grozz2nd.letswinstuff.com Open in urlscan Pro
2606:4700:30::681c:e1c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sponsored.page.link/aldiINfr
Effective URL:
https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
Submission: On January 04 via api (January 4th 2020, 4:34:14 pm UTC) from BE

Summary HTTP 31 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 11 domains to perform 31 HTTP transactions. The main IP is 2606:4700:30::681c:e1c, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is grozz2nd.letswinstuff.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on August 23rd 2019. Valid for: a year.

This is the only time grozz2nd.letswinstuff.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	198.23.187.62 198.23.187.62	36352 (AS-COLOCR...) (AS-COLOCROSSING - ColoCrossing)
1 1	2606:4700:30:... 2606:4700:30::681f:5dcd	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
15	2606:4700:30:... 2606:4700:30::681c:e1c	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY - Fastly)
1	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1 - New Relic)
31	11

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

sponsored.page.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.23.187.62 (Buffalo, United States) 1 redirects

ASN36352 (AS-COLOCROSSING - ColoCrossing, US)
PTR: 198-23-187-62-host.dreamlineit.com

fndsdaytings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681f:5dcd (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

thispathtotheinternet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:30::681c:e1c (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

grozz2nd.letswinstuff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.20 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	letswinstuff.com grozz2nd.letswinstuff.com	493 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	56 KB
3	cloudflare.com cdnjs.cloudflare.com	46 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	fndsdaytings.com 1 redirects fndsdaytings.com	1 KB
1	nr-data.net bam.nr-data.net	261 B
1	newrelic.com js-agent.newrelic.com	9 KB
1	doubleclick.net stats.g.doubleclick.net	384 B
1	googleapis.com fonts.googleapis.com	877 B
1	thispathtotheinternet.com 1 redirects thispathtotheinternet.com	751 B
1	page.link sponsored.page.link	57 KB
31	11

	Domain	Requested by
15	grozz2nd.letswinstuff.com	fndsdaytings.com grozz2nd.letswinstuff.com
4	fonts.gstatic.com	sponsored.page.link grozz2nd.letswinstuff.com
3	cdnjs.cloudflare.com	grozz2nd.letswinstuff.com
2	www.google-analytics.com	1 redirects grozz2nd.letswinstuff.com
2	fndsdaytings.com	1 redirects
2	www.gstatic.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	grozz2nd.letswinstuff.com
1	stats.g.doubleclick.net	grozz2nd.letswinstuff.com
1	fonts.googleapis.com	grozz2nd.letswinstuff.com
1	thispathtotheinternet.com	1 redirects
1	sponsored.page.link
31	12

This site contains links to these domains. Also see Links.

Domain
signup4633.net

Subject Issuer	Validity	Valid
misc-sni.google.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-08-23` - `2020-08-22`	a year	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-05` - `2020-06-12`	6 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-04-10` - `2020-03-21`	a year	crt.sh
*.nr-data.net GeoTrust RSA CA 2018	`2018-01-11` - `2020-03-17`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
Frame ID: 41E6A858FDD3DF9DC18463126BFBCE4F
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://sponsored.page.link/aldiINfr Page URL
http://fndsdaytings.com/r/fe825d6a-6c91-4d43-b7cf-a2e6f91332f0/ Page URL
https://fndsdaytings.com/r2/fe825d6a-6c91-4d43-b7cf-a2e6f91332f0////ed21c1ff-19a0-421a-a1a4-6f89a889f... HTTP 302
https://thispathtotheinternet.com/?a=104&c=852&s1=1K2&s2=ed21c1ff-19a0-421a-a1a4-6f89a889f3b5 HTTP 302
https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2 Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

31
Requests

97 %
HTTPS

75 %
IPv6

11
Domains

12
Subdomains

11
IPs

3
Countries

681 kB
Transfer

1068 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://signup4633.net/
Title: Affiliates

