pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev Open in urlscan Pro
2606:4700::6812:323 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u39913023.ct.sendgrid.net/ls/click?upn=-2FpF1fwICjmg4r0v2ztM4auDfwA5tsebjRThgJ36P8TFLDVgDs3hVRYiuOpSUNOZkzjqRg3o1JYH0XeUW3...
Effective URL:
https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/weblock.htm?18c9dd389d97479272db9379738578ab/r2/default/buckets/sskskssks/objects/weblock.htm/de...
Submission: On December 15 via manual (December 15th 2023, 2:27:35 pm UTC) from US — Scanned from DE

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 15 domains to perform 41 HTTP transactions. The main IP is 2606:4700::6812:323, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev.
TLS certificate: Issued by E1 on December 9th 2023. Valid for: 3 months.

This is the only time pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.147 167.89.123.147	11377 (SENDGRID) (SENDGRID)
1 1	18.235.172.85 18.235.172.85	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6812:323	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
12	3.33.167.84 3.33.167.84	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
13	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
41	15

1 167.89.123.147 (Chicago, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x147.outbound-mail.sendgrid.net

u39913023.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.235.172.85 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-172-85.compute-1.amazonaws.com

splendidedwin142413.lt.emlnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:323 (United States)

ASN13335 (CLOUDFLARENET, US)

pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.33.167.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: ab20c4084611ef9fd.awsglobalaccelerator.com

www.greatplainsmfg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

privacyportal-cdn.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 324	164 KB
12	greatplainsmfg.com www.greatplainsmfg.com	916 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	146 KB
2	onetrust.com privacyportal-cdn.onetrust.com — Cisco Umbrella Rank: 51574 geolocation.onetrust.com — Cisco Umbrella Rank: 548	9 KB
2	gstatic.com t2.gstatic.com fonts.gstatic.com	34 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 340 fonts.googleapis.com — Cisco Umbrella Rank: 29	31 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 988 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2842	28 KB
2	r2.dev pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev	125 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	292 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	24 KB
1	emlnk.com 1 redirects splendidedwin142413.lt.emlnk.com	299 B
1	sendgrid.net 1 redirects u39913023.ct.sendgrid.net	844 B
0	greatplainsag.com Failed api.greatplainsag.com Failed
41	15

	Domain	Requested by
13	cdn.cookielaw.org	www.greatplainsmfg.com cdn.cookielaw.org
12	www.greatplainsmfg.com	pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev www.greatplainsmfg.com
2	www.googletagmanager.com	www.greatplainsmfg.com www.googletagmanager.com
2	pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev	pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev
1	fonts.gstatic.com	fonts.googleapis.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	www.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	www.greatplainsmfg.com
1	privacyportal-cdn.onetrust.com	www.greatplainsmfg.com
1	t2.gstatic.com
1	www.google.com	1 redirects
1	stackpath.bootstrapcdn.com	pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev
1	ajax.googleapis.com	pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev
1	maxcdn.bootstrapcdn.com	pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev
1	cdnjs.cloudflare.com	pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev
1	code.jquery.com	pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev
1	splendidedwin142413.lt.emlnk.com	1 redirects
1	u39913023.ct.sendgrid.net	1 redirects
0	api.greatplainsag.com Failed	www.greatplainsmfg.com
41	19

This site contains no links.

Subject Issuer	Validity	Valid
*.r2.dev E1	`2023-12-09` - `2024-03-08`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.greatplainsmfg.com Amazon RSA 2048 M03	`2023-12-05` - `2025-01-03`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
onetrust.com GTS CA 1P5	`2023-11-04` - `2024-02-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/weblock.htm?18c9dd389d97479272db9379738578ab/r2/default/buckets/sskskssks/objects/weblock.htm/details
Frame ID: DA34D3A8CCF006A566165BEE0C98333A
Requests: 11 HTTP requests in this frame

Frame: https://www.greatplainsmfg.com/
Frame ID: F47968EA61563D94C92A56B13E12595C
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Documents Portal Login - greatplainsmfg.com

Page URL History Show full URLs

https://u39913023.ct.sendgrid.net/ls/click?upn=-2FpF1fwICjmg4r0v2ztM4auDfwA5tsebjRThgJ36P8TFLDVgDs3hVRYiuOpSUN... HTTP 302
https://splendidedwin142413.lt.emlnk.com/Prod/link-tracker?notrack=1&redirectUrl=aHR0cHMlM0ElMkYlMkZwdWItMTRjZGM5NmQ1... HTTP 302
https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/weblock.htm?18c9dd389d97479272db9379738578ab/r2/default/buckets/sskskssks/ob... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

