support.grammarly.com Open in urlscan Pro
104.16.53.111 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.send.grammarly.com/?qs=e0f16a6e511de7a2934456e3fe7bef92bf84532e8b277cf2f48bf66dcd59adf4ecd55ccb875230f6341d2934e8db...
Effective URL:
https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?ut...
Submission: On January 12 via manual (January 12th 2021, 2:27:09 pm UTC) from US

Summary HTTP 57 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 57 HTTP transactions. The main IP is 104.16.53.111, located in United States and belongs to CLOUDFLARENET, US. The main domain is support.grammarly.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 30th 2020. Valid for: 3 months.

This is the only time support.grammarly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.39.50 13.111.39.50	22606 (EXACT-7) (EXACT-7)
6	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
35	104.18.71.113 104.18.71.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	52.200.32.121 52.200.32.121	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	143.204.93.33 143.204.93.33	16509 (AMAZON-02) (AMAZON-02)
2	52.215.192.131 52.215.192.131	16509 (AMAZON-02) (AMAZON-02)
1	54.197.143.221 54.197.143.221	14618 (AMAZON-AES) (AMAZON-AES)
4	34.227.146.238 34.227.146.238	14618 (AMAZON-AES) (AMAZON-AES)
57	9

1 13.111.39.50 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.send.grammarly.com

click.send.grammarly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.53.111 (United States)

ASN13335 (CLOUDFLARENET, US)

support.grammarly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
grammarly.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 104.18.71.113 (United States)

ASN13335 (CLOUDFLARENET, US)

theme.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p13.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.200.32.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-32-121.compute-1.amazonaws.com

auth.grammarly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.93.33 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-33.fra50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.192.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-192-131.eu-west-1.compute.amazonaws.com

z8tsnsg80b0g.statuspage.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.197.143.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-143-221.compute-1.amazonaws.com

js.driftqa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.227.146.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-146-238.compute-1.amazonaws.com

gnar.grammarly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	zdassets.com theme.zdassets.com static.zdassets.com p13.zdassets.com	868 KB
12	grammarly.com 1 redirects click.send.grammarly.com support.grammarly.com auth.grammarly.com gnar.grammarly.com	22 KB
3	driftt.com js.driftt.com	81 KB
2	statuspage.io z8tsnsg80b0g.statuspage.io	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	driftqa.com js.driftqa.com	21 KB
1	zendesk.com grammarly.zendesk.com	10 KB
57	8

	Domain	Requested by
19	theme.zdassets.com	support.grammarly.com p13.zdassets.com
12	static.zdassets.com	support.grammarly.com static.zdassets.com
5	support.grammarly.com	support.grammarly.com static.zdassets.com
4	gnar.grammarly.com	theme.zdassets.com
4	p13.zdassets.com	support.grammarly.com p13.zdassets.com
3	js.driftt.com	support.grammarly.com js.driftt.com
2	z8tsnsg80b0g.statuspage.io	p13.zdassets.com z8tsnsg80b0g.statuspage.io
2	www.google-analytics.com	support.grammarly.com www.google-analytics.com
2	auth.grammarly.com	support.grammarly.com
2	fonts.googleapis.com	support.grammarly.com
1	js.driftqa.com	support.grammarly.com
1	grammarly.zendesk.com	support.grammarly.com
1	click.send.grammarly.com	1 redirects
57	13

This site contains links to these domains. Also see Links.

Domain
www.grammarly.com
account.grammarly.com
www.facebook.com
www.instagram.com
twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
support.grammarly.com Let's Encrypt Authority X3	`2020-11-30` - `2021-02-28`	3 months	crt.sh
ssl911790.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-10-28` - `2021-05-06`	6 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
grammarly.zendesk.com Cloudflare Inc ECC CA-3	`2020-07-16` - `2021-07-16`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
auth.grammarly.com Amazon	`2020-09-12` - `2021-10-14`	a year	crt.sh
drift.com Amazon	`2020-09-21` - `2021-10-23`	a year	crt.sh
*.statuspage.io DigiCert SHA2 High Assurance Server CA	`2020-03-24` - `2021-07-26`	a year	crt.sh
driftqa.com Amazon	`2020-06-18` - `2021-07-18`	a year	crt.sh
gnar.grammarly.com Amazon	`2020-09-12` - `2021-10-14`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
Frame ID: 6851B84685A59C374D0B6DA027661614
Requests: 51 HTTP requests in this frame

Frame: https://z8tsnsg80b0g.statuspage.io/embed/frame
Frame ID: 57ABE7D9EA7803508CB994CAA071625C
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=kw8fmp2crseu&forceShow=false&skipCampaigns=false&sessionId=a71f502f-55c5-4773-bbe7-f85d3dc1448f&sessionStarted=1610461612&campaignRefreshToken=074e95ff-d31c-435a-be7a-7bf23ec98470&pageLoadStartTime=1610461611612&driftEnableLog=null
Frame ID: 27D9BBD9A01979AD08A5A9F16619C841
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?driftEnableLog=null
Frame ID: A0F1F0BEE026D90D54D7A233A40E8F88
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://click.send.grammarly.com/?qs=e0f16a6e511de7a2934456e3fe7bef92bf84532e8b277cf2f48bf66dcd59adf4ecd55ccb... HTTP 302
https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account... Page URL

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

57
Requests

100 %
HTTPS

20 %
IPv6

8
Domains

13
Subdomains

9
IPs

3
Countries

1022 kB
Transfer

2975 kB
Size

11
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://www.grammarly.com/premium
Title: Premium

Search URL Search Domain Scan URL

URL: https://www.grammarly.com/signup
Title: Sign up

Search URL Search Domain Scan URL

URL: https://account.grammarly.com/
Title: Account

Search URL Search Domain Scan URL

URL: https://www.grammarly.com/resetpassword
Title: https://www.grammarly.com/resetpassword

Search URL Search Domain Scan URL

URL: https://www.grammarly.com/plans
Title: Plans

Search URL Search Domain Scan URL

URL: https://www.grammarly.com/business
Title: Grammarly Business

Search URL Search Domain Scan URL

URL: https://www.grammarly.com/edu
Title: Grammarly @edu

Search URL Search Domain Scan URL

URL: https://www.grammarly.com/native
Title: Grammarly Desktop Apps

Search URL Search Domain Scan URL

URL: https://www.grammarly.com/keyboard
Title: The Grammarly Keyboard

Search URL Search Domain Scan URL

URL: https://www.grammarly.com/office-addin
Title: Grammarly for MS Office

Search URL Search Domain Scan URL

URL: https://www.grammarly.com/about
Title: About

Search URL Search Domain Scan URL

URL: https://www.grammarly.com/jobs
Title: Careers & Culture

Search URL Search Domain Scan URL

URL: https://www.grammarly.com/blog/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.grammarly.com/blog/engineering/
Title: Tech Blog

Search URL Search Domain Scan URL

URL: https://www.grammarly.com/press
Title: Press

Search URL Search Domain Scan URL

URL: https://www.grammarly.com/affiliates
Title: Affiliates

Search URL Search Domain Scan URL

URL: https://www.grammarly.com/contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.grammarly.com/blog/category/product
Title: Product Feature News