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sponsored.page.link/aldiINfr Page URL
http://fndsdaytings.com/r/fe825d6a-6c91-4d43-b7cf-a2e6f91332f0/ Page URL
https://fndsdaytings.com/r2/fe825d6a-6c91-4d43-b7cf-a2e6f91332f0////ed21c1ff-19a0-421a-a1a4-6f89a889f3b5/?red_param_1=https%3A%2F%2Fsponsored.page.link%2F&fctr=0 HTTP 302
https://thispathtotheinternet.com/?a=104&c=852&s1=1K2&s2=ed21c1ff-19a0-421a-a1a4-6f89a889f3b5 HTTP 302
https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1834899315&t=pageview&_s=1&dl=https%3A%2F%2Fgrozz2nd.letswinstuff.com%2Fbe%2F%3Fo%3D845%26r%3Dh6a119298753o7l0%26a%3D104%26sa%3D1K2&dr=http%3A%2F%2Ffndsdaytings.com%2Fr%2Ffe825d6a-6c91-4d43-b7cf-a2e6f91332f0%2F&ul=en-us&de=UTF-8&dt=500%E2%82%AC%20pour%20ALDI!&sd=24-bit&sr=1600x1200&vp=1585x1185&je=0&_u=IGBACEABB~&jid=765317345&gjid=1599550782&cid=1783108824.1578155639&tid=UA-118120266-1&_gid=1053485326.1578155639&_r=1&z=1965391214 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-118120266-1&cid=1783108824.1578155639&jid=765317345&_gid=1053485326.1578155639&gjid=1599550782&_v=j79&z=1965391214

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 aldiINfr Show response
sponsored.page.link/ 168 KB
57 KB 167ms
135ms Document
text/html 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://sponsored.page.link/aldiINfr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

b92e78e9786d66623403df09c5f140f83ddb2111e72e38e548a10c1cf59c7f97

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-v7isqe5ZSR9dwXhqR41BkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-v7isqe5ZSR9dwXhqR41BkQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:method: GET
:authority: sponsored.page.link
:scheme: https
:path: /aldiINfr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User: ?1

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 Jan 2020 16:33:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-v7isqe5ZSR9dwXhqR41BkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-v7isqe5ZSR9dwXhqR41BkQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 m=wmwg8b
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.Y_NNwnhXY4E.es5.O/ck=boq-devplatform.DurableDeepLinkUi.zheRHwvmAvc.L.B1.O/am=BAI/d=1/exm=_b,_tp/excm=_b,_tp,view... 33 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.Y_NNwnhXY4E.es5.O/ck=boq-devplatform.DurableDeepLinkUi.zheRHwvmAvc.L.B1.O/am=BAI/d=1/exm=_b,_tp/excm=_b,_tp,viewddl/ed=1/wt=2/ct=zgms/rs=ADpVLP5SFjwLIG8WmLW0YjBTybbXwb6llg/m=wmwg8b

Requested by

Host:
URL: /_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.Y_NNwnhXY4E.es5.O/am=BAI/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP7Aw8O1D7Vm4_CB6WXH1-yC5Gh8bw/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sponsored.page.link/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 03 Jan 2020 21:06:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70060
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 12543
x-xss-protection: 0
last-modified: Fri, 03 Jan 2020 05:30:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Jan 2021 21:06:17 GMT

GET
H2 200 m=DvZ6Wd
www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.Y_NNwnhXY4E.es5.O/ck=boq-devplatform.DurableDeepLinkUi.zheRHwvmAvc.L.B1.O/am=BAI/d=1/exm=_b,_tp,wmwg8b/excm=_b,_... 15 KB
5 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.Y_NNwnhXY4E.es5.O/ck=boq-devplatform.DurableDeepLinkUi.zheRHwvmAvc.L.B1.O/am=BAI/d=1/exm=_b,_tp,wmwg8b/excm=_b,_tp,viewddl/ed=1/wt=2/ct=zgms/rs=ADpVLP5SFjwLIG8WmLW0YjBTybbXwb6llg/m=DvZ6Wd

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sponsored.page.link/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 03 Jan 2020 21:06:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70060
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5303
x-xss-protection: 0
last-modified: Fri, 03 Jan 2020 05:30:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Jan 2021 21:06:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ 10 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: sponsored.page.link
URL: https://sponsored.page.link/aldiINfr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://sponsored.page.link/
Origin: https://sponsored.page.link

Response headers

date: Thu, 21 Nov 2019 04:35:49 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 3844688
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10748
x-xss-protection: 0
expires: Fri, 20 Nov 2020 04:35:49 GMT

