accessdenied.gr8.com Open in urlscan Pro
104.160.64.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://account.stampandcashbiz.xyz/
Effective URL:
https://accessdenied.gr8.com/
Submission: On December 13 via automatic, source certstream-suspicious (December 13th 2020, 12:34:12 pm UTC)

Summary HTTP 73 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 12 domains to perform 73 HTTP transactions. The main IP is 104.160.64.15, located in United States and belongs to GETRESPONSE-IMPLIX, US. The main domain is accessdenied.gr8.com.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on July 30th 2020. Valid for: a year.

This is the only time accessdenied.gr8.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	104.160.64.15 104.160.64.15	46469 (GETRESPON...) (GETRESPONSE-IMPLIX)
16	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
4	104.160.64.77 104.160.64.77	46469 (GETRESPON...) (GETRESPONSE-IMPLIX)
4	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
1 4	173.193.182.60 173.193.182.60	36351 (SOFTLAYER) (SOFTLAYER)
13	2606:4700:10:... 2606:4700:10::6816:1983	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:10:... 2606:4700:10::ac43:592	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
6	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
73	14

5 104.160.64.15 (United States)

ASN46469 (GETRESPONSE-IMPLIX, US)
PTR: norevdns.getresponse.com

account.stampandcashbiz.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
accessdenied.gr8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 205.185.216.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

us-as.gr-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-ms.gr-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.160.64.77 (United States)

ASN46469 (GETRESPONSE-IMPLIX, US)
PTR: norevdns.getresponse.com

ga.getresponse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.96.102.137 (United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 173.193.182.60 (Dallas, United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: sl1.authpro.com

www.authpro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-v.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vsa4.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:592 (United States)

ASN13335 (CLOUDFLARENET, US)

www.powr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	gr-cdn.com us-as.gr-cdn.com us-ms.gr-cdn.com	1 MB
13	tawk.to embed.tawk.to static-v.tawk.to va.tawk.to Failed vsa4.tawk.to	226 KB
8	gstatic.com fonts.gstatic.com	185 KB
6	jsdelivr.net cdn.jsdelivr.net	55 KB
5	googleapis.com fonts.googleapis.com	4 KB
4	powr.io www.powr.io	9 KB
4	authpro.com 1 redirects www.authpro.com	4 KB
4	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com	3 KB
4	getresponse.com ga.getresponse.com	4 KB
3	gr8.com accessdenied.gr8.com	21 KB
2	cloudflare.com cdnjs.cloudflare.com	39 KB
2	stampandcashbiz.xyz account.stampandcashbiz.xyz	20 KB
73	12

	Domain	Requested by
14	us-as.gr-cdn.com	account.stampandcashbiz.xyz accessdenied.gr8.com
8	fonts.gstatic.com	fonts.googleapis.com
6	cdn.jsdelivr.net	static-v.tawk.to
5	vsa4.tawk.to	us-as.gr-cdn.com
5	fonts.googleapis.com	account.stampandcashbiz.xyz accessdenied.gr8.com static-v.tawk.to
4	va.tawk.to	us-as.gr-cdn.com
4	www.powr.io	us-as.gr-cdn.com www.powr.io
4	www.authpro.com	1 redirects us-as.gr-cdn.com www.authpro.com
4	dev.visualwebsiteoptimizer.com	account.stampandcashbiz.xyz accessdenied.gr8.com
4	ga.getresponse.com	account.stampandcashbiz.xyz accessdenied.gr8.com
3	accessdenied.gr8.com	www.authpro.com us-as.gr-cdn.com
2	static-v.tawk.to	embed.tawk.to
2	cdnjs.cloudflare.com	ga.getresponse.com
2	embed.tawk.to	account.stampandcashbiz.xyz
2	us-ms.gr-cdn.com	account.stampandcashbiz.xyz accessdenied.gr8.com
2	account.stampandcashbiz.xyz	us-as.gr-cdn.com
73	16

This site contains links to these domains. Also see Links.

Domain
stampandcashbiz.xyz
accountlogin.gr8.com
register.stampandcashbiz.xyz
escgvault.gr8.com
escgbaccount.gr8.com
www.authpro.com
access.stampandcashbiz.xyz
escgsupport.gr8.com

Subject Issuer	Validity	Valid
account.stampandcashbiz.xyz R3	`2020-12-13` - `2021-03-13`	3 months	crt.sh
*.gr-cdn.com Go Daddy Secure Certificate Authority - G2	`2020-03-23` - `2021-04-10`	a year	crt.sh
*.getresponse.com Go Daddy Secure Certificate Authority - G2	`2020-04-06` - `2021-04-11`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
authpro.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-08-12` - `2022-08-13`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-29` - `2021-07-29`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.gr8.com RapidSSL TLS RSA CA G1	`2020-07-30` - `2021-08-29`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh

This page contains 7 frames:

Primary Page: https://accessdenied.gr8.com/
Frame ID: E122B682C710867A3B707E4EAF1C2A57
Requests: 61 HTTP requests in this frame

Frame: https://www.powr.io/scroll-to-top/u/1138c05c_1607320699
Frame ID: D2E9826ACFE423CF8E47717AEDC09EE9
Requests: 1 HTTP requests in this frame

Frame: https://www.powr.io/scroll-to-top/u/1138c05c_1607320699
Frame ID: 78D1C30270B42F09F991E3C0BB8418AC
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: CDB0BE9465373376807EAD748DD10F60
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 726B682200EF9FA52231F39E19470207
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 1764D996C6407C382E1E275BEE1082DE
Requests: 7 HTTP requests in this frame

Frame: https://va.tawk.to/log
Frame ID: F66A10179484F4166A956BA7AECF6157
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://account.stampandcashbiz.xyz/ Page URL
https://www.authpro.com/auth/globalconnections/?action=ppreturn&url=https%3A//account.stampandcashbi... HTTP 302
https://accessdenied.gr8.com/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

73
Requests

96 %
HTTPS

62 %
IPv6

12
Domains

16
Subdomains

14
IPs

3
Countries

1781 kB
Transfer

5595 kB
Size

10
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://stampandcashbiz.xyz/
Title: HOME

Search URL Search Domain Scan URL

URL: https://accountlogin.gr8.com/
Title: LOG IN

Search URL Search Domain Scan URL

URL: http://register.stampandcashbiz.xyz/
Title: REGISTER

Search URL Search Domain Scan URL

URL: https://escgvault.gr8.com/
Title: MEMBERS AREA

Search URL Search Domain Scan URL

URL: https://escgbaccount.gr8.com/
Title: MY ACCOUNT

Search URL Search Domain Scan URL

URL: https://www.authpro.com/auth/globalconnections/?action=logout
Title: LOGOUT

Search URL Search Domain Scan URL

URL: http://access.stampandcashbiz.xyz/

Search URL Search Domain Scan URL

URL: https://escgsupport.gr8.com/
Title: CONTACT US

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://account.stampandcashbiz.xyz/ Page URL
https://www.authpro.com/auth/globalconnections/?action=ppreturn&url=https%3A//account.stampandcashbiz.xyz/ HTTP 302
https://accessdenied.gr8.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

73 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
account.stampandcashbiz.xyz/ 81 KB
15 KB 750ms
541ms Document
text/html 104.160.64.15
GETRESPONSE-IMPLIX

General

Check archive.org

Show headers Download Go to

Full URL: https://account.stampandcashbiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.160.64.15 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS: norevdns.getresponse.com
Software: nginx /
Resource Hash: 4f2675e709c7f6da2175327a2df846bede62a784e72ec233cc6950b8ef496e93

Request headers

:method: GET
:authority: account.stampandcashbiz.xyz
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Sun, 13 Dec 2020 12:33:52 GMT
content-type: text/html; charset=UTF-8
set-cookie: squeeze-page=tqofl3m16ki5n3hdhc0a0fm1d7; path=/; HttpOnly B4Ao9[variantVersion]=0; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip

GET
H2 200 reset-styles.615f98dd713a50942350.css
us-as.gr-cdn.com/javascripts/core/lps/dist/ 925 B
627 B 92ms
31ms Stylesheet
text/css 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://us-as.gr-cdn.com/javascripts/core/lps/dist/reset-styles.615f98dd713a50942350.css

Requested by

Host: account.stampandcashbiz.xyz
URL: https://account.stampandcashbiz.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