Search URL Search Domain Scan URL

URL: https://www.grammarly.com/tone
Title: Tone Detector

Search URL Search Domain Scan URL

URL: https://www.grammarly.com/grammar-check
Title: Grammar Checker

Search URL Search Domain Scan URL

URL: https://www.grammarly.com/plagiarism-checker
Title: Plagiarism Checker

Search URL Search Domain Scan URL

URL: https://www.grammarly.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.grammarly.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.grammarly.com/privacy-policy#for-california-users
Title: CA Privacy Notice

Search URL Search Domain Scan URL

URL: https://www.grammarly.com/security
Title: Security

Search URL Search Domain Scan URL

URL: https://www.facebook.com/grammarly
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/grammarly
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/grammarly
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/grammarly
Title: LinkedIn

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.send.grammarly.com/?qs=e0f16a6e511de7a2934456e3fe7bef92bf84532e8b277cf2f48bf66dcd59adf4ecd55ccb875230f6341d2934e8db6e8a3b7d077d3d61eba3 HTTP 302
https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised- Show response
support.grammarly.com/hc/en-us/articles/
Redirect Chain

https://click.send.grammarly.com/?qs=e0f16a6e511de7a2934456e3fe7bef92bf84532e8b277cf2f48bf66dcd59adf4ecd55ccb875230f6341d2934e8db6e8a3b7d077d3d61eba3
https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&...

35 KB
10 KB

510ms
386ms

Document
text/html

104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d782eb90bb6aa3004707279e7e56e691e794acd66a89543a3d2cc03a2396182

Security Headers

Name	Value
Strict-Transport-Security	max-age=259200;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: support.grammarly.com
:scheme: https
:path: /hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=de9cc6a333d2e231c921a7287657ba99e1610461611; expires=Thu, 11-Feb-21 14:26:51 GMT; path=/; domain=.support.grammarly.com; HttpOnly; SameSite=Lax __cfruid=c1722b6318fa5e5a042b508f3531e0ab764bec69-1610461611; path=/; domain=.support.grammarly.com; HttpOnly; Secure; SameSite=None
cf-ray: 61078e0e4eafc83b-AMS
cache-control: public, max-age=0
content-language: en-us
strict-transport-security: max-age=259200;
vary: Accept-Encoding
cf-cache-status: REVALIDATED
cf-request-id: 0798971ced0000c83bc1030000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
protocol: HTTP/1.0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: 61000f39d3d17568-SEA
x-runtime: 0.243745
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
x-zendesk-origin-server: help-center-unicorn-f6ff699dc-q8whc
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RdK6oXUJ0A8GFNwEzEOYpvmDVJ8qFJRvQWL7Ane1HixEO3ZP%2Fq7SqjTgfetHv6Qlnh7jYJYqjJ1lH%2BtxUDcdG0P3LbHQi9A1SbuNvhc18qiwf3FSERk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
Date: Tue, 12 Jan 2021 14:26:50 GMT
Connection: close
Content-Length: 340

GET
H2 200 e0e2b6774e9860f922df38641a2fdcc441d804d1.woff2
theme.zdassets.com/theme_assets/32923/ 27 KB
27 KB 239ms
125ms Font
font/woff2 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theme.zdassets.com/theme_assets/32923/e0e2b6774e9860f922df38641a2fdcc441d804d1.woff2

Requested by

Host: support.grammarly.com
URL: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b906348e01526fa7a88150ab2bd2265ef7e86e379b1492c50c21a071f2f643d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Origin: https://support.grammarly.com
Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
via: 1.1 6642832e0f3e501fb9fdc5f35d4351d8.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 13588
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: font/woff2
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
content-length: 27656
cf-request-id: 0798971ee200000b4f93a5b000000001
last-modified: Wed, 22 Aug 2018 23:43:42 GMT
server: cloudflare
etag: "98b3f0b5cff5d8fcaaa28cf31371a183"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
x-amz-version-id: i4eclBoZ7YxlTAa7b.vRIQfOXQkr0sl5
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
cf-ray: 61078e116afd0b4f-AMS
x-amz-cf-id: mUgQwVbA6KCy-TkeGIdtVgxGQdoAxkS0mr2YqwEAGppfM135vKWW3w==

GET
H2 200 b1e420320605a97ce2a765f8fae92c19cb248c7f.woff
theme.zdassets.com/theme_assets/32923/ 36 KB
36 KB 238ms
125ms Font
application/font-woff 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theme.zdassets.com/theme_assets/32923/b1e420320605a97ce2a765f8fae92c19cb248c7f.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

396df295e2a5498dc0de1d3cead3882a2ede729a3ead34bf984ae359b900c488

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Origin: https://support.grammarly.com
Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
via: 1.1 4b3bed207ec72204ebc89ae818e573ef.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 13588
x-amz-server-side-encryption: AES256
cf-ray: 61078e116b000b4f-AMS
x-cache: RefreshHit from cloudfront
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
content-encoding: br
cf-request-id: 0798971ee200000b4f85321000000001
last-modified: Wed, 22 Aug 2018 23:43:41 GMT
server: cloudflare
etag: W/"0d13cf93e764d35b0c6c7ebabdf53d10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: HEAD, GET
x-amz-version-id: DfyBWngDwa4rdYn6zvFUzspHn39kFh2v
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: AMS54-C1
content-type: application/font-woff
x-amz-cf-id: 30Vo1RkeoInF1GwaWlUW1iDKwFEVhpEKxTfo3GYuYMpJ515HkK6RKA==

GET
H2 200 18c5c7215ace88f5af1cb54be76ca12653f123fb.woff2
theme.zdassets.com/theme_assets/32923/ 27 KB
27 KB 221ms
108ms Font
font/woff2 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theme.zdassets.com/theme_assets/32923/18c5c7215ace88f5af1cb54be76ca12653f123fb.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

133457767755d875a3f0a33b8e3b258418a0be25c8fd44e0c1a9a1e454114783

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Origin: https://support.grammarly.com
Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
via: 1.1 4b28b963946514dd2cf9a90f74a8034a.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 18375
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: font/woff2
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
content-length: 27500
cf-request-id: 0798971ee200000b4f87801000000001
last-modified: Wed, 22 Aug 2018 23:43:36 GMT
server: cloudflare
etag: "29e757590a24815b6170ac2fafab050d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
x-amz-version-id: 0e.k3vy_np5HBx.iESvnQsD_45IqN2.6
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
cf-ray: 61078e116b020b4f-AMS
x-amz-cf-id: DC0x7d6yrfXQya-IdAV5DWqKmt7eSDjS9HQccB1ffqFAUqgNQJqSlw==

GET
H2 200 eaeb2476db672f2964900996c751f49476984beb.woff
theme.zdassets.com/theme_assets/32923/ 36 KB
36 KB 183ms
70ms Font
application/font-woff 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theme.zdassets.com/theme_assets/32923/eaeb2476db672f2964900996c751f49476984beb.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c42fae5b017274d4c996d79e497fb3a6764eacdc55943253e0b776c0b2b539a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Origin: https://support.grammarly.com
Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
via: 1.1 4b3bed207ec72204ebc89ae818e573ef.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 13588
x-amz-server-side-encryption: AES256
cf-ray: 61078e116b030b4f-AMS
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
content-encoding: br
cf-request-id: 0798971ee200000b4fd7bcd000000001
last-modified: Wed, 22 Aug 2018 23:43:42 GMT
server: cloudflare
etag: W/"f00a7952f3956f7871056a1138c16fee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
x-amz-version-id: KyuPrGe1f7bN09HfaSjPK36qjdohFKNj
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: AMS54-C1
content-type: application/font-woff
x-amz-cf-id: labpRZTMnCKQbYcV9f8d4592wN32hvdT7nMWv6rQXRVebGD96ga9-A==