GET
H/1.1 200
OK /
fndsdaytings.com/r/fe825d6a-6c91-4d43-b7cf-a2e6f91332f0/ 731 B
893 B 361ms
206ms Document
text/html 198.23.187.62
ColoCrossing

General

Check archive.org

Show headers Download Go to

Full URL: http://fndsdaytings.com/r/fe825d6a-6c91-4d43-b7cf-a2e6f91332f0/
Requested by: Host:
URL: /_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.Y_NNwnhXY4E.es5.O/am=BAI/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP7Aw8O1D7Vm4_CB6WXH1-yC5Gh8bw/m=_b,_tp
Protocol: HTTP/1.1
Server: 198.23.187.62 Buffalo, United States, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS: 198-23-187-62-host.dreamlineit.com
Software: nginx /
Resource Hash

Request headers

Host: fndsdaytings.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://sponsored.page.link/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://sponsored.page.link/

Response headers

Server: nginx
Date: Sat, 04 Jan 2020 16:33:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: e7170bac-953b-4f2d-b349-d9e796f1a691=ed21c1ff-19a0-421a-a1a4-6f89a889f3b5; Version=1; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; Domain=fndsdaytings.com; Path=/ e7170bac-953b-4f2d-b349-d9e796f1a691-check=ed21c1ff-19a0-421a-a1a4-6f89a889f3b5; Version=1; Expires=Sat, 04-Jan-2020 16:43:57 GMT; Max-Age=600; Domain=fndsdaytings.com; Path=/
Cache-Control: no-cache
Expires: Sat, 04 Jan 2020 16:33:57 GMT
Content-Encoding: gzip

GET
H2

200

Primary Request / Show response
grozz2nd.letswinstuff.com/be/
Redirect Chain

https://fndsdaytings.com/r2/fe825d6a-6c91-4d43-b7cf-a2e6f91332f0////ed21c1ff-19a0-421a-a1a4-6f89a889f3b5/?red_param_1=https%3A%2F%2Fsponsored.page.link%2F&fctr=0
https://thispathtotheinternet.com/?a=104&c=852&s1=1K2&s2=ed21c1ff-19a0-421a-a1a4-6f89a889f3b5
https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2

25 KB
9 KB

151ms
93ms

Document
text/html

2606:4700:30::681c:e1c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
Requested by: Host: fndsdaytings.com
URL: http://fndsdaytings.com/r/fe825d6a-6c91-4d43-b7cf-a2e6f91332f0/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:e1c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 473b7462f856e776e54e9ed8416a99a8eac1abfecd5f12c726c45e5f5074a857

Request headers

:method: GET
:authority: grozz2nd.letswinstuff.com
:scheme: https
:path: /be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://fndsdaytings.com/r/fe825d6a-6c91-4d43-b7cf-a2e6f91332f0/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://fndsdaytings.com/r/fe825d6a-6c91-4d43-b7cf-a2e6f91332f0/

Response headers

status: 200
date: Sat, 04 Jan 2020 16:33:58 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=debcef9deb6647acca91473777ef6d1421578155638; expires=Mon, 03-Feb-20 16:33:58 GMT; path=/; domain=.letswinstuff.com; HttpOnly; SameSite=Lax PHPSESSID_MS=fsvsas6fmpskm4r7hgqblrdgu5; expires=Mon, 06-Jan-2020 16:33:58 GMT; Max-Age=172800; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 54fe9e052db36485-FRA
content-encoding: br

Redirect headers

status: 302
date: Sat, 04 Jan 2020 16:33:58 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=de1057d0badf2fc5238ebd0173c4de7a61578155638; expires=Mon, 03-Feb-20 16:33:58 GMT; path=/; domain=.thispathtotheinternet.com; HttpOnly; SameSite=Lax sq=ZVq5UcTm//a6PB5E/sb0cF/csnDpR/cEf4dZChKRlT/0ea/0uPxq0Q==; domain=.thispathtotheinternet.com; path=/; HttpOnly tfl=h/aQWQgP5KySYegiekhf8jZ5hR81God+k4jbAXoHDQ0O+JIb24ejMA==; domain=.thispathtotheinternet.com; expires=Sat, 04-Jan-2025 16:33:58 GMT; path=/; HttpOnly c845=ZVq5UcTm//Yeg84Xw53oPo7yuHq9MvEsaAojEICYWKTUL7Pfn4G+Jw==; domain=.thispathtotheinternet.com; expires=Mon, 03-Feb-2020 16:33:58 GMT; path=/; HttpOnly
cache-control: private
location: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 54fe9e040995d6b5-FRA