95 %
HTTPS

82 %
IPv6

15
Domains

19
Subdomains

15
IPs

2
Countries

1505 kB
Transfer

2630 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u39913023.ct.sendgrid.net/ls/click?upn=-2FpF1fwICjmg4r0v2ztM4auDfwA5tsebjRThgJ36P8TFLDVgDs3hVRYiuOpSUNOZkzjqRg3o1JYH0XeUW3zXzTFPBUN54hyR2TZyjeopdyDH7Tr1yIb4MhTOLOYs2uhmtplKWXgd5hK1Tj8fTlQuCIUnbvPO3RMRWDjA2rAsfZFOuHU-2FpURWaRM8AVPjxl0N7-2B4khXQgvxtudq9FyGrq55mEsjiX51r1PtQZ-2BbSu-2FxVqrovZWvkQkrfQk-2Frr-2FbzgcYpTTBnFHk8QZWd0BiFtW4gbDXAwPA4-2FrINws-2F6hVo0MSjAGNhwT1f-2FY-2B4wUPphO3-2Fp16W5uFaRRsNk634ksu2kffw6mYs-2BjkzzMww41tEh6kcpWsMNbnwDvpdV-2FaHbrv4ou5Rp2DKYAeAFsAEhc0WsNm27buQJPrW8nhphalIDOBF9ygTYSVc16-2FKyjf6P9bgSQbqkIRf6ez6H-2FDpV2n7JbHyXoJFJp0AnGcWRKeyUtta3TK-2BnRwZ2IkCHjMDdSgsnFn2s-2FlCU992SMfDc8aAibHrWYUljjuOMV7NSpm8wToRLkptAM5lWS6RYz7WNN2SQ-2BJ7-2FZSp9AoR8-2Fj-2B8c2RRvULzRc0CemDJ-2BafBXngm88-2FQXQgHWUP-2F1RupsPFOtMRK0LAEGzTq5L7UDWFbLXjXM8psEJQMqAPW-2F3UHym5Y0WieOEsljNabcMX3oeOHRTVjxfQAilvgXqYXrfVmOFR-2BToZ64Mnm9OaimhAfr3ncj5v15QR0dPntPoY90QzlD3T8J1LjoTOl1HDPPnmrmrs5p9-2BdVDZKAfejW-2FHekX-2BybuG0y36ls6u7WE049ZSnV-2BDXdGpUoUBBvW2we-2FmGmcuPj7SzXW6Kcr34YSMWaSHOs-3DwOCY_obExZzDONMRPsE-2BN0JBRuuPKU-2F-2F0tx3-2Bkum3exu4VMPlgCC1hXqlTqzapp0rWYIjRRHxss4u7gAg6JnayS4deOvq4FhIMXiPzP-2BLwSAjE5ycN5Ifq5bAdpQwl1odl4K-2FFkVv7xHt336VtPcO9g6pzudhvFpHETXJRr2qPf0nftr4yR5gRGF6qRIZATfYTjLwgSTGacIihqJAykq80o9M0eI8x3zXQ1etzHmZlIq2f8Yn0zsjfEOCKjotGdWMPlIcNbLCnjHaoia5vCWRyP3zCVb8Va8-2F9nch-2BOYAOWXqzfDOnbkovMNZxGFTE54lpki0umJEYPmd1QK-2Fvsz7rTrCAzRBssfSL6pGmYKuWMbnIPXNalkU5eAmQScMtyaBN-2FoX-2BVKpUeQ1MAqNTWZMezMcZAzyX5Y2vpWK-2BJYKsa-2BgDfgT8J9RWBXNcxcK7z8to86j7zIP8XVxw6uQIVgMpKK39UVo4BdAKYFGGEDPRAN-2FQ0qNYDMVS50Aij-2F8iuz-2F5dE148g0xVCZFsZcVu02lXDygarUjq1rq-2Bz-2BYvlkJ1VrIJEGYtzT1mje3aF5vlSSr3UtU8dghGP8q8HySugmw8i1pE-2FbMx8bnv9IuVyJpbYgT9Rf5hQgajy6ZVq-2FQJdw3tJvkZL8dnhxqk91v-2FLx4OgJuPNVcrZ980HI1atnGlXoNC24QnV8jFeQeL7cW5ZJ3VOBjZpggWMukfTOPrYTbkLtmSBCetevaYCqdCnBezpoRr8yGfPX97bwthCVc7-2FjhMaoe-2Fe6z1VExo7dborg38nHrH2RnVUASL36SGoipYljwfSRVRXuaQa7zlQeEf0EzhJrGUQwSD1FvNCWjMpV-2BNWFqGK6Ti-2BZEZwOpIE0fZa-2B4EL13dSWXn12WwjWQjAnN9cMHWpql2JjQ1u3Bzu5OUb04z-2Bh9eOOhBo-2B1NZnXqxgjPsmB32B35wQi7aHP6099dGOQLdyiVvNMZ54jIC1NJUBDbIENSG6r9VF73cpeP7sUDg-3D HTTP 302
https://splendidedwin142413.lt.emlnk.com/Prod/link-tracker?notrack=1&redirectUrl=aHR0cHMlM0ElMkYlMkZwdWItMTRjZGM5NmQ1MmQyNDNiYWE2YjhlNTFmYmExZDgzZTUucjIuZGV2JTJGd2VibG9jay5odG0lM0YxOGM5ZGQzODlkOTc0NzkyNzJkYjkzNzk3Mzg1NzhhYiUyRnIyJTJGZGVmYXVsdCUyRmJ1Y2tldHMlMkZzc2tza3Nza3MlMkZvYmplY3RzJTJGd2VibG9jay5odG0lMkZkZXRhaWxz&sig=88B7MAw5ihn6A8yH8d54FKqx4VcRuMrNxyHCE7HdQEFp&iat=1702564065&a=%7C%7C226617553%7C%7C&account=splendidedwin142413%2Eactivehosted%2Ecom&email=7HwisZpC21uH0perTY1y8afxtssM%2FN8LSGrNnYNAtmsN%2BTPaUPPOHg%3D%3D%3AOvBzphT7JYDGhWPVOwJMIiBxwZ8B59IW&s=3834941fbb829496edc41ec58674ea4f&i=1A3A0A9 HTTP 302
https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/weblock.htm?18c9dd389d97479272db9379738578ab/r2/default/buckets/sskskssks/objects/weblock.htm/details Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://www.google.com/s2/favicons?domain=greatplainsmfg.com HTTP 301
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://greatplainsmfg.com&size=16