GET
H2 200 application-14b59d3e9ffa96622686ecc8ccf2bc98.css
static.zdassets.com/hc/assets/ 54 KB
9 KB 215ms
103ms Stylesheet
text/css 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/application-14b59d3e9ffa96622686ecc8ccf2bc98.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a89c1f4e77cb8ea2b91dd56291dbc457913aa60955882975319802e40d9822bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 602715
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: 800A101867BCA95E
x-amz-id-2: XLB9/ozOFymSnEN7r4F0fkY3Xg0C+/65ClqDyXcEVzjAXZ5dfVzX8tYmj8DysERh64GJc8T2li4=
last-modified: Tue, 05 Jan 2021 12:43:12 GMT
server: cloudflare
etag: W/"eb2f12801ff011faad32963afacae5f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-amz-version-id: E6VMypLgRB.XI6l9Jquf141_5JKOl1ne
cf-request-id: 0798971ee100000c8d201f8000000001
cf-ray: 61078e116dec0c8d-AMS

GET
H2 200 theming_v1_support-7eacdab8920220a42cfc91404f4ed182.css
static.zdassets.com/hc/assets/ 15 KB
7 KB 225ms
114ms Stylesheet
text/css 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/theming_v1_support-7eacdab8920220a42cfc91404f4ed182.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af75ef88a08a11991a5572ea5c9c97e7db1b7049bd0a1b4178d2051082e82c73

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 124202
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: 16B5879DE0D7B7D5
x-amz-id-2: KLw3faOYJI+BEF039YkWthb4CczIsGEpPZkpjTjXU5xW0YccLbaxBrL/Oyhljgxp7gQ0j6pAm/w=
last-modified: Mon, 09 Nov 2020 01:32:59 GMT
server: cloudflare
etag: W/"ff0f5c15f20ede77a9bb9d6237361a37"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-amz-version-id: UxGhIyJ1h929vMvtaWPhWseyXX3dufZ2
cf-request-id: 0798971ee200000c8dfc97d000000001
cf-ray: 61078e116ded0c8d-AMS

GET
H2 200 style.css
p13.zdassets.com/hc/theming_assets/32923/2854956/ 166 KB
21 KB 184ms
72ms Stylesheet
text/css 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4a1f807266d42d542f84c8bae2fdaad8d2b121b7c2ac492a5b856ed436cddc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16155
x-zendesk-origin-server: help-center-unicorn-f865795f8-7cb6c
protocol: HTTP/1.0
cf-request-id: 0798971ee700000b88bbb62000000001
x-request-id: 60fdc3be1ef5cc36-DEN
x-ua-compatible: IE=edge
x-runtime: 0.022894
x-robots-tag: none, noarchive
server: cloudflare
etag: W/"d4a1f807266d42d542f84c8bae2fdaad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: text/css; charset=utf-8
cache-control: max-age=604800, public
cf-ray: 61078e116e8b0b88-AMS

GET
H2 200 jquery-d5395f0b7ac5027403fc17855c46dbfc.js Show response
static.zdassets.com/hc/assets/ 91 KB
32 KB 182ms
71ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/jquery-d5395f0b7ac5027403fc17855c46dbfc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0343f37ebbd97d0f147e4adb5fa3b2362f7f48d79db51cbaa613ebcb4dbc9515

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 120043
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: 4C1EB6FB612328B7
x-amz-id-2: MRI37to8YK01V94pbm53PpFYiDrfF/sS23IgvblVC3OkBuQDWJZ51PqRXcof6D9MsU6x2cwhB1M=
last-modified: Mon, 09 Nov 2020 01:32:57 GMT
server: cloudflare
etag: W/"d5395f0b7ac5027403fc17855c46dbfc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-version-id: xeb.1SpxQBRJU69ku4Fu7WbE1N.mnfcb
cf-request-id: 0798971ee200000c8deb3bc000000001
cf-ray: 61078e116df00c8d-AMS

GET
H2 200 css
fonts.googleapis.com/ 3 KB
584 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,300italic,400italic

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

561cbf25e415fbfbc72c55b5638dc81cac5f5316d5963113daba10babe6ec795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 12 Jan 2021 14:26:51 GMT
server: ESF
date: Tue, 12 Jan 2021 14:26:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Jan 2021 14:26:51 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
586 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Varela+Round

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

531cebc14ea087b238eefe9cad6e5ae62cfeebb55279af1c00001a9044b05b80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 12 Jan 2021 12:39:08 GMT
server: ESF
date: Tue, 12 Jan 2021 14:26:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Jan 2021 14:26:51 GMT

GET
H2 200 script.js Show response
p13.zdassets.com/hc/theming_assets/32923/2854956/ 7 KB
2 KB 183ms
71ms Script
text/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://p13.zdassets.com/hc/theming_assets/32923/2854956/script.js?digest=360617463311

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53fa099243658e60c60b390636946785b27b3895caa0bb8e6d84f184a48a0c9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16156
x-zendesk-origin-server: help-center-unicorn-f865795f8-d78t4
protocol: HTTP/1.0
cf-request-id: 0798971ee400000b885f08d000000001
x-request-id: 60fdc38e99a622fb-DEN
x-ua-compatible: IE=edge
x-runtime: 0.020945
x-robots-tag: none, noarchive
server: cloudflare
etag: W/"53fa099243658e60c60b390636946785"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: text/javascript; charset=utf-8
cache-control: max-age=604800, public
cf-ray: 61078e116e950b88-AMS

GET
H2 200 api.js Show response
support.grammarly.com/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 52ms
50ms Script
text/javascript 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://support.grammarly.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Tg7k12WNdwN7Ea4Ifw37gVLbNvSkRqHv7B4P4B7xNxVLXXKcKXTFFk0qtV7y1SgchHomzC%2BlycvQLNpl%2BNo8b6x12D9BguNxn8LlkU%2BC6JoPteqEpnY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 61078e123cbac83b-AMS
cf-request-id: 0798971f670000c83beab3c000000001

GET
H2 200 fd383ed1bb1cfee29084996757c34af0682b5a52.ico
theme.zdassets.com/theme_assets/32923/ 15 KB
2 KB 101ms
100ms Image
image/vnd.microsoft.icon 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/32923/fd383ed1bb1cfee29084996757c34af0682b5a52.ico

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff29f44d68214045c19e9c4354047b6b23841a4ebffcc67c46251441d44fd198