GET
H2 200 jquery.qtip.min.css
cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/ 9 KB
2 KB 28ms
26ms Stylesheet
text/css 2606:4700::6811:4004
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/jquery.qtip.min.css

Requested by

Host: grozz2nd.letswinstuff.com
URL: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1132573cc6851509b093bbc0ae558a50adcfaffb3ce09df37e25c2f373e2db18

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 16:33:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 22789550
cf-ray: 54fe9e05dab996da-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:25:16 GMT
server: cloudflare
etag: W/"5afd4a7c-240a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Thu, 24 Dec 2020 16:33:58 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.035

GET
H2 200 css
fonts.googleapis.com/ 11 KB
877 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans|Open+Sans+Condensed:300,300i,400,600,700

Requested by

Host: grozz2nd.letswinstuff.com
URL: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

96e6e3d43fa4d3ecef118ad65feffc6d67c6a580965409fc873d63756cf1174c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sat, 04 Jan 2020 16:33:58 GMT
server: ESF
access-control-allow-origin: *
date: Sat, 04 Jan 2020 16:33:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sat, 04 Jan 2020 16:33:58 GMT

GET
H2 200 standardize.css
grozz2nd.letswinstuff.com/css/ 9 KB
3 KB 22ms
21ms Stylesheet
text/css 2606:4700:30::681c:e1c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://grozz2nd.letswinstuff.com/css/standardize.css
Requested by: Host: grozz2nd.letswinstuff.com
URL: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:e1c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bc28db07851fc4282c47161da018b40aa4d9f688886e8dc20e623452aee9c9f

Request headers

Referer: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 16:33:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 15 Feb 2019 13:24:52 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"5c66bda4-23a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 54fe9e05de766485-FRA

GET
H2 200 animate.css
grozz2nd.letswinstuff.com/css/ 73 KB
4 KB 33ms
31ms Stylesheet
text/css 2606:4700:30::681c:e1c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://grozz2nd.letswinstuff.com/css/animate.css
Requested by: Host: grozz2nd.letswinstuff.com
URL: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:e1c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75a33bdccbadc38c64bf09f76d24d7a1b3fdf61c0915169cc3e7d9b5b07405c5

Request headers

Referer: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 16:33:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 15 Feb 2019 13:24:52 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"5c66bda4-1252c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 54fe9e05de776485-FRA

GET
H2 200 index.css
grozz2nd.letswinstuff.com/css/ 14 KB
3 KB 26ms
25ms Stylesheet
text/css 2606:4700:30::681c:e1c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://grozz2nd.letswinstuff.com/css/index.css
Requested by: Host: grozz2nd.letswinstuff.com
URL: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:e1c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f365c36804b68d45d0bc6b9b1c49ada2d13fe910848c92798810da18d03eb96e

Request headers

Referer: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 16:33:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 15 Feb 2019 13:24:52 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"5c66bda4-36ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 54fe9e05de786485-FRA

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.1/ 82 KB
28 KB 31ms
30ms Script
application/javascript 2606:4700::6811:4004
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: grozz2nd.letswinstuff.com
URL: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0d4098bc8b34c6f87a3d7723988ae81214a53a0bb4a1d4d36a67640f98ed079

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 16:33:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 5819003
cf-ray: 54fe9e05dabb96da-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:21:00 GMT
server: cloudflare
etag: W/"5afd497c-14938"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 24 Dec 2020 16:33:58 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.003

GET
H2 200 jquery.qtip.min.js Show response
cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/ 43 KB
16 KB 29ms
28ms Script
application/javascript 2606:4700::6811:4004
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/qtip2/2.2.1/jquery.qtip.min.js

Requested by

Host: grozz2nd.letswinstuff.com
URL: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

322afd5c4ad9ff1122d7eac8414a69ee716764bb097d44b7db9894bc70d4a726

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 16:33:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 3873232
cf-ray: 54fe9e05dabc96da-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:26:24 GMT
server: cloudflare
etag: W/"5afd4ac0-ad08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 24 Dec 2020 16:33:58 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.002