1ce5f3fe604178444613f80a6398d8c55abe621d453b1241b575194023466396

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://account.stampandcashbiz.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:53 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1dc09d84-39d"
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1607862833.dop203.pa1.t,1607862833.cds220.pa1.hn,1607862833.cds013.pa1.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 501

GET
H2 200 core-styles.a9ceeb0694afb6aa88ad.css
us-as.gr-cdn.com/javascripts/core/lps/dist/ 26 KB
7 KB 91ms
31ms Stylesheet
text/css 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://us-as.gr-cdn.com/javascripts/core/lps/dist/core-styles.a9ceeb0694afb6aa88ad.css

Requested by

Host: account.stampandcashbiz.xyz
URL: https://account.stampandcashbiz.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

1c1594980fc5fbb5b764a70b6089aa62f4a707a90854aa8aaad3919bab8e0420

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://account.stampandcashbiz.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:53 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1dc09d84-6914"
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1607862833.dop203.pa1.t,1607862833.cds220.pa1.hn,1607862833.cds042.pa1.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 6977

GET
H2 200 webform-styles.eb13efac220b2d2cafbf.css
us-as.gr-cdn.com/javascripts/core/lps/dist/ 30 KB
5 KB 92ms
32ms Stylesheet
text/css 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://us-as.gr-cdn.com/javascripts/core/lps/dist/webform-styles.eb13efac220b2d2cafbf.css

Requested by

Host: account.stampandcashbiz.xyz
URL: https://account.stampandcashbiz.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

4f8682cd04902350c91bdd6bda5ceb55ece87f2be833d09f5e1ad59b437c14b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://account.stampandcashbiz.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:53 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1dc09d84-772c"
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1607862833.dop203.pa1.t,1607862833.cds220.pa1.hn,1607862833.cds222.pa1.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 4669

GET
H2 200 style.css
us-as.gr-cdn.com/images/common/templates/landing/239/1/css/ 4 KB
932 B 92ms
32ms Stylesheet
text/css 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://us-as.gr-cdn.com/images/common/templates/landing/239/1/css/style.css

Requested by

Host: account.stampandcashbiz.xyz
URL: https://account.stampandcashbiz.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

dd05c30217e588bb8a1f23c2ec3b340801332290e721d12957a2798ee4b7d2d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://account.stampandcashbiz.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:53 GMT
content-encoding: gzip
last-modified: Mon, 07 Dec 2020 14:07:11 GMT
etag: "5fce370f-110b"
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1607862833.dop203.pa1.t,1607862833.cds220.pa1.hn,1607862833.cds232.pa1.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 795

GET
H/1.1 200
OK ga.js Show response
ga.getresponse.com/script/ 4 KB
2 KB 745ms
114ms Script
application/javascript 104.160.64.77
GETRESPONSE-IMPLIX

General

Check archive.org

Show headers Download Go to

Full URL: https://ga.getresponse.com/script/ga.js?grid=sBDcFWkRYfXsIAA%3D%3D
Requested by: Host: account.stampandcashbiz.xyz
URL: https://account.stampandcashbiz.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.160.64.77 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS: norevdns.getresponse.com
Software: /
Resource Hash: a7b511cda567bf8c48fe6b62395b469648ceaea88c35a9500fa2be847224d410

Request headers

Referer: https://account.stampandcashbiz.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 13 Dec 2020 12:33:53 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 manifest.09c13c018aca9d0c1248.js Show response
us-as.gr-cdn.com/javascripts/core/lps/dist/ 2 KB
1 KB 91ms
34ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://us-as.gr-cdn.com/javascripts/core/lps/dist/manifest.09c13c018aca9d0c1248.js

Requested by

Host: account.stampandcashbiz.xyz
URL: https://account.stampandcashbiz.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

c112a7ef0a882ff02fa05638041e84cba5b50a4713c3e1d9d7a1ecc331399088

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://account.stampandcashbiz.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:53 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1dc09d84-9bb"
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1607862833.dop203.pa1.t,1607862833.cds220.pa1.hn,1607862833.cds203.pa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1286

GET
H2 200 vendor.chunk.aedf35992cf4e073e6d8.js Show response
us-as.gr-cdn.com/javascripts/core/lps/dist/ 680 KB
189 KB 137ms
80ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://us-as.gr-cdn.com/javascripts/core/lps/dist/vendor.chunk.aedf35992cf4e073e6d8.js

Requested by

Host: account.stampandcashbiz.xyz
URL: https://account.stampandcashbiz.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

827d75ae812218cc42ca674130c21456a3f1bbd0e0cd636cf38dc6d761c34b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://account.stampandcashbiz.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:53 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1dc09d84-a9f55"
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1607862833.dop203.pa1.t,1607862833.cds220.pa1.hn,1607862833.cds031.pa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 193064

GET
H2 200 show.chunk.d49ceaaf4b0e17e14c5d.js Show response
us-as.gr-cdn.com/javascripts/core/lps/dist/ 918 KB
231 KB 91ms
34ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://us-as.gr-cdn.com/javascripts/core/lps/dist/show.chunk.d49ceaaf4b0e17e14c5d.js

Requested by

Host: account.stampandcashbiz.xyz
URL: https://account.stampandcashbiz.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

51e35c9e5ca3853e2d0dc959f6fccbfa8037c24bedca84cfd81ad8e76230c3cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://account.stampandcashbiz.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:53 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1dc09d84-e5617"
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1607862833.dop203.pa1.t,1607862833.cds220.pa1.hn,1607862833.cds030.pa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 236437

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 3 KB
1 KB 73ms
27ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=4859&u=https%3A%2F%2Faccount.stampandcashbiz.xyz%2F&r=0.28928679129191015
Requested by: Host: account.stampandcashbiz.xyz
URL: https://account.stampandcashbiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 617044c91d4e9adb356004b47a5bcc18394d7301eb560355b4c13c93a5b7a409

Request headers

Referer: https://account.stampandcashbiz.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Dec 2020 12:33:53 GMT
via: 1.1 google
server: gams1
content-encoding: gzip
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 10cdf8df-484e-4577-94c6-d6c3faef3938.jpg
us-ms.gr-cdn.com/getresponse-hdYle/photos/ 171 KB
172 KB 254ms
253ms Image
image/jpeg 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-ms.gr-cdn.com/getresponse-hdYle/photos/10cdf8df-484e-4577-94c6-d6c3faef3938.jpg

Requested by

Host: account.stampandcashbiz.xyz
URL: https://account.stampandcashbiz.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

0e371a2092f5621d56b3081f4b4258952a48eec468e38d6c106fe73cf143d70b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://account.stampandcashbiz.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:53 GMT
last-modified: Wed, 17 Jun 2020 01:56:32 GMT
etag: "e32e7ab531c51dc6b14af3f14894745d"
x-robots-tag: noindex, nofollow
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1607862833.dop203.pa1.t,1607862833.cds220.pa1.hn,1607862833.cds205.pa1.p
x-amz-version-id: 84qVJ7JX9QYNGqeg4ExRHblpqmVOXZPc
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
content-length: 175224
x-amz-id-2: d4YLkxwoQQsPG72esdfM/yKHh+UP1wD7Q04YWnNIXUpNXGOCCQZCT7jIhjfTRBHroXZnlO17avk=

GET
H2 200 lps-webfont-module.chunk.94646f2de4e10180e8e7.js Show response
account.stampandcashbiz.xyz/javascripts/core/lps/dist/ 12 KB
5 KB 104ms
104ms Script
application/javascript 104.160.64.15
GETRESPONSE-IMPLIX

General

Check archive.org

Show headers Download Go to

Full URL: https://account.stampandcashbiz.xyz/javascripts/core/lps/dist/lps-webfont-module.chunk.94646f2de4e10180e8e7.js
Requested by: Host: us-as.gr-cdn.com
URL: https://us-as.gr-cdn.com/javascripts/core/lps/dist/manifest.09c13c018aca9d0c1248.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.160.64.15 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS: norevdns.getresponse.com
Software: nginx /
Resource Hash: a4e22fcd027f66db487146b1af8a1bb63e0be1c0ccf56ab6ed5bacc7212cf945

Request headers

Referer: https://account.stampandcashbiz.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:53 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: nginx
etag: W/"1dc09d84-2fdd"
content-type: application/javascript