41 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request weblock.htm Show response
pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/
Redirect Chain

https://u39913023.ct.sendgrid.net/ls/click?upn=-2FpF1fwICjmg4r0v2ztM4auDfwA5tsebjRThgJ36P8TFLDVgDs3hVRYiuOpSUNOZkzjqRg3o1JYH0XeUW3zXzTFPBUN54hyR2TZyjeopdyDH7Tr1yIb4MhTOLOYs2uhmtplKWXgd5hK1Tj8fTlQuC...
https://splendidedwin142413.lt.emlnk.com/Prod/link-tracker?notrack=1&redirectUrl=aHR0cHMlM0ElMkYlMkZwdWItMTRjZGM5NmQ1MmQyNDNiYWE2YjhlNTFmYmExZDgzZTUucjIuZGV2JTJGd2VibG9jay5odG0lM0YxOGM5ZGQzODlkOTc0...
https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/weblock.htm?18c9dd389d97479272db9379738578ab/r2/default/buckets/sskskssks/objects/weblock.htm/details

207 KB
98 KB

139ms
91ms

Document
text/html

2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/weblock.htm?18c9dd389d97479272db9379738578ab/r2/default/buckets/sskskssks/objects/weblock.htm/details
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 028a72d5208d928c85b3b43e7dbeddb309497a7b00f578919837f52bf5d426b7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-RAY: 835f5e267d8f917c-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 15 Dec 2023 14:27:31 GMT
ETag: W/"23e9b4e5564492f4d875a25da07c9e40"
Last-Modified: Thu, 14 Dec 2023 14:16:31 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

content-length: 0
content-type: application/json
date: Fri, 15 Dec 2023 14:27:30 GMT
location: https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/weblock.htm?18c9dd389d97479272db9379738578ab/r2/default/buckets/sskskssks/objects/weblock.htm/details
x-amz-apigw-id: P_RM-Hx4IAMEXDA=
x-amzn-requestid: 8153fbd9-4608-4010-8d09-c77bb90d01af
x-amzn-trace-id: Root=1-657c6252-01e6fe236f8254b41bb4bc60;Sampled=0;lineage=12ce62b2:0

GET
H/1.1 404
Not Found favicons
pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/images/ 27 KB
27 KB 59ms
59ms Image
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/images/favicons
Requested by: Host: pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev
URL: https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/weblock.htm?18c9dd389d97479272db9379738578ab/r2/default/buckets/sskskssks/objects/weblock.htm/details
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/weblock.htm?18c9dd389d97479272db9379738578ab/r2/default/buckets/sskskssks/objects/weblock.htm/details
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 14:27:31 GMT
Content-Encoding: gzip
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive
CF-RAY: 835f5e273eb3917c-FRA

GET
DATA 200
OK truncated
/ 55 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42171d76548498998da88f032aba50a028b9481fd7004a9a3b5d3b8d98fe48a2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 558 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 578254b8c8e53db6ffe80754d29a9db454d8818885ac826b11e9b95389618b5b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 520 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2172033cc841f94e32ca4412cd380e43d873a9e74e54aee03f0d26ed72d20be5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jquery-3.2.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 34ms
6ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by: Host: pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev
URL: https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/weblock.htm?18c9dd389d97479272db9379738578ab/r2/default/buckets/sskskssks/objects/weblock.htm/details
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Referer: https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/
Origin: https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 15 Dec 2023 14:27:31 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 7746650
x-cache: HIT, HIT
content-length: 23856
x-served-by: cache-lga21963-LGA, cache-fra-eddf8230114-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1702650451.114971,VS0,VE0
etag: W/"28feccc0-10fdd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 2, 203785

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
7 KB 31ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Host: pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev
URL: https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/weblock.htm?18c9dd389d97479272db9379738578ab/r2/default/buckets/sskskssks/objects/weblock.htm/details

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/
Origin: https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 15 Dec 2023 14:27:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 163663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6157
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4af4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DWhvzWUzQ4YQjAX7R3ooyE2gKwIV85j5JhlqLkztWLVyu0vRIY02uClbTevtD7k4UnDOFraLpQeilhkyhrRR5y4X4YsbMaL6k5dvVdL1q2cy8vrShPmEpKJShyqekeYTxgyPUiPbE27tq70%2Bi%2FtblRfG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 835f5e276f712c29-FRA
expires: Wed, 04 Dec 2024 14:27:31 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
14 KB 36ms
19ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/
Origin: https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 15 Dec 2023 14:27:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 865
age: 122644
cdn-cachedat: 10/31/2023 18:55:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0c0d3cd0a4ba35768e740e8caac587d6
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 835f5e276d4691d1-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 15 Dec 2023 04:12:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 04:12:25 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
15 KB 38ms
21ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 15 Dec 2023 14:27:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 723
age: 2801604
cdn-cachedat: 11/15/2021 23:30:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: a35b0179a28ed953258d0fb41376a09c
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 835f5e2768ab1c19-FRA
cdn-requestpullsuccess: True

GET
H2 200 / Show response
www.greatplainsmfg.com/ Frame F479 4 KB
4 KB 2187ms
148ms Document
text/html 3.33.167.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greatplainsmfg.com/
Requested by: Host: pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev
URL: https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/weblock.htm?18c9dd389d97479272db9379738578ab/r2/default/buckets/sskskssks/objects/weblock.htm/details
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.33.167.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab20c4084611ef9fd.awsglobalaccelerator.com
Software: nginx/1.17.10 /
Resource Hash: a747d5046fa08694788290ecd426312144765d6635e35475e03aafcf3e50170a