GET
H2 200 validate.js Show response
grozz2nd.letswinstuff.com/scripts/ 8 KB
2 KB 20ms
18ms Script
application/javascript 2606:4700:30::681c:e1c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://grozz2nd.letswinstuff.com/scripts/validate.js
Requested by: Host: grozz2nd.letswinstuff.com
URL: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:e1c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e4e611b5d591e167475c1f6f2bf2037da85996542c02258c72dd5b196da9b1e

Request headers

Referer: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 16:33:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 15 Feb 2019 13:24:52 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"5c66bda4-1f50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 54fe9e05de7a6485-FRA

GET
H2 200 validate_error_messages.js Show response
grozz2nd.letswinstuff.com/be/scripts/ 2 KB
639 B 32ms
30ms Script
application/javascript 2606:4700:30::681c:e1c
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://grozz2nd.letswinstuff.com/be/scripts/validate_error_messages.js
Requested by: Host: grozz2nd.letswinstuff.com
URL: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:e1c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 224eefd8ede0a562c50cd9ab6768e722393b7a7b628d8985a14d773209de6688

Request headers

Referer: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 16:33:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 15 Feb 2019 13:24:52 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"5c66bda4-6c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 54fe9e05de7b6485-FRA

GET
H2 200 logo.png
grozz2nd.letswinstuff.com/images/ 5 KB
5 KB 24ms
23ms Image
image/png 2606:4700:30::681c:e1c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grozz2nd.letswinstuff.com/images/logo.png
Requested by: Host: grozz2nd.letswinstuff.com
URL: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:e1c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3a3f0e7a4e4969226de7526418c573705af3444e326dc52280dc18ab03eb58b

Request headers

Referer: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 16:33:58 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Feb 2019 13:24:52 GMT
server: cloudflare
etag: "5c66bda4-13cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 54fe9e05de7c6485-FRA
content-length: 5069

GET
H2 200 fb.png
grozz2nd.letswinstuff.com/images/ 4 KB
4 KB 34ms
32ms Image
image/png 2606:4700:30::681c:e1c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grozz2nd.letswinstuff.com/images/fb.png
Requested by: Host: grozz2nd.letswinstuff.com
URL: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:e1c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e98e880f74cc09a1dc6a4b2a29777a428c7cddc067f01169dcaad66c8839dfa

Request headers

Referer: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 16:33:58 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Feb 2019 13:24:52 GMT
server: cloudflare
etag: "5c66bda4-e6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 54fe9e05de7e6485-FRA
content-length: 3695

GET
H2 200 badge_bg.png
grozz2nd.letswinstuff.com/be/images/ 5 KB
5 KB 31ms
29ms Image
image/png 2606:4700:30::681c:e1c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grozz2nd.letswinstuff.com/be/images/badge_bg.png
Requested by: Host: grozz2nd.letswinstuff.com
URL: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:e1c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: acb82c0779eb816f190b0d1c927dbf58b5c1638ce9eba45dff903520f278eba4

Request headers

Referer: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 16:33:58 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Feb 2019 13:24:52 GMT
server: cloudflare
etag: "5c66bda4-1422"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 54fe9e060ed46485-FRA
content-length: 5154

GET
H2 200 giftcard.png
grozz2nd.letswinstuff.com/be/images/ 218 KB
218 KB 21ms
21ms Image
image/png 2606:4700:30::681c:e1c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grozz2nd.letswinstuff.com/be/images/giftcard.png
Requested by: Host: grozz2nd.letswinstuff.com
URL: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:e1c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53141c450f01e4b1512d4b0a244445312813f4e7cb497541812b6a9fe668263d

Request headers

Referer: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 16:33:58 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Feb 2019 13:24:52 GMT
server: cloudflare
etag: "5c66bda4-366b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 54fe9e060ed96485-FRA
content-length: 222896

GET
H2 200 bananas.png
grozz2nd.letswinstuff.com/be/images/ 17 KB
17 KB 29ms
27ms Image
image/png 2606:4700:30::681c:e1c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grozz2nd.letswinstuff.com/be/images/bananas.png
Requested by: Host: grozz2nd.letswinstuff.com
URL: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:e1c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 375ce70d8ef6222b3650591cad06a54bf07b3cad5896681f08a7ca4deb72bf27