GET
H/1.1 200
OK / Show response
www.authpro.com/auth/globalconnections/ 2 KB
1 KB 577ms
145ms Script
text/javascript 173.193.182.60
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://www.authpro.com/auth/globalconnections/?action=pp
Requested by: Host: us-as.gr-cdn.com
URL: https://us-as.gr-cdn.com/javascripts/core/lps/dist/vendor.chunk.aedf35992cf4e073e6d8.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.193.182.60 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: sl1.authpro.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash: 5c7ac29a68fd03aba4b5650f1e349f5e221f81226bc8ac257e650d186412d7e7

Request headers

Referer: https://account.stampandcashbiz.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Dec 2020 12:34:39 GMT
Content-Encoding: gzip
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Vary: *,Accept-Encoding
Content-Type: text/javascript; charset=ISO-8859-1
Cache-control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 826
Expires: 0

GET
H/1.1 200
OK / Show response
www.authpro.com/auth/globalconnections/ 2 KB
1 KB 583ms
149ms Script
text/javascript 173.193.182.60
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://www.authpro.com/auth/globalconnections/?action=pp&get_profile=1
Requested by: Host: us-as.gr-cdn.com
URL: https://us-as.gr-cdn.com/javascripts/core/lps/dist/vendor.chunk.aedf35992cf4e073e6d8.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.193.182.60 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: sl1.authpro.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash: 5c7ac29a68fd03aba4b5650f1e349f5e221f81226bc8ac257e650d186412d7e7

Request headers

Referer: https://account.stampandcashbiz.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Dec 2020 12:34:39 GMT
Content-Encoding: gzip
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Vary: *,Accept-Encoding
Content-Type: text/javascript; charset=ISO-8859-1
Cache-control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 826
Expires: 0

GET
H/1.1 200
OK regformfill.js Show response
www.authpro.com/js/ 932 B
952 B 580ms
145ms Script
application/javascript 173.193.182.60
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://www.authpro.com/js/regformfill.js
Requested by: Host: us-as.gr-cdn.com
URL: https://us-as.gr-cdn.com/javascripts/core/lps/dist/vendor.chunk.aedf35992cf4e073e6d8.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.193.182.60 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: sl1.authpro.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 /
Resource Hash: 7a2aff6e7fce374d4ef1316364140e3cc1d9dbe4144bf469d04c710261bd6ec8

Request headers

Referer: https://account.stampandcashbiz.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 13 Dec 2020 12:34:39 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Dec 2020 09:26:31 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
ETag: "3a4-5b62ce3401fc0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 517

GET
H2 200 default
embed.tawk.to/5fc735a6920fc91564cca265/ 11 KB
3 KB 596ms
596ms Script
application/x-javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5fc735a6920fc91564cca265/default

Requested by

Host: account.stampandcashbiz.xyz
URL: https://account.stampandcashbiz.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://account.stampandcashbiz.xyz
Referer: https://account.stampandcashbiz.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 06fdb0e8cf0000c286ff888000000001
server: cloudflare
etag: W/"full-s-697-en"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400, s-maxage=3600
cf-ray: 600fb7547d87c286-FRA

GET
H2 200 powr.js Show response
www.powr.io/ 12 KB
5 KB 43ms
28ms Script
application/javascript 2606:4700:10::ac43:592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.powr.io/powr.js?platform=duda

Requested by

Host: us-as.gr-cdn.com
URL: https://us-as.gr-cdn.com/javascripts/core/lps/dist/vendor.chunk.aedf35992cf4e073e6d8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:592 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

343ac75b89668a8e24b9af292b369cffbbf9c8c0ec2d24b143bd5fff85937478

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://account.stampandcashbiz.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 600fb75498ca9814-FRA
date: Sun, 13 Dec 2020 12:33:53 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 22:45:45 GMT
server: cloudflare
age: 339352
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-request-id: 06fdb0e8de000098149cbfc000000001
cf-bgj: minify

GET
H3-Q050 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
301 B 127ms
106ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=4859&d=stampandcashbiz.xyz&u=D7EF9CFCA9F0220BE802951362E57E6D6&h=3054db4a4fbf91beeb50297530cc89b4&t=false&r=0.2061141467099037

Requested by

Host: account.stampandcashbiz.xyz
URL: https://account.stampandcashbiz.xyz/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.stampandcashbiz.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Dec 2020 12:33:53 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 1138c05c_1607320699
www.powr.io/scroll-to-top/u/ Frame D2E9 0
0 481ms
480ms Document
text/html 2606:4700:10::ac43:592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.powr.io/scroll-to-top/u/1138c05c_1607320699

Requested by

Host: www.powr.io
URL: https://www.powr.io/powr.js?platform=duda

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:592 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOWALL

Request headers

:method: GET
:authority: www.powr.io
:scheme: https
:path: /scroll-to-top/u/1138c05c_1607320699
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://account.stampandcashbiz.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://account.stampandcashbiz.xyz/

Response headers

date: Sun, 13 Dec 2020 12:33:53 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d492d9368f15365f4cd3e73677e94ce921607862833; expires=Tue, 12-Jan-21 12:33:53 GMT; path=/; domain=.powr.io; HttpOnly; SameSite=Lax; Secure src=https%3A%2F%2Faccount.stampandcashbiz.xyz%2F; path=/; expires=Wed, 13 Jan 2021 12:33:53 GMT; SameSite=None; secure unique_id=f2d22b7b_1607862833; path=/; SameSite=None; secure editables=; path=/; SameSite=None; secure POWR_PRODUCTION=7QQ1GdB9EJKaLrcDbZZbPoA00UaHeku0ivaz155psETYad3yiExY9bhNJiqVfu8MYXgB6a7ZKKckiNR2t1ylZwi3npmNCP31I2Wzf0QL1Mj46UdqsvaBv3ECt5pN%2BaEcC7O55OS6dPMHJxOx5Hq2i%2BOUQlLumGMNRfJ%2BzYpLV9EX1OSsu1Wdl9pNhVz9IeigdHpe--1s%2BywaUs4urns0md--c6Tz3yhSEkARRTUN87BrlQ%3D%3D; path=/; secure; HttpOnly; SameSite=None
x-frame-options: ALLOWALL
cache-control: max-age=300, public
x-request-id: 3121f17a-b418-47ba-8c4d-48842d698e2d
x-runtime: 0.071023
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur
cf-cache-status: DYNAMIC
cf-request-id: 06fdb0e9040000981473215000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 600fb754d8f39814-FRA
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 28 KB
1 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Exo+2:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7CCoda:400,400i,700,700i&subset=cyrillic,latin-ext,cyrillic,greek,latin-ext,vietnamese

Requested by

Host: account.stampandcashbiz.xyz
URL: https://account.stampandcashbiz.xyz/javascripts/core/lps/dist/lps-webfont-module.chunk.94646f2de4e10180e8e7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a2a801c14ca6a064a28994a91f031119033dbcd51e0595f79370639de0250a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://account.stampandcashbiz.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Dec 2020 12:33:53 GMT
server: ESF
date: Sun, 13 Dec 2020 12:33:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Dec 2020 12:33:53 GMT

GET
H2 200 7cHmv4okm5zmbtYoK-4W4nIp.woff2
fonts.gstatic.com/s/exo2/v9/ 38 KB
38 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo2/v9/7cHmv4okm5zmbtYoK-4W4nIp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Exo+2:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7CCoda:400,400i,700,700i&subset=cyrillic,latin-ext,cyrillic,greek,latin-ext,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a616708e8cde02643632a61fba1656ecb51a2d1bcf6a05ad2c8da7a4aa51e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://account.stampandcashbiz.xyz
Referer: https://fonts.googleapis.com/css?family=Exo+2:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7CCoda:400,400i,700,700i&subset=cyrillic,latin-ext,cyrillic,greek,latin-ext,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 04:19:57 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:19:30 GMT
server: sffe
age: 202436
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39004
x-xss-protection: 0
expires: Sat, 11 Dec 2021 04:19:57 GMT

GET
H2 200 SLXHc1jY5nQ8FUUGa7SOz9M.woff2
fonts.gstatic.com/s/coda/v16/ 13 KB
13 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/coda/v16/SLXHc1jY5nQ8FUUGa7SOz9M.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aeec6c4c92603d16e622b713f338540c0d6b71b22960049224db426531b4207c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://account.stampandcashbiz.xyz
Referer: https://fonts.googleapis.com/css?family=Exo+2:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7CCoda:400,400i,700,700i&subset=cyrillic,latin-ext,cyrillic,greek,latin-ext,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 10:12:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 04:31:38 GMT
server: sffe
age: 354093
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13312
x-xss-protection: 0
expires: Thu, 09 Dec 2021 10:12:20 GMT