Request headers

Referer: https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 3618
content-type: text/html
date: Fri, 15 Dec 2023 14:27:33 GMT
etag: "65735596-e22"
last-modified: Fri, 08 Dec 2023 17:42:46 GMT
server: nginx/1.17.10

GET
H2

200

faviconV2
t2.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=greatplainsmfg.com
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://greatplainsmfg.com&size=16

873 B
1 KB

56ms
20ms

Image
image/png

2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://greatplainsmfg.com&size=16

Protocol

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dffc82a0521924f6a9a5b84a7083d5d879d15aafba4177bd488afe9ebecdecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 14:27:31 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 873
x-xss-protection: 0
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.greatplainsmfg.com/favicon.ico
expires: Fri, 22 Dec 2023 14:27:31 GMT

Redirect headers

date: Fri, 15 Dec 2023 14:27:31 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://greatplainsmfg.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 338
x-xss-protection: 0
expires: Fri, 15 Dec 2023 14:57:31 GMT

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/67e8c3c8-3c08-42f7-9cf0-f5285ad39505-test/ Frame F479 4 KB
2 KB 73ms
56ms Script
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/67e8c3c8-3c08-42f7-9cf0-f5285ad39505-test/OtAutoBlock.js

Requested by

Host: www.greatplainsmfg.com
URL: https://www.greatplainsmfg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adf960923cbd6b577acf69253bf64d2ae8831198e3be5a6e89a7507bc5629b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Dec 2023 14:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: 2QfO3pW6d2PAkLqdTLEoQw==
content-length: 1701
x-ms-lease-status: unlocked
last-modified: Fri, 30 Jun 2023 15:23:58 GMT
server: cloudflare
etag: 0x8DB797E067845A1
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ba8ac1f9-d01e-0003-7462-2fd8e7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 835f5e3578581c73-FRA

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ Frame F479 21 KB
7 KB 39ms
22ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.greatplainsmfg.com
URL: https://www.greatplainsmfg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Dec 2023 14:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: vZrXoJWU2kJda+KcVQis1w==
age: 30468
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6841
x-ms-lease-status: unlocked
last-modified: Thu, 14 Dec 2023 20:51:43 GMT
server: cloudflare
etag: 0x8DBFCE67AACAD60
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e45cb448-401e-003e-6603-2faefc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 835f5e35785c1c73-FRA

GET
H2 200 otnotice-1.0.min.js Show response
privacyportal-cdn.onetrust.com/privacy-notice-scripts/ Frame F479 32 KB
9 KB 59ms
40ms Script
application/javascript 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://privacyportal-cdn.onetrust.com/privacy-notice-scripts/otnotice-1.0.min.js

Requested by

Host: www.greatplainsmfg.com
URL: https://www.greatplainsmfg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13c7de4871df34d9216b53dda1a56e968daa9b9421d2c41796166358319cc0bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Dec 2023 14:27:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
content-md5: uWq9s3y5h9XT/pBFnXon6w==
age: 582
x-ms-lease-status: unlocked
last-modified: Thu, 30 Nov 2023 03:26:12 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a0ab71a3-901e-0089-1bbf-27cabf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 835f5e35899018d3-FRA
expires: Fri, 15 Dec 2023 18:27:33 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame F479 187 KB
68 KB 45ms
24ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-26268077-7

Requested by

Host: www.greatplainsmfg.com
URL: https://www.greatplainsmfg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af70e5a6272d899ae959ef1cea0f8e0ddbfcfb436d6faf595e82d81367a4fc6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 14:27:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69132
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 15 Dec 2023 14:27:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F479 9 KB
1 KB 37ms
16ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800&display=swap

Requested by

Host: www.greatplainsmfg.com
URL: https://www.greatplainsmfg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f13a03415d5e2c3bd9d5360536c86b84cd4908595a9782cb206ffd80cc4e5596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 14:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 14:16:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Dec 2023 14:27:33 GMT

GET
H2 200 2.b857dd64.chunk.css
www.greatplainsmfg.com/static/css/ Frame F479 4 KB
4 KB 426ms
425ms Stylesheet
text/css 3.33.167.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greatplainsmfg.com/static/css/2.b857dd64.chunk.css
Requested by: Host: www.greatplainsmfg.com
URL: https://www.greatplainsmfg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.33.167.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab20c4084611ef9fd.awsglobalaccelerator.com
Software: nginx/1.17.10 /
Resource Hash: 6e7b2a0d6f8ef40ce0f6acfaec58c4d5564cd1b43f2fe23e368965a2586e14b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 14:27:33 GMT
last-modified: Fri, 08 Dec 2023 17:42:46 GMT
server: nginx/1.17.10
accept-ranges: bytes
etag: "65735596-ecf"
content-length: 3791
content-type: text/css

GET
H2 200 main.5a195632.chunk.css
www.greatplainsmfg.com/static/css/ Frame F479 111 KB
112 KB 154ms
153ms Stylesheet
text/css 3.33.167.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greatplainsmfg.com/static/css/main.5a195632.chunk.css
Requested by: Host: www.greatplainsmfg.com
URL: https://www.greatplainsmfg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.33.167.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab20c4084611ef9fd.awsglobalaccelerator.com
Software: nginx/1.17.10 /
Resource Hash: a8daef7bd730f3c47c0e3974491b016a0d6cc325cc949686f4472055c53f2ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 14:27:33 GMT
last-modified: Fri, 08 Dec 2023 17:42:46 GMT
server: nginx/1.17.10
accept-ranges: bytes
etag: "65735596-1bdfc"
content-length: 114172
content-type: text/css

