979994b7abbd9cb3db2bd470
e21c61919ec004e9d18cfb704145ae487ec9add63437f5b09d84aa04944db103
e3a510f5d1e0fda36e0e4cec5beba8c13837afcbbafc0bcc76ce6bae09688c2a
e86f791007650d3bf94f17c849dd9dea638b558fc92d03f4a8480259fd270b76
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f87153921ae6b43428f4cb607b862453667493c5cbf8eaded2c378c225e9a53f
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867
fc671344a1044bbea4beeca56681e06adfc9c735e3dabb982c4e3729831868de
ff821416c23568b3f5cfe2d0be63eed995de1bcde4e81c2f60a822bd09a92aa7