GET
H3-Q050 200 7cHmv4okm5zmbtYsK-4W4nIppT4.woff2
fonts.gstatic.com/s/exo2/v9/ 19 KB
20 KB 36ms
22ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo2/v9/7cHmv4okm5zmbtYsK-4W4nIppT4.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07789c4321505ab96e2f43551da613a769233552b0d95a15d271c1ff76c0b654

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://account.stampandcashbiz.xyz
Referer: https://fonts.googleapis.com/css?family=Exo+2:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7CCoda:400,400i,700,700i&subset=cyrillic,latin-ext,cyrillic,greek,latin-ext,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 01:25:19 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:39:59 GMT
server: sffe
age: 40114
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19724
x-xss-protection: 0
expires: Mon, 13 Dec 2021 01:25:19 GMT

GET
H3-Q050 200 7cHov4okm5zmbtYtG-gc5VArlT8bdw.woff2
fonts.gstatic.com/s/exo2/v9/ 22 KB
22 KB 36ms
22ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo2/v9/7cHov4okm5zmbtYtG-gc5VArlT8bdw.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16b01a5535d01f8fe7d4dc4cb91f4adb2082f015d9c10eb06cf4ac03c7670ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://account.stampandcashbiz.xyz
Referer: https://fonts.googleapis.com/css?family=Exo+2:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7CCoda:400,400i,700,700i&subset=cyrillic,latin-ext,cyrillic,greek,latin-ext,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 10:01:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:42:19 GMT
server: sffe
age: 354737
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22188
x-xss-protection: 0
expires: Thu, 09 Dec 2021 10:01:36 GMT

GET
H2 200 piwik.js
cdnjs.cloudflare.com/ajax/libs/piwik/3.5.0/ 64 KB
20 KB 45ms
13ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/piwik/3.5.0/piwik.js

Requested by

Host: ga.getresponse.com
URL: https://ga.getresponse.com/script/ga.js?grid=sBDcFWkRYfXsIAA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.stampandcashbiz.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 950861
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19520
cf-request-id: 06fdb0eb030000323756032000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f8c-fed5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dojE%2BSGarXL7Rdejp1%2B80J7NisukZ4MUqvMMGiLFxGfLnUfw1cORNgcfsWzynoEAb1LiqxE%2B15gq13tQALlLVznsZv%2FHaXihWhz50qAwReSFbf14wCh%2BymB7hcs59YtGtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 600fb7580a213237-FRA
expires: Fri, 03 Dec 2021 12:33:53 GMT

GET /
www.authpro.com/auth/globalconnections/ 0
0

GET
H2

200

Primary Request / Show response
accessdenied.gr8.com/
Redirect Chain

https://www.authpro.com/auth/globalconnections/?action=ppreturn&url=https%3A//account.stampandcashbiz.xyz/
https://accessdenied.gr8.com/

78 KB
15 KB

800ms
591ms

Document
text/html

104.160.64.15
GETRESPONSE-IMPLIX

General

Check archive.org

Show headers Download Go to

Full URL: https://accessdenied.gr8.com/
Requested by: Host: www.authpro.com
URL: https://www.authpro.com/auth/globalconnections/?action=pp&get_profile=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.160.64.15 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS: norevdns.getresponse.com
Software: nginx /
Resource Hash: c13e31b66530430e331984f19ea171daa565b11017f2db4f3723225e825eb280

Request headers

:method: GET
:authority: accessdenied.gr8.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://account.stampandcashbiz.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://account.stampandcashbiz.xyz/

Response headers

server: nginx
date: Sun, 13 Dec 2020 12:33:54 GMT
content-type: text/html; charset=UTF-8
set-cookie: squeeze-page=lj4o6fnfd0a15s0f6ekkaechhb; path=/; HttpOnly BAEo2[variantVersion]=0; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip

Redirect headers

Date: Sun, 13 Dec 2020 12:34:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Set-Cookie: ARETURN=globalconnections:https%3A%2F%2Faccount%2Estampandcashbiz%2Exyz%2F; domain=.authpro.com; path=/;
Location: https://accessdenied.gr8.com/
Content-Length: 213
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 204
No Content index.php
ga.getresponse.com/ 0
103 B 113ms
111ms Image
text/html 104.160.64.77
GETRESPONSE-IMPLIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ga.getresponse.com/index.php?ver=3&action_name=ESCG%20BIZ%20ACCOUNT&idsite=&rec=1&r=585010&h=13&m=33&s=53&url=https%3A%2F%2Faccount.stampandcashbiz.xyz%2F&uid=%7B%22uuid%22%3A%2252d27fcf-eab2-4941-86a5-6f3c899f0963%22%2C%22email%22%3A%22%22%2C%22xsid%22%3A%22%22%2C%22gr_x%22%3A%22%22%2C%22gr_s%22%3A%22%22%2C%22gr_m%22%3A%22%22%2C%22valuable%22%3A0%7D&_id=c7556f505bb39ebd&_idts=1607862834&_idvc=1&_idn=1&_refts=0&_viewts=1607862834&send_image=1&cookie=1&res=1600x1200&_cvar=%7B%221%22%3A%5B%22grid%22%2C%22sBDcFWkRYfXsIAA%3D%3D%22%5D%7D&gt_ms=543&pv_id=Srneyp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.160.64.77 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS: norevdns.getresponse.com
Software: /
Resource Hash

Request headers

Referer: https://account.stampandcashbiz.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 13 Dec 2020 12:33:54 GMT
Content-Type: text/html;charset=UTF-8

GET
H2 200 app.js
static-v.tawk.to/697/ 497 KB
108 KB 711ms
711ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-v.tawk.to/697/app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5fc735a6920fc91564cca265/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://account.stampandcashbiz.xyz
Referer: https://account.stampandcashbiz.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 06fdb0eb390000c2864225a000000001
last-modified: Thu, 26 Nov 2020 12:13:39 GMT
server: cloudflare
etag: W/"5fbf9bf3-7c2ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 600fb7584d1ec286-FRA

GET widget-settings
va.tawk.to/v1/ 0
0

POST 1607862834692
va.tawk.to/register/ 0
0

GET
H2 200 reset-styles.615f98dd713a50942350.css
us-as.gr-cdn.com/javascripts/core/lps/dist/ 925 B
636 B 31ms
30ms Stylesheet
text/css 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://us-as.gr-cdn.com/javascripts/core/lps/dist/reset-styles.615f98dd713a50942350.css

Requested by

Host: accessdenied.gr8.com
URL: https://accessdenied.gr8.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

1ce5f3fe604178444613f80a6398d8c55abe621d453b1241b575194023466396

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:54 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1dc09d84-39d"
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1607862834.dop203.pa1.t,1607862834.cds220.pa1.hn,1607862834.cds013.pa1.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 501

GET
H2 200 core-styles.a9ceeb0694afb6aa88ad.css
us-as.gr-cdn.com/javascripts/core/lps/dist/ 26 KB
7 KB 32ms
31ms Stylesheet
text/css 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://us-as.gr-cdn.com/javascripts/core/lps/dist/core-styles.a9ceeb0694afb6aa88ad.css

Requested by

Host: accessdenied.gr8.com
URL: https://accessdenied.gr8.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

1c1594980fc5fbb5b764a70b6089aa62f4a707a90854aa8aaad3919bab8e0420

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:54 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1dc09d84-6914"
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1607862834.dop203.pa1.t,1607862834.cds220.pa1.hn,1607862834.cds042.pa1.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 6977

GET
H2 200 webform-styles.eb13efac220b2d2cafbf.css
us-as.gr-cdn.com/javascripts/core/lps/dist/ 30 KB
5 KB 35ms
34ms Stylesheet
text/css 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://us-as.gr-cdn.com/javascripts/core/lps/dist/webform-styles.eb13efac220b2d2cafbf.css

Requested by

Host: accessdenied.gr8.com
URL: https://accessdenied.gr8.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

4f8682cd04902350c91bdd6bda5ceb55ece87f2be833d09f5e1ad59b437c14b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:54 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1dc09d84-772c"
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1607862834.dop203.pa1.t,1607862834.cds220.pa1.hn,1607862834.cds222.pa1.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 4669

GET
H2 200 style.css
us-as.gr-cdn.com/images/common/templates/landing/239/1/css/ 4 KB
907 B 35ms
35ms Stylesheet
text/css 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://us-as.gr-cdn.com/images/common/templates/landing/239/1/css/style.css