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
via: 1.1 946220429f157f0f0ada3caf7d8642cc.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 16621
x-amz-server-side-encryption: AES256
cf-ray: 61078e123feb0c8d-AMS
x-cache: Hit from cloudfront
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
content-encoding: br
cf-request-id: 0798971f6700000c8d20204000000001
last-modified: Wed, 22 Aug 2018 23:43:43 GMT
server: cloudflare
etag: W/"7137e0d231184a445b61aa952b353331"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: HEAD, GET
x-amz-version-id: 8reTSw_y5_KtcEeokS8P9fYEafnVqaQB
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: MXP64-C3
content-type: image/vnd.microsoft.icon
x-amz-cf-id: ix8xb4qIPaHjaWf9wa9w9WY54J1eJECHkQB7NZrzNse2f5A78iJOIw==

GET
H2 200 f04e17848215449e931e697ae5cb0e84c88f8b96.svg
theme.zdassets.com/theme_assets/32923/ 18 KB
6 KB 104ms
102ms Image
image/svg+xml 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/32923/f04e17848215449e931e697ae5cb0e84c88f8b96.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68ad5f10d646d83aa430135f5e706a2f1dfa6fb993e006a7625e7315de4de483

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
via: 1.1 26cdacf328fe4eb4e28173938ab3e92c.cloudfront.net (CloudFront)
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 13587
x-amz-server-side-encryption: AES256
cf-ray: 61078e123fea0c8d-AMS
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
content-encoding: br
cf-request-id: 0798971f6700000c8d4c9db000000001
last-modified: Wed, 22 Aug 2018 23:43:43 GMT
server: cloudflare
etag: W/"c3ddeaf19edd2688498699eceabd49af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
x-amz-version-id: ZzTd.uyRYF8t5SSLnAuZvvyNzfdmcPyo
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: AMS54-C1
content-type: image/svg+xml
x-amz-cf-id: schmWToqscZcLIkc0T4OaAWwbtTpcLy0Joug9bQy6pYAiXA65qmJQA==

GET
H2 200 en-us.770d7ad900cb4da7170c.js Show response
static.zdassets.com/hc/assets/ 183 KB
31 KB 71ms
69ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/en-us.770d7ad900cb4da7170c.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41d2e9bf472cf76832d6a166869a6d0c73fd2e4623243dbeb0c9679f74b068bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 88715
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: 1DCF83CEDF004D42
x-amz-id-2: eA3AH0jaD8wzTXzXvMTxXTAHA2VFTXjRZLNrxAUDX3jtEsffs6vjkA/IJ6cycCeF9hTxrbtuZyA=
last-modified: Mon, 11 Jan 2021 13:04:02 GMT
server: cloudflare
etag: W/"770d7ad900cb4da7170cc5a76392a0b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-version-id: JX5TRZR4r3yhpGwHevsojF0DIil9..zO
cf-request-id: 0798971f6600000c8dec375000000001
cf-ray: 61078e123fe50c8d-AMS

GET
H2 200 host.js Show response
grammarly.zendesk.com/auth/v2/ 25 KB
10 KB 187ms
80ms Script
text/javascript 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://grammarly.zendesk.com/auth/v2/host.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aeadb5af15b4ab9929c803ee180f4a6a534b81964a9d6992af87b7ad108ea8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 22949
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
x-zendesk-origin-server: classic-app-server-86dc447684-jzsz9
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q%2FN4sF0nv%2FLwA05UimioAVcJ%2FzpuOCfNRdL90E7agw2PpilwMuAeidWuMppIiYKkMFFF7%2BtYxhetmdRwUt8R2UMWzJrcHPRsm1xX3q%2BFjkLEM%2Boou%2BE%3D"}],"group":"cf-nel","max_age":604800}
x-zendesk-user-id: 407673446152
cf-request-id: 0798971fd00000fa2cb4af3000000001
x-request-id: 5ff3849e2ba0c791-SEA
x-runtime: 0.164464
server: cloudflare
etag: W/"fc49ca0b65c2ffa9c7b91b94ccd42d3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
strict-transport-security: max-age=31536000;
content-type: text/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: max-age=86400, public
cf-ray: 61078e12eabffa2c-AMS

GET
H2 200 moment-f6f8513da6ab17eadada59a1a4edb536.js Show response
static.zdassets.com/hc/assets/ 24 KB
9 KB 61ms
59ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/moment-f6f8513da6ab17eadada59a1a4edb536.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc6fef41f718988375e6774e0772183e68d2fe4ac7fdb46f99e1276ace91b1a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 50218
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: 2DA9240754049C16
x-amz-id-2: xzDNQTrNf/M4mPNMA7+5SUysqwjqp1olB3sDWG6qD4AWd5J+slYkphsqNnNAiwvi4OjZVauOqjE=
last-modified: Mon, 09 Nov 2020 15:24:17 GMT
server: cloudflare
etag: W/"f6f8513da6ab17eadada59a1a4edb536"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-version-id: hTuC3UerJzV0lxbBqwdYkp3oyJnrlg1a
cf-request-id: 0798971f6600000c8d37a6b000000001
cf-ray: 61078e123fe70c8d-AMS

GET
H2 200 hc_enduser-a487d32ae463449f13dd98fc698758a5.js Show response
static.zdassets.com/hc/assets/ 1 MB
370 KB 63ms
62ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/hc_enduser-a487d32ae463449f13dd98fc698758a5.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daa8251f32e30b804f208b1f76977d363425e478afc33a1d7b7c00a91cda0666

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 2612
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: 9CB395388216DC9C
x-amz-id-2: AQqnQvM1sMrz/qrodWK9G3zqa4zlpuSp4SnLSPAYYJZMOKEZN+cI8Yu+OY0aoHzkvkiEZCMWKeI=
last-modified: Mon, 11 Jan 2021 13:04:03 GMT
server: cloudflare
etag: W/"69e43d383638b29aeb5b74d9578f5a02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-version-id: WRk6bNAmyMiLg9gopb14mJCgt7j9mXny
cf-request-id: 0798971f6700000c8d2e2bb000000001
cf-ray: 61078e123fe90c8d-AMS

OPTIONS
H2 200 oranonymous
auth.grammarly.com/v3/user/ Frame 0
0 429ms
150ms Other
text/plain 52.200.32.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.grammarly.com/v3/user/oranonymous

Protocol

Server

52.200.32.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-32-121.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-client-type,x-client-version
Origin: https://support.grammarly.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 12 Jan 2021 14:26:52 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://support.grammarly.com
vary: Origin
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: DELETE,POST,PUT,GET,OPTIONS,HEAD
access-control-allow-headers: Origin,X-Client-Type,X-Requested-With,Accept,Grammarly-Auth-Policy,X-Container-Id,X-Amzn-Trace-Id,X-Client-Version,X-Forwarded-For,X-CSRF-Token,Content-Type,X-API-Version,X-Features
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'none'
strict-transport-security: max-age=31536000
cache-control: max-age=0, no-store, no-cache
x-robots-tag: noindex, nofollow
allow: HEAD,POST,GET,OPTIONS

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4039
date: Tue, 12 Jan 2021 13:19:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Tue, 12 Jan 2021 15:19:32 GMT

GET
H2 200 oranonymous Show response
auth.grammarly.com/v3/user/ 785 B
1 KB 414ms
141ms Fetch
application/json 52.200.32.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.grammarly.com/v3/user/oranonymous

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.200.32.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-32-121.compute-1.amazonaws.com