Request headers

Referer: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 16:33:58 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Feb 2019 13:24:52 GMT
server: cloudflare
etag: "5c66bda4-4397"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 54fe9e063f0c6485-FRA
content-length: 17303

GET
H2 200 backery.png
grozz2nd.letswinstuff.com/be/images/ 79 KB
79 KB 34ms
32ms Image
image/png 2606:4700:30::681c:e1c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grozz2nd.letswinstuff.com/be/images/backery.png
Requested by: Host: grozz2nd.letswinstuff.com
URL: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:e1c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e3c8a9296b7301d8c9266aa6dc10cf0fb5df524ce0fc76bcffcc4073b487750

Request headers

Referer: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 16:33:58 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Feb 2019 13:24:52 GMT
server: cloudflare
etag: "5c66bda4-13b87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 54fe9e063f0d6485-FRA
content-length: 80775

GET
H2 200 vacum.png
grozz2nd.letswinstuff.com/be/images/ 20 KB
20 KB 22ms
21ms Image
image/png 2606:4700:30::681c:e1c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grozz2nd.letswinstuff.com/be/images/vacum.png
Requested by: Host: grozz2nd.letswinstuff.com
URL: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:e1c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 255013bdb9210aba1009aa03162f93e14bc94856e5d2c86bc1f7830efb3195a5

Request headers

Referer: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 16:33:58 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Feb 2019 13:24:52 GMT
server: cloudflare
etag: "5c66bda4-4fbd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 54fe9e063f0f6485-FRA
content-length: 20413

GET
H2 200 ananas.png
grozz2nd.letswinstuff.com/be/images/ 33 KB
34 KB 23ms
22ms Image
image/png 2606:4700:30::681c:e1c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grozz2nd.letswinstuff.com/be/images/ananas.png
Requested by: Host: grozz2nd.letswinstuff.com
URL: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:e1c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d0281595e271fac7ee082a61fd92d6edd6023b0b878665136e9f7fed2b311b7

Request headers

Referer: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 16:33:58 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Feb 2019 13:24:52 GMT
server: cloudflare
etag: "5c66bda4-85f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 54fe9e063f106485-FRA
content-length: 34290

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: grozz2nd.letswinstuff.com
URL: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 22
date: Sat, 04 Jan 2020 16:33:36 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Sat, 04 Jan 2020 18:33:36 GMT

GET
H2 200 bg.jpg
grozz2nd.letswinstuff.com/images/ 91 KB
91 KB 16ms
16ms Image
image/jpeg 2606:4700:30::681c:e1c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grozz2nd.letswinstuff.com/images/bg.jpg
Requested by: Host: grozz2nd.letswinstuff.com
URL: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:e1c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 228b3ea1864db3110a1cd447e495b6fa50a6367c6458a634f54c0c428033b983

Request headers

Referer: https://grozz2nd.letswinstuff.com/css/index.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 16:33:58 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Feb 2019 13:24:52 GMT
server: cloudflare
etag: "5c66bda4-16b46"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 54fe9e063f1a6485-FRA
content-length: 92998

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: grozz2nd.letswinstuff.com
URL: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans|Open+Sans+Condensed:300,300i,400,600,700
Origin: https://grozz2nd.letswinstuff.com

Response headers

date: Thu, 21 Nov 2019 17:13:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 3799231
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Fri, 20 Nov 2020 17:13:27 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMR7eS2Ao.woff2
fonts.gstatic.com/s/opensanscondensed/v14/ 10 KB
10 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v14/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMR7eS2Ao.woff2

Requested by

Host: grozz2nd.letswinstuff.com
URL: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

dbe1042b7290f4f6d73d1e0ebe0b7f8dd9e9d3f8bdde4e749c151f36ac7c42c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans|Open+Sans+Condensed:300,300i,400,600,700
Origin: https://grozz2nd.letswinstuff.com

Response headers

date: Wed, 20 Nov 2019 08:21:42 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:18:28 GMT
server: sffe
age: 3917536
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10228
x-xss-protection: 0
expires: Thu, 19 Nov 2020 08:21:42 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMR7eS2Ao.woff2
fonts.gstatic.com/s/opensanscondensed/v14/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v14/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMR7eS2Ao.woff2