Requested by

Host: accessdenied.gr8.com
URL: https://accessdenied.gr8.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

dd05c30217e588bb8a1f23c2ec3b340801332290e721d12957a2798ee4b7d2d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:54 GMT
content-encoding: gzip
last-modified: Mon, 07 Dec 2020 14:07:11 GMT
etag: "5fce370f-110b"
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1607862834.dop203.pa1.t,1607862834.cds220.pa1.hn,1607862834.cds232.pa1.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 795

GET
H/1.1 200
OK ga.js Show response
ga.getresponse.com/script/ 4 KB
2 KB 123ms
122ms Script
application/javascript 104.160.64.77
GETRESPONSE-IMPLIX

General

Check archive.org

Show headers Download Go to

Full URL: https://ga.getresponse.com/script/ga.js?grid=sBDcFWkRYfXsIAA%3D%3D
Requested by: Host: accessdenied.gr8.com
URL: https://accessdenied.gr8.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.160.64.77 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS: norevdns.getresponse.com
Software: /
Resource Hash: a7b511cda567bf8c48fe6b62395b469648ceaea88c35a9500fa2be847224d410

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 13 Dec 2020 12:33:55 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 manifest.09c13c018aca9d0c1248.js Show response
us-as.gr-cdn.com/javascripts/core/lps/dist/ 2 KB
1 KB 36ms
35ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://us-as.gr-cdn.com/javascripts/core/lps/dist/manifest.09c13c018aca9d0c1248.js

Requested by

Host: accessdenied.gr8.com
URL: https://accessdenied.gr8.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

c112a7ef0a882ff02fa05638041e84cba5b50a4713c3e1d9d7a1ecc331399088

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:54 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1dc09d84-9bb"
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1607862834.dop203.pa1.t,1607862834.cds220.pa1.hn,1607862834.cds203.pa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1286

GET
H2 200 vendor.chunk.aedf35992cf4e073e6d8.js Show response
us-as.gr-cdn.com/javascripts/core/lps/dist/ 680 KB
189 KB 37ms
37ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://us-as.gr-cdn.com/javascripts/core/lps/dist/vendor.chunk.aedf35992cf4e073e6d8.js

Requested by

Host: accessdenied.gr8.com
URL: https://accessdenied.gr8.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

827d75ae812218cc42ca674130c21456a3f1bbd0e0cd636cf38dc6d761c34b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:54 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1dc09d84-a9f55"
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1607862834.dop203.pa1.t,1607862834.cds220.pa1.hn,1607862834.cds031.pa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 193064

GET
H2 200 show.chunk.d49ceaaf4b0e17e14c5d.js Show response
us-as.gr-cdn.com/javascripts/core/lps/dist/ 918 KB
231 KB 48ms
47ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://us-as.gr-cdn.com/javascripts/core/lps/dist/show.chunk.d49ceaaf4b0e17e14c5d.js

Requested by

Host: accessdenied.gr8.com
URL: https://accessdenied.gr8.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

51e35c9e5ca3853e2d0dc959f6fccbfa8037c24bedca84cfd81ad8e76230c3cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:54 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1dc09d84-e5617"
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1607862834.dop203.pa1.t,1607862834.cds220.pa1.hn,1607862834.cds030.pa1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 236437

GET
H3-Q050 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 3 KB
1 KB 26ms
24ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=4859&u=https%3A%2F%2Faccessdenied.gr8.com%2F&r=0.9155983034781583
Requested by: Host: accessdenied.gr8.com
URL: https://accessdenied.gr8.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 384dd9dc33c0824d3b7ab113b50616cbf627b4e999274143bdef2157cbc4e890

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 13 Dec 2020 12:33:54 GMT
via: 1.1 google
server: gams1
content-encoding: gzip
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 10cdf8df-484e-4577-94c6-d6c3faef3938.jpg
us-ms.gr-cdn.com/getresponse-hdYle/photos/ 171 KB
171 KB 26ms
26ms Image
image/jpeg 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us-ms.gr-cdn.com/getresponse-hdYle/photos/10cdf8df-484e-4577-94c6-d6c3faef3938.jpg

Requested by

Host: accessdenied.gr8.com
URL: https://accessdenied.gr8.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

0e371a2092f5621d56b3081f4b4258952a48eec468e38d6c106fe73cf143d70b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:54 GMT
last-modified: Wed, 17 Jun 2020 01:56:32 GMT
etag: "e32e7ab531c51dc6b14af3f14894745d"
x-robots-tag: noindex, nofollow
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1607862834.dop203.pa1.t,1607862834.cds220.pa1.hn,1607862834.cds205.pa1.c
x-amz-version-id: 84qVJ7JX9QYNGqeg4ExRHblpqmVOXZPc
cache-control: max-age=31535999
accept-ranges: bytes
content-type: image/jpeg
content-length: 175224
x-amz-id-2: d4YLkxwoQQsPG72esdfM/yKHh+UP1wD7Q04YWnNIXUpNXGOCCQZCT7jIhjfTRBHroXZnlO17avk=

GET
H2 200 lps-webfont-module.chunk.94646f2de4e10180e8e7.js Show response
accessdenied.gr8.com/javascripts/core/lps/dist/ 12 KB
5 KB 105ms
104ms Script
application/javascript 104.160.64.15
GETRESPONSE-IMPLIX

General

Check archive.org

Show headers Download Go to

Full URL: https://accessdenied.gr8.com/javascripts/core/lps/dist/lps-webfont-module.chunk.94646f2de4e10180e8e7.js
Requested by: Host: us-as.gr-cdn.com
URL: https://us-as.gr-cdn.com/javascripts/core/lps/dist/manifest.09c13c018aca9d0c1248.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.160.64.15 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS: norevdns.getresponse.com
Software: nginx /
Resource Hash: a4e22fcd027f66db487146b1af8a1bb63e0be1c0ccf56ab6ed5bacc7212cf945

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:55 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: nginx
etag: W/"1dc09d84-2fdd"
content-type: application/javascript

GET
H2 200 default Show response
embed.tawk.to/5fc735a6920fc91564cca265/ 11 KB
3 KB 200ms
200ms Script
application/x-javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5fc735a6920fc91564cca265/default

Requested by

Host: account.stampandcashbiz.xyz
URL: https://account.stampandcashbiz.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe05df859b808f46c40c506b58b6e65ca78369327b072c314da2058c520cfb65

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://accessdenied.gr8.com
Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 06fdb0efc90000c2864082a000000001
server: cloudflare
etag: W/"full-s-697-en"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400, s-maxage=3600
cf-ray: 600fb75facb2c286-FRA

GET
H2 200 powr.js Show response
www.powr.io/ 12 KB
4 KB 20ms
20ms Script
application/javascript 2606:4700:10::ac43:592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.powr.io/powr.js?platform=duda

Requested by

Host: us-as.gr-cdn.com
URL: https://us-as.gr-cdn.com/javascripts/core/lps/dist/vendor.chunk.aedf35992cf4e073e6d8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:592 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

343ac75b89668a8e24b9af292b369cffbbf9c8c0ec2d24b143bd5fff85937478

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 600fb75fa9a69814-FRA
date: Sun, 13 Dec 2020 12:33:55 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 22:45:45 GMT
server: cloudflare
age: 339354
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-request-id: 06fdb0efcc000098145c0d6000000001
cf-bgj: minify

GET
H3-Q050 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
55 B 103ms
102ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=4859&d=gr8.com&u=D5D808197C65596EA9883B65E06FDA96D&h=517302d2c79b037edd4950298932d32a&t=false&r=0.6715439067200828

Requested by

Host: accessdenied.gr8.com
URL: https://accessdenied.gr8.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Dec 2020 12:33:54 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 piwik.js Show response
cdnjs.cloudflare.com/ajax/libs/piwik/3.5.0/ 64 KB
19 KB 12ms
12ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/piwik/3.5.0/piwik.js

Requested by

Host: ga.getresponse.com
URL: https://ga.getresponse.com/script/ga.js?grid=sBDcFWkRYfXsIAA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7d392694a1257cc4052e24f1f02e9bbd1431ab0d27b64c3d9a76b13f539130b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 950863
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19520
cf-request-id: 06fdb0efed000032373f926000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f8c-fed5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4d0xRvFZGtLQeAOxLdlEr3TXlKrnq86gChk6sWy9i0l7p05scnTp6LcHS6prU8h%2BzlPkdNw3QWQcPfi1OudDsn9mLvfUGoZfp%2FVNZsK7rhYDDFE94613yXsFj61%2BeLvLhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 600fb75fed553237-FRA
expires: Fri, 03 Dec 2021 12:33:55 GMT