GET
H2 200 2.3a531ad8.chunk.js Show response
www.greatplainsmfg.com/static/js/ Frame F479 651 KB
651 KB 148ms
147ms Script
application/javascript 3.33.167.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greatplainsmfg.com/static/js/2.3a531ad8.chunk.js
Requested by: Host: www.greatplainsmfg.com
URL: https://www.greatplainsmfg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.33.167.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab20c4084611ef9fd.awsglobalaccelerator.com
Software: nginx/1.17.10 /
Resource Hash: 1ca386bb2e3101b8130d2d6ec7148e20709cf7a0ad6ad1b2c79940621122a9ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 14:27:33 GMT
last-modified: Fri, 08 Dec 2023 17:42:46 GMT
server: nginx/1.17.10
accept-ranges: bytes
etag: "65735596-a2a47"
content-length: 666183
content-type: application/javascript

GET
H2 200 main.3e30ab21.chunk.js Show response
www.greatplainsmfg.com/static/js/ Frame F479 75 KB
76 KB 286ms
286ms Script
application/javascript 3.33.167.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greatplainsmfg.com/static/js/main.3e30ab21.chunk.js
Requested by: Host: www.greatplainsmfg.com
URL: https://www.greatplainsmfg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.33.167.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab20c4084611ef9fd.awsglobalaccelerator.com
Software: nginx/1.17.10 /
Resource Hash: e4a77635540adbe84a9602199a75a3418c2c4dd771f788ab7afcb7120ad6da91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 14:27:33 GMT
last-modified: Fri, 08 Dec 2023 17:42:46 GMT
server: nginx/1.17.10
accept-ranges: bytes
etag: "65735596-12d96"
content-length: 77206
content-type: application/javascript

GET
H2 200 67e8c3c8-3c08-42f7-9cf0-f5285ad39505-test.json Show response
cdn.cookielaw.org/consent/67e8c3c8-3c08-42f7-9cf0-f5285ad39505-test/ Frame F479 4 KB
2 KB 73ms
58ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/67e8c3c8-3c08-42f7-9cf0-f5285ad39505-test/67e8c3c8-3c08-42f7-9cf0-f5285ad39505-test.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cd30e4c574ac5b306e55092558ed5dce8bb20854a4fbf265b83649dadec4d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Dec 2023 14:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: An9AmHGQl6NKumkYi5/+Gg==
content-length: 1618
x-ms-lease-status: unlocked
last-modified: Fri, 30 Jun 2023 15:23:58 GMT
server: cloudflare
etag: 0x8DB797E06893321
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 63108d32-001e-0010-7562-2ffceb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 835f5e35fc4568eb-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame F479 220 KB
78 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CLCFCCQ424&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26268077-7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

60de1f0070920f1bcd85ecad75943499e9927778bede618e436c48f66203d15a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 14:27:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80123
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 15 Dec 2023 14:27:33 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame F479 52 KB
21 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-26268077-7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 15 Dec 2023 13:22:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3908
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 15 Dec 2023 15:22:25 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ Frame F479 66 B
303 B 47ms
29ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.greatplainsmfg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 14:27:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 835f5e368dce35f6-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/ Frame F479 404 KB
98 KB 18ms
18ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Dec 2023 14:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: XJk1ZZTljtwHFT3qcIJg+w==
age: 43288
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 99599
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:36 GMT
server: cloudflare
etag: 0x8DB82A15D413626
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 80bad15d-801e-006c-2fda-12d214000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 835f5e36ba381c73-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/67e8c3c8-3c08-42f7-9cf0-f5285ad39505-test/14550fa7-ef14-43c6-b6a4-9ce7396fd6eb/ Frame F479 33 KB
10 KB 58ms
58ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/67e8c3c8-3c08-42f7-9cf0-f5285ad39505-test/14550fa7-ef14-43c6-b6a4-9ce7396fd6eb/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ea24522d92efc818dcd5a33b9fd6b79141a8f38a14ca6403b1c67c35d9b56e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Dec 2023 14:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: 8BwrPiAYNFEHxr8OD1X8FQ==
content-length: 10208
x-ms-lease-status: unlocked
last-modified: Fri, 30 Jun 2023 15:24:03 GMT
server: cloudflare
etag: 0x8DB797E0964BF9E
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e5437c3b-401e-0001-2362-2f665f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 835f5e36fd9e68eb-FRA

GET
H2 200 otFloatingRoundedIcon.json Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/ Frame F479 16 KB
4 KB 38ms
37ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otFloatingRoundedIcon.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64dd6d9dd3281f90ad6086ba58b7a4dc2db9c1657349346286701ff6aaca7437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Dec 2023 14:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 3FJJCwfb4WaOXjwO+ZteqQ==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3813
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:31 GMT
server: cloudflare
etag: 0x8DB82A15A46FE7B
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 234617e5-101e-006e-3dc5-126cac000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 835f5e376e1568eb-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/v2/ Frame F479 61 KB
12 KB 45ms
45ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Dec 2023 14:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: sXFDxCJwbPEMIT/8f5Prwg==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12544
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:33 GMT
server: cloudflare
etag: 0x8DB82A15AFF8646
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: b5f9f4d1-a01e-0054-708d-2a76d4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 835f5e376e1768eb-FRA

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/ Frame F479 5 KB
2 KB 44ms
44ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