Requested by

Host: grozz2nd.letswinstuff.com
URL: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d8cd670b102dbdc8bcbcd51b932c5df791e509d703077650e0ccdc216b50d91b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans|Open+Sans+Condensed:300,300i,400,600,700
Origin: https://grozz2nd.letswinstuff.com

Response headers

date: Thu, 21 Nov 2019 16:53:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:18:10 GMT
server: sffe
age: 3800424
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8876
x-xss-protection: 0
expires: Fri, 20 Nov 2020 16:53:34 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1834899315&t=pageview&_s=1&dl=https%3A%2F%2Fgrozz2nd.letswinstuff.com%2Fbe%2F%3Fo%3D845%26r%3Dh6a119298753o7l0%26a%3D104%26sa%3D1K2&dr=http%3...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-118120266-1&cid=1783108824.1578155639&jid=765317345&_gid=1053485326.1578155639&gjid=1599550782&_v=j79&z=1965391214

35 B
384 B

44ms
15ms

Image
image/gif

2a00:1450:400c:c04::9a
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-118120266-1&cid=1783108824.1578155639&jid=765317345&_gid=1053485326.1578155639&gjid=1599550782&_v=j79&z=1965391214

Requested by

Host: grozz2nd.letswinstuff.com
URL: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Sat, 04 Jan 2020 16:33:58 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Jan 2020 16:33:58 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-118120266-1&cid=1783108824.1578155639&jid=765317345&_gid=1053485326.1578155639&gjid=1599550782&_v=j79&z=1965391214
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 420
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nr-1071.min.js Show response
js-agent.newrelic.com/ 23 KB
9 KB 87ms
29ms Script
application/javascript 151.101.114.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1071.min.js
Requested by: Host: grozz2nd.letswinstuff.com
URL: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280

Request headers

Referer: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 16:33:58 GMT
content-encoding: gzip
x-amz-request-id: F6E5FDDF58FDB408
x-cache: HIT
status: 200
content-length: 9086
x-amz-id-2: v6lo1ejYisz5wXeH81Lkp+LZUiGjqOaT5JT5JDcdSCchnZ048XUnDA6WRySCj2/5hlEJt70y1qI=
x-served-by: cache-hhn4022-HHN
last-modified: Wed, 28 Feb 2018 23:33:31 GMT
server: AmazonS3
x-timer: S1578155639.940911,VS0,VE0
etag: "a1a545c95f313a230157b47dca555c25"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 493

GET
H/1.1 200
OK d4db62af92 Show response
bam.nr-data.net/1/ 57 B
261 B 480ms
120ms Script
text/javascript 162.247.242.20
New Relic

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/d4db62af92?a=8665447&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=1111&ref=https://grozz2nd.letswinstuff.com/be/&be=893&fe=1019&dc=901&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1578155637854,%22n%22:0,%22f%22:671,%22dn%22:672,%22dne%22:704,%22c%22:704,%22s%22:709,%22ce%22:729,%22rq%22:729,%22rp%22:822,%22rpe%22:823,%22dl%22:828,%22di%22:896,%22ds%22:896,%22de%22:902,%22dc%22:1019,%22l%22:1019,%22le%22:1020%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer: https://grozz2nd.letswinstuff.com/be/?o=845&r=h6a119298753o7l0&a=104&sa=1K2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: text/javascript;charset=ISO-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.letswinstuff.com/	1970-01-19 06:24:02	Name: _gid Value: GA1.2.1053485326.1578155639
.letswinstuff.com/	1970-01-19 23:53:47	Name: _ga Value: GA1.2.1783108824.1578155639
grozz2nd.letswinstuff.com/	1970-01-19 06:25:28	Name: PHPSESSID_MS Value: fsvsas6fmpskm4r7hgqblrdgu5
.letswinstuff.com/	1970-01-19 06:22:35	Name: _gat Value: 1
.letswinstuff.com/	1970-01-19 07:05:47	Name: __cfduid Value: debcef9deb6647acca91473777ef6d1421578155638