GET
H2 200 1138c05c_1607320699
www.powr.io/scroll-to-top/u/ Frame 78D1 0
0 505ms
505ms Document
text/html 2606:4700:10::ac43:592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.powr.io/scroll-to-top/u/1138c05c_1607320699

Requested by

Host: www.powr.io
URL: https://www.powr.io/powr.js?platform=duda

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:592 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOWALL

Request headers

:method: GET
:authority: www.powr.io
:scheme: https
:path: /scroll-to-top/u/1138c05c_1607320699
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://accessdenied.gr8.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: src=https%3A%2F%2Faccount.stampandcashbiz.xyz%2F; unique_id=f2d22b7b_1607862833; editables=; POWR_PRODUCTION=7QQ1GdB9EJKaLrcDbZZbPoA00UaHeku0ivaz155psETYad3yiExY9bhNJiqVfu8MYXgB6a7ZKKckiNR2t1ylZwi3npmNCP31I2Wzf0QL1Mj46UdqsvaBv3ECt5pN%2BaEcC7O55OS6dPMHJxOx5Hq2i%2BOUQlLumGMNRfJ%2BzYpLV9EX1OSsu1Wdl9pNhVz9IeigdHpe--1s%2BywaUs4urns0md--c6Tz3yhSEkARRTUN87BrlQ%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://accessdenied.gr8.com/

Response headers

date: Sun, 13 Dec 2020 12:33:55 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=dfac3b82759c12ff2b3f431fea74f38c31607862835; expires=Tue, 12-Jan-21 12:33:55 GMT; path=/; domain=.powr.io; HttpOnly; SameSite=Lax; Secure POWR_PRODUCTION=qqxvXMoYTMNhsX2fPepKhGDxcz3xP7MDRpNsyBjKXGw9j3%2B%2BIoYHick7AdTAjawf0UFImDyGa5AI1oAJ4E011nhgfLs5EuLG4ikUHdRG4tA2IV%2BL2phIykWbEHaLAjY8Dzny8LYUdddiJfYvKgP4Gu2YymOF6%2BCWx2jKSS8ZgjFys4%2BjWvDXHPod4G%2FlBrenvs9E--jRFFDA5k9PPHAZWu--870sfdZkoi81NesxwT%2BlPw%3D%3D; path=/; secure; HttpOnly; SameSite=None
x-frame-options: ALLOWALL
cache-control: max-age=300, public
x-request-id: ca4e2b00-bef2-444c-8c4a-f1a1682eada2
x-runtime: 0.099223
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur
cf-cache-status: DYNAMIC
cf-request-id: 06fdb0eff40000981493214000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 600fb75fe9d19814-FRA
content-encoding: br

GET
H/1.1 204
No Content index.php
ga.getresponse.com/ 0
103 B 113ms
113ms Image
text/html 104.160.64.77
GETRESPONSE-IMPLIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ga.getresponse.com/index.php?ver=3&action_name=Access%20Denied&idsite=&rec=1&r=545493&h=13&m=33&s=55&url=https%3A%2F%2Faccessdenied.gr8.com%2F&urlref=https%3A%2F%2Faccount.stampandcashbiz.xyz%2F&uid=%7B%22uuid%22%3A%22729dd037-6ee3-4ea2-a641-2e56d6d79884%22%2C%22email%22%3A%22%22%2C%22xsid%22%3A%22%22%2C%22gr_x%22%3A%22%22%2C%22gr_s%22%3A%22%22%2C%22gr_m%22%3A%22%22%2C%22valuable%22%3A0%7D&_id=5217ab138e737378&_idts=1607862835&_idvc=1&_idn=1&_refts=1607862835&_viewts=1607862835&_ref=https%3A%2F%2Faccount.stampandcashbiz.xyz%2F&send_image=1&cookie=1&res=1600x1200&_cvar=%7B%221%22%3A%5B%22grid%22%2C%22sBDcFWkRYfXsIAA%3D%3D%22%5D%7D&gt_ms=592&pv_id=g1axg1
Requested by: Host: accessdenied.gr8.com
URL: https://accessdenied.gr8.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.160.64.77 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),
Reverse DNS: norevdns.getresponse.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 13 Dec 2020 12:33:55 GMT
Content-Type: text/html;charset=UTF-8

GET
H3-Q050 200 css
fonts.googleapis.com/ 28 KB
1 KB 45ms
31ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: accessdenied.gr8.com
URL: https://accessdenied.gr8.com/javascripts/core/lps/dist/lps-webfont-module.chunk.94646f2de4e10180e8e7.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a2a801c14ca6a064a28994a91f031119033dbcd51e0595f79370639de0250a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Dec 2020 12:33:55 GMT
server: ESF
date: Sun, 13 Dec 2020 12:33:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Dec 2020 12:33:55 GMT

GET
H3-Q050 200 7cHmv4okm5zmbtYoK-4W4nIp.woff2
fonts.gstatic.com/s/exo2/v9/ 38 KB
38 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo2/v9/7cHmv4okm5zmbtYoK-4W4nIp.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a616708e8cde02643632a61fba1656ecb51a2d1bcf6a05ad2c8da7a4aa51e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://accessdenied.gr8.com
Referer: https://fonts.googleapis.com/css?family=Exo+2:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7CCoda:400,400i,700,700i&subset=cyrillic,latin-ext,cyrillic,greek,latin-ext,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 04:19:57 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:19:30 GMT
server: sffe
age: 202438
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39004
x-xss-protection: 0
expires: Sat, 11 Dec 2021 04:19:57 GMT

GET
H3-Q050 200 SLXHc1jY5nQ8FUUGa7SOz9M.woff2
fonts.gstatic.com/s/coda/v16/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/coda/v16/SLXHc1jY5nQ8FUUGa7SOz9M.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aeec6c4c92603d16e622b713f338540c0d6b71b22960049224db426531b4207c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://accessdenied.gr8.com
Referer: https://fonts.googleapis.com/css?family=Exo+2:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7CCoda:400,400i,700,700i&subset=cyrillic,latin-ext,cyrillic,greek,latin-ext,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 10:12:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 04:31:38 GMT
server: sffe
age: 354095
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13312
x-xss-protection: 0
expires: Thu, 09 Dec 2021 10:12:20 GMT

GET
H3-Q050 200 7cHmv4okm5zmbtYsK-4W4nIppT4.woff2
fonts.gstatic.com/s/exo2/v9/ 19 KB
19 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo2/v9/7cHmv4okm5zmbtYsK-4W4nIppT4.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07789c4321505ab96e2f43551da613a769233552b0d95a15d271c1ff76c0b654

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://accessdenied.gr8.com
Referer: https://fonts.googleapis.com/css?family=Exo+2:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7CCoda:400,400i,700,700i&subset=cyrillic,latin-ext,cyrillic,greek,latin-ext,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 01:25:19 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:39:59 GMT
server: sffe
age: 40116
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19724
x-xss-protection: 0
expires: Mon, 13 Dec 2021 01:25:19 GMT

GET
H3-Q050 200 7cHov4okm5zmbtYtG-gc5VArlT8bdw.woff2
fonts.gstatic.com/s/exo2/v9/ 22 KB
22 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo2/v9/7cHov4okm5zmbtYtG-gc5VArlT8bdw.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16b01a5535d01f8fe7d4dc4cb91f4adb2082f015d9c10eb06cf4ac03c7670ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://accessdenied.gr8.com
Referer: https://fonts.googleapis.com/css?family=Exo+2:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i%7CCoda:400,400i,700,700i&subset=cyrillic,latin-ext,cyrillic,greek,latin-ext,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 10:01:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:42:19 GMT
server: sffe
age: 354739
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22188
x-xss-protection: 0
expires: Thu, 09 Dec 2021 10:01:36 GMT

PATCH
H2 200 / Show response
accessdenied.gr8.com/ 0
884 B 143ms
143ms XHR
application/json 104.160.64.15
GETRESPONSE-IMPLIX