509f2e49500fbaeb5d7e1959071f2922b693d0135080e2871e124ec8bdd08bb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Dec 2023 14:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: v0pzgeeelPwcAOki15i3HA==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1766
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:32 GMT
server: cloudflare
etag: 0x8DB82A15AB9FB83
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 7781e7b4-f01e-003b-5d06-2f7c27000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 835f5e376e1868eb-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202306.1.0/assets/ Frame F479 21 KB
4 KB 43ms
42ms Fetch
text/css 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202306.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Dec 2023 14:27:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 06:29:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: b55e37a6-901e-004f-5268-2348d7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 835f5e376e1c68eb-FRA

GET
H2 200 headers.1b428b27.yml Show response
www.greatplainsmfg.com/static/media/ Frame F479 5 KB
5 KB 147ms
147ms Fetch
application/octet-stream 3.33.167.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greatplainsmfg.com/static/media/headers.1b428b27.yml
Requested by: Host: www.greatplainsmfg.com
URL: https://www.greatplainsmfg.com/static/js/main.3e30ab21.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.33.167.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab20c4084611ef9fd.awsglobalaccelerator.com
Software: nginx/1.17.10 /
Resource Hash: 3756fe62254cb7c17b85592850e3022e3a0e811883ffd401ae86dac38dd11c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 14:27:34 GMT
last-modified: Fri, 08 Dec 2023 17:42:46 GMT
server: nginx/1.17.10
accept-ranges: bytes
etag: "65735596-12f5"
content-length: 4853
content-type: application/octet-stream

GET home
api.greatplainsag.com/mfg/v1/ Frame F479 0
0

GET
H2 200 settings.dccacd15.yml Show response
www.greatplainsmfg.com/static/media/ Frame F479 462 B
623 B 147ms
147ms Fetch
application/octet-stream 3.33.167.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greatplainsmfg.com/static/media/settings.dccacd15.yml
Requested by: Host: www.greatplainsmfg.com
URL: https://www.greatplainsmfg.com/static/js/main.3e30ab21.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.33.167.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab20c4084611ef9fd.awsglobalaccelerator.com
Software: nginx/1.17.10 /
Resource Hash: 7c3e5c663cc73fc93eb57bf089e19cb9af88dba44f1c436222e46103e96e3240

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 14:27:34 GMT
last-modified: Fri, 08 Dec 2023 17:42:46 GMT
server: nginx/1.17.10
accept-ranges: bytes
etag: "65735596-1ce"
content-length: 462
content-type: application/octet-stream

GET
H2 200 nav.ac1b42f7.yml Show response
www.greatplainsmfg.com/static/media/ Frame F479 4 KB
4 KB 146ms
146ms Fetch
application/octet-stream 3.33.167.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.greatplainsmfg.com/static/media/nav.ac1b42f7.yml
Requested by: Host: www.greatplainsmfg.com
URL: https://www.greatplainsmfg.com/static/js/main.3e30ab21.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.33.167.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab20c4084611ef9fd.awsglobalaccelerator.com
Software: nginx/1.17.10 /
Resource Hash: 8250b2e89a5a1b797c8e4cfe91c80fc0ffc4062facbb75b8762592279878a065

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 14:27:34 GMT
last-modified: Fri, 08 Dec 2023 17:42:46 GMT
server: nginx/1.17.10
accept-ranges: bytes
etag: "65735596-e24"
content-length: 3620
content-type: application/octet-stream

GET
H2 200 file-lines-solid.f23cf72a.svg
www.greatplainsmfg.com/static/media/ Frame F479 774 B
930 B 147ms
147ms Image
image/svg+xml 3.33.167.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greatplainsmfg.com/static/media/file-lines-solid.f23cf72a.svg
Requested by: Host: www.greatplainsmfg.com
URL: https://www.greatplainsmfg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.33.167.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab20c4084611ef9fd.awsglobalaccelerator.com
Software: nginx/1.17.10 /
Resource Hash: 501b0789fcde6411d50d319e67cf7987dcfb3cf0173e461386a7cfe188468eff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 14:27:34 GMT
last-modified: Fri, 08 Dec 2023 17:42:46 GMT
server: nginx/1.17.10
accept-ranges: bytes
etag: "65735596-306"
content-length: 774
content-type: image/svg+xml

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame F479 32 KB
33 KB 27ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.greatplainsmfg.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:03:03 GMT
x-content-type-options: nosniff
age: 339870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 16:03:03 GMT

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ Frame F479 651 B
600 B 21ms
21ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.greatplainsmfg.com
URL: https://www.greatplainsmfg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Dec 2023 14:27:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 38634
x-ms-lease-status: unlocked
last-modified: Wed, 13 Dec 2023 22:17:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: e20c7147-001e-00a9-5649-2ef8f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 835f5e394d991c73-FRA

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ Frame F479 497 B
488 B 37ms
37ms Fetch
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202306.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Dec 2023 14:27:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status: unlocked
last-modified: Fri, 15 Dec 2023 11:07:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: a082f41a-b01e-0005-225b-2feb58000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 835f5e39492068eb-FRA

GET
H2 200 logo-header.3456ce60.png
cdn.cookielaw.org/logos/d99fbdeb-4a2f-4eb6-8cc1-33036f3b7933/67e8c3c8-3c08-42f7-9cf0-f5285ad39505/cc1812fa-4942-494d-adbb-b922e8c78d2f/ Frame F479 20 KB
20 KB 40ms
39ms Image
image/png 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/d99fbdeb-4a2f-4eb6-8cc1-33036f3b7933/67e8c3c8-3c08-42f7-9cf0-f5285ad39505/cc1812fa-4942-494d-adbb-b922e8c78d2f/logo-header.3456ce60.png