Software

Resource Hash

a2694ce61388585e692dd9e86a53630832f63cce9c7d6d0401522aca12bbdea8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
X-Client-Type: zendesk-hc
X-Client-Version: 0.0.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: DENY
vary: Origin, Accept-Encoding, User-Agent
content-type: application/json;charset=utf-8
access-control-allow-origin: https://support.grammarly.com
cache-control: max-age=0, no-store, no-cache
access-control-allow-credentials: true
content-security-policy: default-src 'none'
strict-transport-security: max-age=31536000
x-robots-tag: noindex, nofollow
content-length: 373
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 akkurat-regular.woff2
p13.zdassets.com/hc/theme_assets/32923/200051837/ 27 KB
27 KB 57ms
57ms Font
font/woff2 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://p13.zdassets.com/hc/theme_assets/32923/200051837/akkurat-regular.woff2

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

133457767755d875a3f0a33b8e3b258418a0be25c8fd44e0c1a9a1e454114783

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Origin: https://support.grammarly.com
Referer: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
via: 1.1 470e3fe246a660ba6ace67a79f78d247.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8919
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: font/woff2
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
content-length: 27500
cf-request-id: 0798971f6a00000b4fd6804000000001
last-modified: Wed, 22 Aug 2018 23:43:36 GMT
server: cloudflare
cache-control: max-age=604800
etag: "29e757590a24815b6170ac2fafab050d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
x-amz-version-id: 0e.k3vy_np5HBx.iESvnQsD_45IqN2.6
access-control-allow-origin: *
x-robots-tag: none, noarchive
x-amz-cf-pop: HIO50-C1
accept-ranges: bytes
cf-ray: 61078e124d2d0b4f-AMS
x-amz-cf-id: aMS0lZniGUzcYrLzvssE6vKA6X9EMwtrf3_wO-6gnJdigLTqArcIsQ==
expires: Tue, 19 Jan 2021 11:58:12 GMT

GET
H2 200 kw8fmp2crseu.js Show response
js.driftt.com/include/1610461800000/ 285 KB
81 KB 253ms
157ms Script
application/javascript 143.204.93.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1610461800000/kw8fmp2crseu.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.93.33 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-93-33.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

ae3551f8803c202cd7059766f680c374cfa16bc84fa5fbf07819b63a70e3ff6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: rVWcq1r1Y_vk_vLgAsIeUTbYnFfFDvGd
content-encoding: gzip
etag: "83e90d2c26e2f21dcf2d1fc962531179"
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 11 Jan 2021 22:35:20 GMT
server: nginx
date: Tue, 12 Jan 2021 14:26:52 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Vl813H5697KwtUkIh7APEoqwyqugoWGJOz5j8LSKeMpiUAgKcZz2kA==

GET
H2 200 a9fefa1a893e2e95ef776dcfb4e71e225a7894e5.svg
theme.zdassets.com/theme_assets/32923/ 1 KB
840 B 77ms
77ms Image
image/svg+xml 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/32923/a9fefa1a893e2e95ef776dcfb4e71e225a7894e5.svg

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35ff0a636f44b82d97a309d670b26c15b712bf94fa1c9fa55f97e4b57ef1e11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
via: 1.1 3af85c3075e12aff72b9e148b99d6623.cloudfront.net (CloudFront)
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 13587
x-amz-server-side-encryption: AES256
cf-ray: 61078e1288cd0c8d-AMS
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
content-encoding: br
cf-request-id: 0798971f9100000c8deda55000000001
last-modified: Wed, 22 Aug 2018 23:43:41 GMT
server: cloudflare
etag: W/"a5997e5df65283d70a9de08575172b2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
x-amz-version-id: ktzyTQOs.MG0tOBq7g41lKr47z8UMCFn
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: AMS54-C1
content-type: image/svg+xml
x-amz-cf-id: 5sPYVFicAo4XBjwT8CSN8UaAcqIrLK3dmDXRRVMT85nbHcKtiL1mhg==

GET
H2 200 430f68ed7364a8765ed7f10f8d4ae38ca834fbca.png
theme.zdassets.com/theme_assets/32923/ 950 B
1 KB 77ms
76ms Image
image/png 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/32923/430f68ed7364a8765ed7f10f8d4ae38ca834fbca.png

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1f4a3e99532437ecca930773223ad25f494f5f52e6b41acf79204e60ce4ebe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
via: 1.1 2e0227ef3f0af98f7b4e1f8452f59f84.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 26825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
content-length: 950
cf-request-id: 0798971f9100000c8df8823000000001
last-modified: Wed, 22 Aug 2018 23:43:38 GMT
server: cloudflare
etag: "6a65505f4b9276f901ecc46b284e88a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
x-amz-version-id: ZF69LEINcVZ20yXgvGpul7oIjjj0PtH0
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
cf-ray: 61078e1288d50c8d-AMS
x-amz-cf-id: 1iqRJLRvn4wxRa0x4CiXgG7L8bRKK_V6W4AI8Lcuu4HymPSqzhcPAA==

GET
H2 200 806cbebeac46353643b746206795bc52f74ed5a8.png
theme.zdassets.com/theme_assets/32923/ 176 B
476 B 87ms
84ms Image
image/png 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/32923/806cbebeac46353643b746206795bc52f74ed5a8.png

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be250d3cc90eaf4626b3e28621d03f4f4ccd3803784f7f82abecc784594de22d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
via: 1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 26824
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
content-length: 176
cf-request-id: 0798971f9600000c8d4400c000000001
last-modified: Wed, 22 Aug 2018 23:43:39 GMT
server: cloudflare
etag: "fcb2141df1a919f9ec5d898129550e99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
x-amz-version-id: zEn383.pjNQZbZWAoNltbEKYa9Jtz7xc
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
cf-ray: 61078e1288e90c8d-AMS
x-amz-cf-id: Y98cvqCm21yrwLe1oH35AlO0h3nyAiy8OVxEfVL7-Xtq7vAZUNmY9w==

GET
H2 200 c682db17a5d408779f167bc6cf73777da1821bf8.png
theme.zdassets.com/theme_assets/32923/ 796 B
1 KB 76ms
73ms Image
image/png 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/32923/c682db17a5d408779f167bc6cf73777da1821bf8.png

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d06c80cd01b86ab2219e60f65d99af62f8b028f41e40775a93685cbd7c8d270

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
via: 1.1 f9d671af272d3b5b3c683203ae8f4cc8.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 26825
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
content-length: 796
cf-request-id: 0798971f9600000c8d3c3bc000000001
last-modified: Wed, 22 Aug 2018 23:43:41 GMT
server: cloudflare
etag: "522efd8b632ca0f67c0d2e09cdc6d740"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
x-amz-version-id: Vc3hhfS44gnsa1I8gXsAZPAny2fRwCQg
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
cf-ray: 61078e1288eb0c8d-AMS
x-amz-cf-id: _WMl1TGtfXtY8KKFI6m1gfjhLaTBA_OYa724eMK7ARSHzz-rOuNXYg==

GET
H2 200 06bb5f70cc332adaa1882ddcdd6332336770d931.png
theme.zdassets.com/theme_assets/32923/ 369 B
969 B 75ms
72ms Image
image/png 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/32923/06bb5f70cc332adaa1882ddcdd6332336770d931.png