General

Check archive.org

Show headers Download Go to

Full URL

https://accessdenied.gr8.com/

Requested by

Host: us-as.gr-cdn.com
URL: https://us-as.gr-cdn.com/javascripts/core/lps/dist/show.chunk.d49ceaaf4b0e17e14c5d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.160.64.15 , United States, ASN46469 (GETRESPONSE-IMPLIX, US),

Reverse DNS

norevdns.getresponse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://accessdenied.gr8.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 13 Dec 2020 12:33:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-frame-options: sameorigin
content-type: application/json
cache-control: no-store, no-cache, must-revalidate
feature-policy: accelerometer *; ambient-light-sensor *; autoplay *; camera *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; magnetometer *; microphone *; midi *; payment *; picture-in-picture *; speaker *; sync-xhr *; usb *; vr *
strict-transport-security: max-age=31536000
csrf-token: lj4o6fnfd0a15s0f6ekkaechhb
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 app.js Show response
static-v.tawk.to/697/ 497 KB
108 KB 41ms
41ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-v.tawk.to/697/app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5fc735a6920fc91564cca265/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e83c077fb845b06ebcac94b6ab6e543f586434895e9361ce5db3d67ca95c8ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://accessdenied.gr8.com
Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 06fdb0f2a00000c286ff962000000001
last-modified: Thu, 26 Nov 2020 12:13:39 GMT
server: cloudflare
etag: W/"5fbf9bf3-7c2ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 600fb7643d2bc286-FRA

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
1 KB 382ms
382ms XHR
application/json 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=5fc735a6920fc91564cca265&widgetId=default

Requested by

Host: us-as.gr-cdn.com
URL: https://us-as.gr-cdn.com/javascripts/core/lps/dist/show.chunk.d49ceaaf4b0e17e14c5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b78a074765e2e176cc463e4cabe2f78b4adad716ac3f1938e09e1f889bd1a774

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=0; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 06fdb0f2dd0000c28693bda000000001
x-served-by: visitor-application-preemptive-wc9m
server: cloudflare
etag: W/"1-14-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, s-maxage=14400, max-age=14400
cf-ray: 600fb7649e02c286-FRA

POST
H2 200 1607862835935 Show response
va.tawk.to/register/ 646 B
875 B 222ms
222ms XHR
application/json 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/register/1607862835935

Requested by

Host: us-as.gr-cdn.com
URL: https://us-as.gr-cdn.com/javascripts/core/lps/dist/show.chunk.d49ceaaf4b0e17e14c5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

222c7e9b4eddb2d84824994cf069ae3b608ca3638924cf588518eeb5d7357488

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 13 Dec 2020 12:33:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 06fdb0f2e70000c2a9812b4000000001
x-served-by: visitor-application-preemptive-9s4m
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://accessdenied.gr8.com
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 600fb7649eadc2a9-FRA
access-control-allow-headers: origin, content-type

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame CDB0 7 KB
666 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/697/app.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Dec 2020 12:24:47 GMT
server: ESF
date: Sun, 13 Dec 2020 12:33:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Dec 2020 12:33:56 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 726B 7 KB
620 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/697/app.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Dec 2020 12:23:00 GMT
server: ESF
date: Sun, 13 Dec 2020 12:33:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Dec 2020 12:33:56 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 1764 7 KB
620 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/697/app.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Dec 2020 12:28:12 GMT
server: ESF
date: Sun, 13 Dec 2020 12:33:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Dec 2020 12:33:56 GMT

GET
H2 200 emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ Frame 1764 192 B
222 B 6ms
6ms Stylesheet
text/css 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/assets/css/emojione.min.css

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/697/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 2066882
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 152
etag: W/"c0-akPwBVON2fKdb1Kdc8vjvcdyWY0"
x-served-by: cache-fra19135-FRA
date: Sun, 13 Dec 2020 12:33:56 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame 1764 295 KB
53 KB 6ms
6ms Script
application/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/697/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 2066883
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 53889
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
x-served-by: cache-fra19135-FRA
date: Sun, 13 Dec 2020 12:33:56 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 / Show response
vsa4.tawk.to/s/ 101 B
287 B 186ms
177ms XHR
application/octet-stream 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vsa4.tawk.to/s/?k=5fd60a34ad69343bd38a68cf&u=dtV4KSK2DqqAmE86x4lAuWB1OGDFWOHpGCsIcU11ZxuJ5CXbIqKIaNPbd2TYqa00&uv=2&a=5fc735a6920fc91564cca265&cver=0&pop=false&jv=697&asver=13&ust=false&EIO=3&transport=polling&__t=NPS5zov

Requested by

Host: us-as.gr-cdn.com
URL: https://us-as.gr-cdn.com/javascripts/core/lps/dist/show.chunk.d49ceaaf4b0e17e14c5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

969161e9a4e082e50e743f78ad09d28a5734b1850eb6fa345428ad1276aa392c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:56 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://accessdenied.gr8.com
access-control-allow-credentials: true
cf-ray: 600fb767ac3ac2a9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 101
cf-request-id: 06fdb0f4c70000c2a96297b000000001

GET
H2 200 26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame 1764 413 B
510 B 6ms
6ms Image
image/png 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 2066882
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 413
etag: W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0"
x-served-by: cache-fra19135-FRA
date: Sun, 13 Dec 2020 12:33:56 GMT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 / Show response
vsa4.tawk.to/s/ 77 B
187 B 188ms
187ms XHR
application/octet-stream 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: us-as.gr-cdn.com
URL: https://us-as.gr-cdn.com/javascripts/core/lps/dist/show.chunk.d49ceaaf4b0e17e14c5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

804e430680c0e7d7da982630b680b6e6709b8e7e9bfbebfd75a00bb9ae1b53c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:56 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://accessdenied.gr8.com
access-control-allow-credentials: true
cf-ray: 600fb768ce44c2a9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77
cf-request-id: 06fdb0f57a0000c2a959b2c000000001

POST
H2 200 v3 Show response
va.tawk.to/log-performance/ 5 B
186 B 178ms
178ms XHR
text/html 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: us-as.gr-cdn.com
URL: https://us-as.gr-cdn.com/javascripts/core/lps/dist/show.chunk.d49ceaaf4b0e17e14c5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 13 Dec 2020 12:33:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 06fdb0f6360000c2a98432d000000001
x-served-by: visitor-application-preemptive-j1mr
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST
content-type: text/html; charset=utf-8
access-control-allow-origin: https://accessdenied.gr8.com
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 600fb769f941c2a9-FRA
access-control-allow-headers: origin, content-type

GET
H2 200 / Show response
vsa4.tawk.to/s/ 410 B
513 B 685ms
684ms XHR
application/octet-stream 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: us-as.gr-cdn.com
URL: https://us-as.gr-cdn.com/javascripts/core/lps/dist/show.chunk.d49ceaaf4b0e17e14c5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e802b9d430370a178df465b215c9de608405a73b54544266e6c7509bfc829ccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:57 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://accessdenied.gr8.com
access-control-allow-credentials: true
cf-ray: 600fb769f944c2a9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 410
cf-request-id: 06fdb0f6370000c2a9b99c5000000001

POST
H2 200 / Show response
vsa4.tawk.to/s/ 2 B
430 B 175ms
175ms XHR
text/html 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: us-as.gr-cdn.com
URL: https://us-as.gr-cdn.com/javascripts/core/lps/dist/show.chunk.d49ceaaf4b0e17e14c5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

date: Sun, 13 Dec 2020 12:33:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/html
access-control-allow-origin: https://accessdenied.gr8.com
access-control-allow-credentials: true
cf-ray: 600fb76d1f9ac2a9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 06fdb0f82d0000c2a9da922000000001

GET
H2 200 / Show response
vsa4.tawk.to/s/ 4 B
89 B 196ms
196ms XHR
application/octet-stream 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: us-as.gr-cdn.com
URL: https://us-as.gr-cdn.com/javascripts/core/lps/dist/show.chunk.d49ceaaf4b0e17e14c5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:33:57 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://accessdenied.gr8.com
access-control-allow-credentials: true
cf-ray: 600fb76e3995c2a9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4
cf-request-id: 06fdb0f8ed0000c2a99c0f5000000001