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: /_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.Y_NNwnhXY4E.es5.O/am=BAI/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP7Aw8O1D7Vm4_CB6WXH1-yC5Gh8bw/m=_b,_tp(Line 407) Message: %c%s color: red; background: yellow; font-size: 24px; WARNING!
console-api	log	URL: /_/mss/boq-devplatform/_/js/k=boq-devplatform.DurableDeepLinkUi.en_US.Y_NNwnhXY4E.es5.O/am=BAI/d=1/excm=_b,_tp,viewddl/ed=1/dg=0/wt=2/ct=zgms/rs=ADpVLP7Aw8O1D7Vm4_CB6WXH1-yC5Gh8bw/m=_b,_tp(Line 407) Message: %c%s color: black; font-size: 18px; Using this console may allow attackers to impersonate you and steal your information using an attack called Self-XSS. Do not enter or paste code that you do not understand.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-v7isqe5ZSR9dwXhqR41BkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-v7isqe5ZSR9dwXhqR41BkQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdnjs.cloudflare.com
fndsdaytings.com
fonts.googleapis.com
fonts.gstatic.com
grozz2nd.letswinstuff.com
js-agent.newrelic.com
sponsored.page.link
stats.g.doubleclick.net
thispathtotheinternet.com
www.google-analytics.com
www.gstatic.com
151.101.114.110
162.247.242.20
198.23.187.62
2606:4700:30::681c:e1c
2606:4700:30::681f:5dcd
2606:4700::6811:4004
2a00:1450:4001:815::200e
2a00:1450:4001:817::2003
2a00:1450:4001:818::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:824::200a
2a00:1450:400c:c04::9a
1132573cc6851509b093bbc0ae558a50adcfaffb3ce09df37e25c2f373e2db18
224eefd8ede0a562c50cd9ab6768e722393b7a7b628d8985a14d773209de6688
228b3ea1864db3110a1cd447e495b6fa50a6367c6458a634f54c0c428033b983
255013bdb9210aba1009aa03162f93e14bc94856e5d2c86bc1f7830efb3195a5
2d0281595e271fac7ee082a61fd92d6edd6023b0b878665136e9f7fed2b311b7
322afd5c4ad9ff1122d7eac8414a69ee716764bb097d44b7db9894bc70d4a726
375ce70d8ef6222b3650591cad06a54bf07b3cad5896681f08a7ca4deb72bf27
473b7462f856e776e54e9ed8416a99a8eac1abfecd5f12c726c45e5f5074a857
4bc28db07851fc4282c47161da018b40aa4d9f688886e8dc20e623452aee9c9f
53141c450f01e4b1512d4b0a244445312813f4e7cb497541812b6a9fe668263d
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
75a33bdccbadc38c64bf09f76d24d7a1b3fdf61c0915169cc3e7d9b5b07405c5
7e3c8a9296b7301d8c9266aa6dc10cf0fb5df524ce0fc76bcffcc4073b487750
7e4e611b5d591e167475c1f6f2bf2037da85996542c02258c72dd5b196da9b1e
7e98e880f74cc09a1dc6a4b2a29777a428c7cddc067f01169dcaad66c8839dfa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
96e6e3d43fa4d3ecef118ad65feffc6d67c6a580965409fc873d63756cf1174c
acb82c0779eb816f190b0d1c927dbf58b5c1638ce9eba45dff903520f278eba4
b92e78e9786d66623403df09c5f140f83ddb2111e72e38e548a10c1cf59c7f97
c0d4098bc8b34c6f87a3d7723988ae81214a53a0bb4a1d4d36a67640f98ed079
d3a3f0e7a4e4969226de7526418c573705af3444e326dc52280dc18ab03eb58b
d8cd670b102dbdc8bcbcd51b932c5df791e509d703077650e0ccdc216b50d91b
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dbe1042b7290f4f6d73d1e0ebe0b7f8dd9e9d3f8bdde4e749c151f36ac7c42c2
f365c36804b68d45d0bc6b9b1c49ada2d13fe910848c92798810da18d03eb96e

grozz2nd.letswinstuff.com Open in urlscan Pro 2606:4700:30::681c:e1c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

97 %HTTPS

75 %IPv6

11 Domains

12 Subdomains

11 IPs

3 Countries

681 kBTransfer

1068 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

grozz2nd.letswinstuff.com Open in urlscan Pro
2606:4700:30::681c:e1c Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

97 %
HTTPS

75 %
IPv6

11
Domains

12
Subdomains

11
IPs

3
Countries

681 kB
Transfer

1068 kB
Size

5
Cookies

31 HTTP transactions
0 data transactions