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

072027b565ae37e4042704c52e10e808170320e62f839becb1697060dd196557

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
via: 1.1 a36403421b18ef7385d5575765e6c415.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 10203
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
content-length: 369
cf-request-id: 0798971f9600000c8defa05000000001
last-modified: Wed, 22 Aug 2018 23:43:35 GMT
server: cloudflare
etag: "b0346aef8d4546ab269c6e4f4fc03ed5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: HEAD, GET
x-amz-version-id: uBmAd1o_hXRY21OYTVkhKRvuGwJ36XHg
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
cf-ray: 61078e1288ec0c8d-AMS
x-amz-cf-id: vWo-1E7MJM84k5CJaYLbCERWFkR5K_vKyjX_p-XwV9XBfZ-DBPJS5Q==

GET
H2 200 91b256538f2fb0376d1f7a6046624b1904ab3aa3.png
theme.zdassets.com/theme_assets/32923/ 288 B
576 B 74ms
71ms Image
image/png 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/32923/91b256538f2fb0376d1f7a6046624b1904ab3aa3.png

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03caad05a4f794276e5e3e4c2b9993e0cd581552467964043cfcf10a5b3b09a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
via: 1.1 3af85c3075e12aff72b9e148b99d6623.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 10203
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
content-length: 288
cf-request-id: 0798971f9600000c8df9af9000000001
last-modified: Wed, 22 Aug 2018 23:43:40 GMT
server: cloudflare
etag: "c6407ea7dd4a7225267c1d5c2e683338"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
x-amz-version-id: 6PfbeZ6aGcvgDYNWx5ECt67iN7Q1VkwG
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
cf-ray: 61078e1288ed0c8d-AMS
x-amz-cf-id: K-vNB7MtEKiYrxcjHXxpbLFjo-PsYQ0HBR9u3j9j4tbVDPU1HT3v3g==

GET
H2 200 020f66145480fcade2cc63223b1f4a97aa2a63fa.svg
theme.zdassets.com/theme_assets/32923/ 965 B
780 B 81ms
79ms Image
image/svg+xml 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/32923/020f66145480fcade2cc63223b1f4a97aa2a63fa.svg

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4a01fb8a5e3c82ca5cfcdd5e910f3aa29c5bcff4a3728212e25ba8ca931fc96

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
via: 1.1 2fb101a75d62357647d00a936fb26d03.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 14822
x-amz-server-side-encryption: AES256
cf-ray: 61078e1288ee0c8d-AMS
x-cache: Hit from cloudfront
access-control-max-age: 86400
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
content-encoding: br
cf-request-id: 0798971f9600000c8d1e228000000001
last-modified: Wed, 22 Aug 2018 23:43:35 GMT
server: cloudflare
etag: W/"464d956ce9ebb1ee85cc67ca8e695f31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: HEAD, GET
x-amz-version-id: T6_oZN4X9nf3OR6sjoOe_HIX0gVz5Uae
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: MXP64-C3
content-type: image/svg+xml
x-amz-cf-id: qp6NzH0MaEXl6hPhq6uYhkup391mY9mJNRnSD3xd4ayQJMyI_5Gtxg==

GET
H2 200 826f8950ca88cce111f275376c26912eae0a20ac.svg
theme.zdassets.com/theme_assets/32923/ 1 KB
912 B 118ms
115ms Image
image/svg+xml 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/32923/826f8950ca88cce111f275376c26912eae0a20ac.svg

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1cc6fae28de77c07947c67ab3a915aa8afd130471f2a6244182773136490fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
via: 1.1 f5e34f7c59830a3caffb7df5f36b4daf.cloudfront.net (CloudFront)
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 10203
x-amz-server-side-encryption: AES256
cf-ray: 61078e1288f00c8d-AMS
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
content-encoding: br
cf-request-id: 0798971f9700000c8deebbb000000001
last-modified: Wed, 22 Aug 2018 23:43:40 GMT
server: cloudflare
etag: W/"963ddde796cb28cb8458653adfe0e15f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
x-amz-version-id: QlpxD9x7xXpH9HmusZ4rYS8Y7hBRnF4Q
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: AMS54-C1
content-type: image/svg+xml
x-amz-cf-id: LY1gY3hjlS3_SCVPlG7jMQNXyKtW8BsknKSH-T2F-Qv98c3XAwSzLw==

GET
H2 200 3e2a8366478c78febcf13b853bf4ac116695ba08.svg
theme.zdassets.com/theme_assets/32923/ 896 B
869 B 82ms
80ms Image
image/svg+xml 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/32923/3e2a8366478c78febcf13b853bf4ac116695ba08.svg

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c96cae1ab565358b89a1f10af08309d2caa7970193b49273f352a9e47424e4e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
via: 1.1 eec12a22159207af63748eccf10799b3.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 13145
x-amz-server-side-encryption: AES256
cf-ray: 61078e1288f40c8d-AMS
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
content-encoding: br
cf-request-id: 0798971f9c00000c8d04802000000001
last-modified: Wed, 22 Aug 2018 23:43:37 GMT
server: cloudflare
etag: W/"0be607858769947db5cef715ef64fe94"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
x-amz-version-id: rpVkxsrLEwweCm1tfDZupKHCUVVwDo9b
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: AMS54-C1
content-type: image/svg+xml
x-amz-cf-id: AcVaeo04a6RBM5cbAhqF4pv4dSjkNFX_i3foLQ9ulMG3s32x692jHA==

GET
H2 200 367830fd173bb594029b7478e1ccf66c28eae019.svg
theme.zdassets.com/theme_assets/32923/ 1 KB
820 B 75ms
73ms Image
image/svg+xml 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/32923/367830fd173bb594029b7478e1ccf66c28eae019.svg

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32d9127874c4b9aa0819d9e42c02b27a5043f20b13e9e6a4ca5787b87c767ddb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
via: 1.1 b61409af370dbf025ffc910b1252c65f.cloudfront.net (CloudFront)
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 26825
x-amz-server-side-encryption: AES256
cf-ray: 61078e1288f80c8d-AMS
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
content-encoding: br
cf-request-id: 0798971f9800000c8d00859000000001
last-modified: Wed, 22 Aug 2018 23:43:37 GMT
server: cloudflare
etag: W/"761e987bdc92f6bf70dd17ee7ac467ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
x-amz-version-id: W_gxD58vnCCwhQMI5zATwjEy3IbW_r2_
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: AMS54-C1
content-type: image/svg+xml
x-amz-cf-id: PyapLQ-yEMQwGYM3zBr4PkgnPYN14ScI3ZNZSI0pFtynllg87-iLTg==

GET
H2 200 ee9e40e1e215923bc44cf5f40bae747f1ba1da3c.svg
theme.zdassets.com/theme_assets/32923/ 1 KB
971 B 74ms
72ms Image
image/svg+xml 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/32923/ee9e40e1e215923bc44cf5f40bae747f1ba1da3c.svg