Requested by

Host: www.greatplainsmfg.com
URL: https://www.greatplainsmfg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21166445952073b1fdf00e0eb0cdb238965699c8a6fd04bf3ceaff1dc80172fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Dec 2023 14:27:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: NFbOYLBnK5tw9GnbeAJksw==
content-length: 20220
x-ms-lease-status: unlocked
last-modified: Fri, 30 Jun 2023 15:18:49 GMT
server: cloudflare
etag: 0x8DB797D4E99B9ED
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 8f7ee92d-c01e-00a6-6011-248e9d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 835f5e395dc01c73-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ Frame F479 5 KB
2 KB 22ms
21ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.greatplainsmfg.com
URL: https://www.greatplainsmfg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 15 Dec 2023 14:27:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 28346
x-ms-lease-status: unlocked
last-modified: Thu, 14 Dec 2023 20:51:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 3013d3fc-201e-0081-0c0a-2f9959000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 835f5e395dc21c73-FRA

GET
H2 200 gp-logo-corp-225px.8a414c8e.png
www.greatplainsmfg.com/static/media/ Frame F479 19 KB
20 KB 147ms
147ms Image
image/png 3.33.167.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greatplainsmfg.com/static/media/gp-logo-corp-225px.8a414c8e.png
Requested by: Host: www.greatplainsmfg.com
URL: https://www.greatplainsmfg.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.33.167.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab20c4084611ef9fd.awsglobalaccelerator.com
Software: nginx/1.17.10 /
Resource Hash: 2feecb061d92e1855f691c21d40bcbccfdde140ac672917ce5b2e130119e2a6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 14:27:34 GMT
last-modified: Fri, 08 Dec 2023 17:42:46 GMT
server: nginx/1.17.10
accept-ranges: bytes
etag: "65735596-4d9a"
content-length: 19866
content-type: image/png

GET
DATA 200
OK truncated
/ Frame F479 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac583a92180240a327ad2711fdb9a29dfa64b322996eb72c8b01353c20733363

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F479 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 428a7e398bb09dd069d59cc3a97f762f4f528548f172e51e7c300d2ea2e93547

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F479 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b51f6cc43d0ab11127a00646c6c440d5bdf7984295f2c4934938e2fc74943774

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 logo-header.3456ce60.png
www.greatplainsmfg.com/static/media/ Frame F479 20 KB
20 KB 147ms
147ms Image
image/png 3.33.167.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greatplainsmfg.com/static/media/logo-header.3456ce60.png
Requested by: Host: www.greatplainsmfg.com
URL: https://www.greatplainsmfg.com/static/css/main.5a195632.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.33.167.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab20c4084611ef9fd.awsglobalaccelerator.com
Software: nginx/1.17.10 /
Resource Hash: 21166445952073b1fdf00e0eb0cdb238965699c8a6fd04bf3ceaff1dc80172fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/static/css/main.5a195632.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 14:27:34 GMT
last-modified: Fri, 08 Dec 2023 17:42:46 GMT
server: nginx/1.17.10
accept-ranges: bytes
etag: "65735596-4efc"
content-length: 20220
content-type: image/png

GET
DATA 200
OK truncated
/ Frame F479 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee55e9b11329ae16b54966afe12d04f183946f8c96ba9d1a1b17ed0f4ce47a0c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F479 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d240e7d5ab08159281c84de9661ef2d1c6943ceb9c6dcf3473202800f63d6355

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 logo-footer.cf993f79.png
www.greatplainsmfg.com/static/media/ Frame F479 20 KB
20 KB 147ms
146ms Image
image/png 3.33.167.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.greatplainsmfg.com/static/media/logo-footer.cf993f79.png
Requested by: Host: www.greatplainsmfg.com
URL: https://www.greatplainsmfg.com/static/css/main.5a195632.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.33.167.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab20c4084611ef9fd.awsglobalaccelerator.com
Software: nginx/1.17.10 /
Resource Hash: b853391e21c4b837f7db5772aaac81732ab3baa9360643ebd08a1b6fa121ddc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.greatplainsmfg.com/static/css/main.5a195632.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 14:27:34 GMT
last-modified: Fri, 08 Dec 2023 17:42:46 GMT
server: nginx/1.17.10
accept-ranges: bytes
etag: "65735596-4eef"
content-length: 20207
content-type: image/png

GET
DATA 200
OK truncated
/ Frame F479 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476b485bef2818f3c5dfd6855f92585fbc0bbb52f80ebfd8384f054466dcd310

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F479 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eea93275675f93daec1d218834f19ec3b66ccc700b5e2a760184cd4767d1bd00

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F479 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 138fd0c8333073fe7e34b8a391fad854d85a0093c55585aefd06ac7cf9b22b21

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.greatplainsag.com
URL: https://api.greatplainsag.com/mfg/v1/home