GET
H2 200 26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame 1764 413 B
482 B 6ms
6ms Image
image/png 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/697/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 2066887
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 413
etag: W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0"
x-served-by: cache-fra19135-FRA
date: Sun, 13 Dec 2020 12:34:01 GMT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 log
va.tawk.to/ Frame F66A 0
0 364ms
363ms Document
text/html 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: POST
:authority: va.tawk.to
:scheme: https
:path: /log
content-length: 618
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://accessdenied.gr8.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ss=i2l3gn0obw; tawkUUID=4E8esBslx67zm7lnNAyv9ITVfmF2ssuw3yrWSI%2BFyI6fJ2sKivy05V9yBNISoJqO%7C%7C2
Upgrade-Insecure-Requests: 1
Origin: https://accessdenied.gr8.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 13 Dec 2020 12:34:01 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d3bca808683521e07035f37c25644e19c1607862841; expires=Tue, 12-Jan-21 12:34:01 GMT; path=/; domain=.tawk.to; HttpOnly; SameSite=Lax
x-served-by: visitor-application-preemptive-dzhl
access-control-allow-origin: https://accessdenied.gr8.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: origin, content-type
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
cf-request-id: 06fdb1073c0000c2a958a16000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options: nosniff
server: cloudflare
cf-ray: 600fb7852b36c2a9-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame 1764 413 B
482 B 7ms
6ms Image
image/png 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/697/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 2066892
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 413
etag: W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0"
x-served-by: cache-fra19135-FRA
date: Sun, 13 Dec 2020 12:34:06 GMT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame 1764 413 B
453 B 6ms
6ms Image
image/png 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/697/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://accessdenied.gr8.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 2066892
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 413
etag: W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0"
x-served-by: cache-fra19135-FRA
date: Sun, 13 Dec 2020 12:34:06 GMT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.authpro.com
URL: https://www.authpro.com/auth/globalconnections/?action=ppreturn&url=https%3A//account.stampandcashbiz.xyz/

Domain: va.tawk.to
URL: https://va.tawk.to/v1/widget-settings?propertyId=5fc735a6920fc91564cca265&widgetId=default

Domain: va.tawk.to
URL: https://va.tawk.to/register/1607862834692

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.powr.io/	1969-12-31 23:59:59	Name: POWR_PRODUCTION Value: qqxvXMoYTMNhsX2fPepKhGDxcz3xP7MDRpNsyBjKXGw9j3%2B%2BIoYHick7AdTAjawf0UFImDyGa5AI1oAJ4E011nhgfLs5EuLG4ikUHdRG4tA2IV%2BL2phIykWbEHaLAjY8Dzny8LYUdddiJfYvKgP4Gu2YymOF6%2BCWx2jKSS8ZgjFys4%2BjWvDXHPod4G%2FlBrenvs9E--jRFFDA5k9PPHAZWu--870sfdZkoi81NesxwT%2BlPw%3D%3D
www.powr.io/	1969-12-31 23:59:59	Name: editables Value:
www.powr.io/	1969-12-31 23:59:59	Name: unique_id Value: f2d22b7b_1607862833
www.powr.io/	1970-01-19 15:22:21	Name: src Value: https%3A%2F%2Faccount.stampandcashbiz.xyz%2F
accessdenied.gr8.com/	1970-01-19 19:00:30	Name: _pk_ref..daf8 Value: %5B%22%22%2C%22%22%2C1607862835%2C%22https%3A%2F%2Faccount.stampandcashbiz.xyz%2F%22%5D
.gr8.com/	1970-01-19 23:24:45	Name: _vwo_uuid_v2 Value: D5D808197C65596EA9883B65E06FDA96D\|517302d2c79b037edd4950298932d32a
accessdenied.gr8.com/	1970-01-19 23:23:18	Name: gaVisitorUuid Value: 729dd037-6ee3-4ea2-a641-2e56d6d79884
accessdenied.gr8.com/	1969-12-31 23:59:59	Name: BAEo2[variantVersion] Value: 0
accessdenied.gr8.com/	1970-01-19 14:37:44	Name: _pk_ses..daf8 Value: *
accessdenied.gr8.com/	1969-12-31 23:59:59	Name: squeeze-page Value: lj4o6fnfd0a15s0f6ekkaechhb

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accessdenied.gr8.com
account.stampandcashbiz.xyz
cdn.jsdelivr.net
cdnjs.cloudflare.com
dev.visualwebsiteoptimizer.com
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
ga.getresponse.com
static-v.tawk.to
us-as.gr-cdn.com
us-ms.gr-cdn.com
va.tawk.to
vsa4.tawk.to
www.authpro.com
www.powr.io
va.tawk.to
www.authpro.com
104.160.64.15
104.160.64.77
173.193.182.60
205.185.216.42
2606:4700:10::6816:1983
2606:4700:10::ac43:592
2606:4700::6810:135e
2a00:1450:4001:801::200a
2a00:1450:4001:809::2003
2a00:1450:4001:81d::200a
2a00:1450:4001:825::2003
2a04:4e42:3::621
34.96.102.137
07789c4321505ab96e2f43551da613a769233552b0d95a15d271c1ff76c0b654
0e371a2092f5621d56b3081f4b4258952a48eec468e38d6c106fe73cf143d70b
16b01a5535d01f8fe7d4dc4cb91f4adb2082f015d9c10eb06cf4ac03c7670ca1
1c1594980fc5fbb5b764a70b6089aa62f4a707a90854aa8aaad3919bab8e0420
1ce5f3fe604178444613f80a6398d8c55abe621d453b1241b575194023466396
222c7e9b4eddb2d84824994cf069ae3b608ca3638924cf588518eeb5d7357488
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
343ac75b89668a8e24b9af292b369cffbbf9c8c0ec2d24b143bd5fff85937478
384dd9dc33c0824d3b7ab113b50616cbf627b4e999274143bdef2157cbc4e890
3a2a801c14ca6a064a28994a91f031119033dbcd51e0595f79370639de0250a6
4a616708e8cde02643632a61fba1656ecb51a2d1bcf6a05ad2c8da7a4aa51e3b
4f2675e709c7f6da2175327a2df846bede62a784e72ec233cc6950b8ef496e93
4f8682cd04902350c91bdd6bda5ceb55ece87f2be833d09f5e1ad59b437c14b1
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
51e35c9e5ca3853e2d0dc959f6fccbfa8037c24bedca84cfd81ad8e76230c3cd
5c7ac29a68fd03aba4b5650f1e349f5e221f81226bc8ac257e650d186412d7e7
617044c91d4e9adb356004b47a5bcc18394d7301eb560355b4c13c93a5b7a409
6e83c077fb845b06ebcac94b6ab6e543f586434895e9361ce5db3d67ca95c8ae
7a2aff6e7fce374d4ef1316364140e3cc1d9dbe4144bf469d04c710261bd6ec8
804e430680c0e7d7da982630b680b6e6709b8e7e9bfbebfd75a00bb9ae1b53c7
827d75ae812218cc42ca674130c21456a3f1bbd0e0cd636cf38dc6d761c34b82
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
969161e9a4e082e50e743f78ad09d28a5734b1850eb6fa345428ad1276aa392c
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
a4e22fcd027f66db487146b1af8a1bb63e0be1c0ccf56ab6ed5bacc7212cf945
a7b511cda567bf8c48fe6b62395b469648ceaea88c35a9500fa2be847224d410
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
aeec6c4c92603d16e622b713f338540c0d6b71b22960049224db426531b4207c
b78a074765e2e176cc463e4cabe2f78b4adad716ac3f1938e09e1f889bd1a774
c112a7ef0a882ff02fa05638041e84cba5b50a4713c3e1d9d7a1ecc331399088
c13e31b66530430e331984f19ea171daa565b11017f2db4f3723225e825eb280
c7d392694a1257cc4052e24f1f02e9bbd1431ab0d27b64c3d9a76b13f539130b
dd05c30217e588bb8a1f23c2ec3b340801332290e721d12957a2798ee4b7d2d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e802b9d430370a178df465b215c9de608405a73b54544266e6c7509bfc829ccd
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
fe05df859b808f46c40c506b58b6e65ca78369327b072c314da2058c520cfb65

accessdenied.gr8.com Open in urlscan Pro 104.160.64.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

96 %HTTPS

62 %IPv6

12 Domains

16 Subdomains

14 IPs

3 Countries

1781 kBTransfer

5595 kBSize

10 Cookies

8 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

accessdenied.gr8.com Open in urlscan Pro
104.160.64.15 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

96 %
HTTPS

62 %
IPv6

12
Domains

16
Subdomains

14
IPs

3
Countries

1781 kB
Transfer

5595 kB
Size

10
Cookies

73 HTTP transactions
0 data transactions