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14efda3e0771a14940acc5e8816ca45627ebacd4a32d9a19d6e7d1991a2ad4b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
via: 1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront)
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 26824
x-amz-server-side-encryption: AES256
cf-ray: 61078e1288fb0c8d-AMS
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
content-encoding: br
cf-request-id: 0798971f9800000c8d1a877000000001
last-modified: Wed, 22 Aug 2018 23:43:43 GMT
server: cloudflare
etag: W/"8f48a8de1634adc0a498b3449a115437"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
x-amz-version-id: _StbDwW2uN6eWmpdyrtsxrgQIf5mGUfF
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
content-type: image/svg+xml
x-amz-cf-id: HVk2IryB5nEeNbqete44F-KL-qk9RvEcVBB2tufoUAQRapxbY7-zGg==

GET
H2 200 5bab0fd4fe43db0e61a309e416241a0460634127.svg
theme.zdassets.com/theme_assets/32923/ 926 B
945 B 82ms
81ms Image
image/svg+xml 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://theme.zdassets.com/theme_assets/32923/5bab0fd4fe43db0e61a309e416241a0460634127.svg

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28ad124d1fc1ae632134cd1c684170318f8482b377f1df542ae618007fa5961b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
via: 1.1 c08e9bf340e2958c861383f46f457c6f.cloudfront.net (CloudFront)
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 10203
x-amz-server-side-encryption: AES256
cf-ray: 61078e1288fd0c8d-AMS
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
content-encoding: br
cf-request-id: 0798971f9a00000c8dffade000000001
last-modified: Wed, 22 Aug 2018 23:43:38 GMT
server: cloudflare
etag: W/"b131ab62a474a2bc1bac4a0330971058"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
x-amz-version-id: fKTtHqkpqVTThAx.y_w6TRUSX5vPCcVA
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: MXP64-C3
content-type: image/svg+xml
x-amz-cf-id: Gg1mGZFQBAXNZAnxicXxrdAibGfnCs7clwheTECJvcCbOLnIGrW2cA==

GET
H2 200 akkurat-bold.woff2
p13.zdassets.com/hc/theme_assets/32923/200051837/ 27 KB
27 KB 60ms
58ms Font
font/woff2 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://p13.zdassets.com/hc/theme_assets/32923/200051837/akkurat-bold.woff2

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b906348e01526fa7a88150ab2bd2265ef7e86e379b1492c50c21a071f2f643d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Origin: https://support.grammarly.com
Referer: https://p13.zdassets.com/hc/theming_assets/32923/2854956/style.css?digest=360617463311
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
via: 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2411
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: font/woff2
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
content-length: 27656
cf-request-id: 0798971f9500000b4fdb82f000000001
last-modified: Wed, 22 Aug 2018 23:43:42 GMT
server: cloudflare
cache-control: max-age=604800
etag: "98b3f0b5cff5d8fcaaa28cf31371a183"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
x-amz-version-id: i4eclBoZ7YxlTAa7b.vRIQfOXQkr0sl5
access-control-allow-origin: *
x-robots-tag: none, noarchive
x-amz-cf-pop: SEA19-C2
accept-ranges: bytes
cf-ray: 61078e128dc80b4f-AMS
x-amz-cf-id: CZ0CuPWdlV7avQF4nFqajUaHKqJqlufkbOTBmfv5oa9LK4U4scrJyg==
expires: Tue, 19 Jan 2021 13:46:40 GMT

GET
H2 200 entypo-5adc1c49be0325a8cdac239d1b0b05ad.woff
static.zdassets.com/hc/assets/ 44 KB
44 KB 60ms
59ms Font
application/font-woff 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/entypo-5adc1c49be0325a8cdac239d1b0b05ad.woff

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/theming_v1_support-7eacdab8920220a42cfc91404f4ed182.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d7ca392d9b45723af1cd44a9178db19fd0af6a7aaa49afd882e3a472201f7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Origin: https://support.grammarly.com
Referer: https://static.zdassets.com/hc/assets/theming_v1_support-7eacdab8920220a42cfc91404f4ed182.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:51 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 456879
x-amz-server-side-encryption: AES256
cf-ray: 61078e129def0b4f-AMS
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: 55A342B05913A3E3
x-amz-id-2: SapKOdiA4FVxeKou9SWcKzAeKwknBzPR1qsjERDEA9OiHVpBlTf8OLtM241kBTT/9OLscNUcMBY=
last-modified: Wed, 04 Nov 2020 13:07:11 GMT
server: cloudflare
etag: W/"5adc1c49be0325a8cdac239d1b0b05ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 0
access-control-allow-methods: GET
x-amz-version-id: 2SBHhofLIMR1qAHAlTpWdkEsIudFDR91
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, ETag
cache-control: public, max-age=604800
cf-request-id: 0798971fa000000b4f85952000000001
content-type: application/font-woff

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
70 B 14ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1392436603&t=pageview&_s=1&dl=https%3A%2F%2Fsupport.grammarly.com%2Fhc%2Fen-us%2Farticles%2F360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-%3Futm_source%3DSecurityAlert%26utm_medium%3Demail%26utm_campaign%3DLoginNotification%26utm_content%3D1A&ul=en-us&de=UTF-8&dt=What%20should%20I%20do%20if%20I%20suspect%20that%20my%20account%20was%20compromised%3F%20%E2%80%93%20Grammarly%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=437597922&gjid=507310765&cid=1490236534.1610461612&tid=UA-6331378-26&_gid=932344659.1610461612&_r=1&_slc=1&z=1627832866

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 14:26:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://support.grammarly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1-43af8adb68b570d01ec104093f18c409.js Show response
static.zdassets.com/hc/assets/ 8 KB
3 KB 75ms
75ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/1-43af8adb68b570d01ec104093f18c409.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-a487d32ae463449f13dd98fc698758a5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1697d1e4e23121531a7203cbeb41379b91d8c69fbb543cedf3ff1fd73c2a8504

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:52 GMT
content-encoding: br
cf-cache-status: HIT
age: 126275
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: F29D4D93C277E6D5
x-amz-id-2: tXdgcn/ElcVMVMjaOWpDsyZjwKdFQm816kz+QJVWt/YPqLcoNsJ043ko/VmzD+FbIfQqO34dB1E=
last-modified: Fri, 08 Jan 2021 12:37:54 GMT
server: cloudflare
etag: W/"c1be0ea60ad66824d58352f20663b7bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-version-id: doiIeaPtwi0sDCNjzSsdr7XAkjTsJ7Gt
cf-request-id: 079897208e00000c8dec395000000001
cf-ray: 61078e141cf80c8d-AMS

GET
H2 200 49-c2c9f3a2b45be974f6502c8d4e874146.js Show response
static.zdassets.com/hc/assets/ 10 KB
4 KB 73ms
73ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/49-c2c9f3a2b45be974f6502c8d4e874146.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-a487d32ae463449f13dd98fc698758a5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06ba7c62f0b110ea62670d76b52bd809148553e4dd40d3bb95de172029a11fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:52 GMT
content-encoding: br
cf-cache-status: HIT
age: 311959
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: 9D3CC28D76183672
x-amz-id-2: 87z86WusMto3qg4C3Fp0qmDvaVoPnTGg3ukvskIv5+z+vNINSu6E2P6iYxDEBOAPu/knEyjSRd8=
last-modified: Fri, 06 Nov 2020 11:37:21 GMT
server: cloudflare
etag: W/"62ce5fc08635facb72366215a36a8d56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-version-id: Uz8UMqZ9g42NyOjHfHQAcmwDhJBpktgc
cf-request-id: 079897209000000c8d51187000000001
cf-ray: 61078e141cfb0c8d-AMS