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/weblock.htm?18c9dd389d97479272db9379738578ab/r2/default/buckets/sskskssks/objects/weblock.htm/details(Line 106) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.2.1.slim.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/weblock.htm?18c9dd389d97479272db9379738578ab/r2/default/buckets/sskskssks/objects/weblock.htm/details(Line 106) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.2.1.slim.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/weblock.htm?18c9dd389d97479272db9379738578ab/r2/default/buckets/sskskssks/objects/weblock.htm/details(Line 106) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/weblock.htm?18c9dd389d97479272db9379738578ab/r2/default/buckets/sskskssks/objects/weblock.htm/details(Line 106) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/weblock.htm?18c9dd389d97479272db9379738578ab/r2/default/buckets/sskskssks/objects/weblock.htm/details(Line 106) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/weblock.htm?18c9dd389d97479272db9379738578ab/r2/default/buckets/sskskssks/objects/weblock.htm/details(Line 106) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev/images/favicons Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.greatplainsag.com
cdn.cookielaw.org
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
maxcdn.bootstrapcdn.com
privacyportal-cdn.onetrust.com
pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev
splendidedwin142413.lt.emlnk.com
stackpath.bootstrapcdn.com
t2.gstatic.com
u39913023.ct.sendgrid.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.greatplainsmfg.com
api.greatplainsag.com
167.89.123.147
18.235.172.85
2606:4700:4400::6812:2089
2606:4700:4400::ac40:9b77
2606:4700::6811:180e
2606:4700::6812:323
2606:4700::6812:82ec
2606:4700::6812:bcf
2a00:1450:4001:803::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:810::200a
2a00:1450:4001:828::2004
2a00:1450:4001:829::200a
2a04:4e42:600::649
3.33.167.84
028a72d5208d928c85b3b43e7dbeddb309497a7b00f578919837f52bf5d426b7
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0cd30e4c574ac5b306e55092558ed5dce8bb20854a4fbf265b83649dadec4d33
138fd0c8333073fe7e34b8a391fad854d85a0093c55585aefd06ac7cf9b22b21
13c7de4871df34d9216b53dda1a56e968daa9b9421d2c41796166358319cc0bc
1ca386bb2e3101b8130d2d6ec7148e20709cf7a0ad6ad1b2c79940621122a9ea
1ea24522d92efc818dcd5a33b9fd6b79141a8f38a14ca6403b1c67c35d9b56e9
21166445952073b1fdf00e0eb0cdb238965699c8a6fd04bf3ceaff1dc80172fe
2172033cc841f94e32ca4412cd380e43d873a9e74e54aee03f0d26ed72d20be5
2feecb061d92e1855f691c21d40bcbccfdde140ac672917ce5b2e130119e2a6f
3756fe62254cb7c17b85592850e3022e3a0e811883ffd401ae86dac38dd11c1a
3dffc82a0521924f6a9a5b84a7083d5d879d15aafba4177bd488afe9ebecdecc
42171d76548498998da88f032aba50a028b9481fd7004a9a3b5d3b8d98fe48a2
428a7e398bb09dd069d59cc3a97f762f4f528548f172e51e7c300d2ea2e93547
476b485bef2818f3c5dfd6855f92585fbc0bbb52f80ebfd8384f054466dcd310
501b0789fcde6411d50d319e67cf7987dcfb3cf0173e461386a7cfe188468eff
509f2e49500fbaeb5d7e1959071f2922b693d0135080e2871e124ec8bdd08bb2
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499
578254b8c8e53db6ffe80754d29a9db454d8818885ac826b11e9b95389618b5b
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
60de1f0070920f1bcd85ecad75943499e9927778bede618e436c48f66203d15a
64dd6d9dd3281f90ad6086ba58b7a4dc2db9c1657349346286701ff6aaca7437
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7
6e7b2a0d6f8ef40ce0f6acfaec58c4d5564cd1b43f2fe23e368965a2586e14b8
7c3e5c663cc73fc93eb57bf089e19cb9af88dba44f1c436222e46103e96e3240
8250b2e89a5a1b797c8e4cfe91c80fc0ffc4062facbb75b8762592279878a065
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a747d5046fa08694788290ecd426312144765d6635e35475e03aafcf3e50170a
a8daef7bd730f3c47c0e3974491b016a0d6cc325cc949686f4472055c53f2ab4
ac583a92180240a327ad2711fdb9a29dfa64b322996eb72c8b01353c20733363
adf960923cbd6b577acf69253bf64d2ae8831198e3be5a6e89a7507bc5629b3a
af70e5a6272d899ae959ef1cea0f8e0ddbfcfb436d6faf595e82d81367a4fc6b
b51f6cc43d0ab11127a00646c6c440d5bdf7984295f2c4934938e2fc74943774
b853391e21c4b837f7db5772aaac81732ab3baa9360643ebd08a1b6fa121ddc3
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d240e7d5ab08159281c84de9661ef2d1c6943ceb9c6dcf3473202800f63d6355
d55ad3bc35664e6ce9dc3e6a71bb6d3a4c8fddeb6af1a195727c0361ddd92a2e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def2a184135eba029f8f785b3ed69edc5f36b368226ce1fcfeda4f5aa301d1b6
e4a77635540adbe84a9602199a75a3418c2c4dd771f788ab7afcb7120ad6da91
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ee55e9b11329ae16b54966afe12d04f183946f8c96ba9d1a1b17ed0f4ce47a0c
eea93275675f93daec1d218834f19ec3b66ccc700b5e2a760184cd4767d1bd00
f13a03415d5e2c3bd9d5360536c86b84cd4908595a9782cb206ffd80cc4e5596
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev Open in urlscan Pro 2606:4700::6812:323 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

95 %HTTPS

82 %IPv6

15 Domains

19 Subdomains

15 IPs

2 Countries

1505 kBTransfer

2630 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pub-14cdc96d52d243baa6b8e51fba1d83e5.r2.dev Open in urlscan Pro
2606:4700::6812:323 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

95 %
HTTPS

82 %
IPv6

15
Domains

19
Subdomains

15
IPs

2
Countries

1505 kB
Transfer

2630 kB
Size

0
Cookies

41 HTTP transactions
11 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!