GET
H2 200 answerBot.js Show response
static.zdassets.com/answer_bot_embeddable/ 381 KB
111 KB 86ms
85ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/answer_bot_embeddable/answerBot.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-a487d32ae463449f13dd98fc698758a5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d21984a7645d87b1ab81f3d70fa94dc912a30afe7a3a635783fd4bdde510a62a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:52 GMT
content-encoding: br
cf-cache-status: HIT
age: 43
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
strict-transport-security: max-age=0
x-amz-request-id: 628FB8868CA420F4
x-amz-id-2: BcRnRAR4D8CpCTX3vL+M1d8y6q+alewiymZ5Wxu6C7jEm0ilskd60XquhH3Z11/CT5G51i8vcAE=
last-modified: Tue, 15 Dec 2020 02:45:39 GMT
server: cloudflare
etag: W/"08fd2733e83bde3c6339eb4490303413"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=600, s-maxage=60
x-amz-version-id: HY_hgCjjpVScXB14fTajKSL5S4LF14fY
cf-request-id: 079897209200000c8df9b12000000001
cf-ray: 61078e141d080c8d-AMS

GET
H2 200 vendors~CommentActions~PostActions~actions~subscribe-ff9dfddfff6c831198b585e90ebc1c16.js Show response
static.zdassets.com/hc/assets/ 20 KB
7 KB 69ms
68ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/vendors~CommentActions~PostActions~actions~subscribe-ff9dfddfff6c831198b585e90ebc1c16.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-a487d32ae463449f13dd98fc698758a5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

837f77f041cd4d306ca925d93fe4599485d172cbda4ba662c5d08de92740b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:52 GMT
content-encoding: br
cf-cache-status: HIT
age: 285109
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: 3286BBD05A3ABC1B
x-amz-id-2: w5rTSP1cTYIOM3H79nuIiD3TZwI5qEXrsYJM/MEDapDuzBfFYvXIrf6PlZ3tO8IVjthbcKN03xY=
last-modified: Thu, 22 Oct 2020 07:48:03 GMT
server: cloudflare
etag: W/"2a617dcd7313df0aaeab9ccdbbbe48c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-version-id: qp9BWgCiGZM1_kRAo6rE9Hg6SNSceX8S
cf-request-id: 079897209300000c8d49943000000001
cf-ray: 61078e141d0b0c8d-AMS

GET
H2 200 subscribe-7c603e10e048c1ca8b03608e1e5121d8.js Show response
static.zdassets.com/hc/assets/ 21 KB
7 KB 74ms
74ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/hc/assets/subscribe-7c603e10e048c1ca8b03608e1e5121d8.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-a487d32ae463449f13dd98fc698758a5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11b847c46984649bbf7b77df543dde398a307e6229cfac4cce2f5a5bc6a4cf80

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:52 GMT
content-encoding: br
cf-cache-status: HIT
age: 126275
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: 5KDH7SBH4S1YAJ1Y
x-amz-id-2: oIxoN/7xph4sXeNFnyjweGXzWLAE5O8PspP7xMJOI5/HoOYXylzYdXtnPVfsr6/sthA1n5a3Epg=
last-modified: Fri, 08 Jan 2021 12:38:00 GMT
server: cloudflare
etag: W/"1c33a8a356c3fe0086315f6ddf857454"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-amz-version-id: d7vxkCvOArEg3Eg3JGIjWLHkJUEEX3tI
cf-request-id: 079897209400000c8defa1c000000001
cf-ray: 61078e141d0d0c8d-AMS

POST
H2 200 view.json Show response
support.grammarly.com/api/v2/help_center/en-us/articles/360041542831/stats/ 0
599 B 324ms
323ms XHR
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://support.grammarly.com/api/v2/help_center/en-us/articles/360041542831/stats/view.json

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-a487d32ae463449f13dd98fc698758a5.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=259200;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: help-center-unicorn-699bf4cf78-wgl6m
protocol: HTTP/1.0
x-xss-protection: 1; mode=block
x-request-id: 61078e14282bc83b-SEA
x-ua-compatible: IE=edge
x-runtime: 0.086238
server: cloudflare
x-zendesk-api-version: v2
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=259200;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qKTBxb%2BPFe6gbZ8DxVrDJN1G7vlrMBvKOEj9okJN8DCpchygLVnYcelh9U%2FF9G7K7aSG9tWT%2F501R2%2BbW93tHBdb1k%2BjJ%2B7OwtJ1XL2DXnHvAi%2B%2F%2FoI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://support.grammarly.com
access-control-expose-headers: X-Zendesk-API-Warn
cache-control: no-cache
access-control-allow-credentials: true
cf-request-id: 07989720950000c83ba9900000000001
cf-ray: 61078e14282bc83b-AMS

POST
H2 200 events
support.grammarly.com/hc/tracking/ 0
0 283ms
282ms Fetch
text/html 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://support.grammarly.com/hc/tracking/events?locale=en-us

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/hc/assets/hc_enduser-a487d32ae463449f13dd98fc698758a5.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=259200;
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Jan 2021 14:26:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: help-center-unicorn-699bf4cf78-r7svk
strict-transport-security: max-age=259200;
protocol: HTTP/1.0
cf-request-id: 07989720960000c83bf82d9000000001
x-request-id: 61078e1440c6c83b-SEA
x-ua-compatible: IE=edge
x-runtime: 0.033236
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WTAMwi7xgIfOyB2tcPO4TQajIyosshm7PHK7f72Lh9f%2BPXzHPzicJ%2FzagutVWzE%2FJu8HVNaS73689yXYsgqMpasr6Z9VvUIYdfrBKbpDzZBstiO3OXY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: no-cache
cf-ray: 61078e14282fc83b-AMS

GET
H2 200 script.js Show response
z8tsnsg80b0g.statuspage.io/embed/ 1 KB
1 KB 419ms
197ms Script
text/javascript 52.215.192.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://z8tsnsg80b0g.statuspage.io/embed/script.js

Requested by

Host: p13.zdassets.com
URL: https://p13.zdassets.com/hc/theming_assets/32923/2854956/script.js?digest=360617463311

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.215.192.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-192-131.eu-west-1.compute.amazonaws.com

Software

Resource Hash

c3469379fcc8061ff973a8677f68efcdcd08d65bfdc8341bef1e566b86f24896

Security Headers

Name	Value
Strict-Transport-Security	max-age=259200
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=259200
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 441
x-statuspage-skip-logging: true
x-cache: HIT
date: Tue, 12 Jan 2021 14:26:52 GMT
x-statuspage-version: 49063b50bec1b72c8412703f307d7ccab7a80fa2
x-xss-protection: 1; mode=block
x-request-id: 3e8ff978-3a63-4eb9-b5c8-c00458010c7a
x-runtime: 0.061256
referrer-policy: strict-origin-when-cross-origin
etag: W/"gz[c3469379fcc8061ff973a8677f68efcd]"
x-download-options: noopen
vary: Accept,Accept-Encoding,X-Forwarded-Host,X-Forwarded-Scheme,X-Forwarded-Proto,Fastly-SSL
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes

GET
H2 200 e72498ef56c92ebb470d10d2509b2e4c6252c1db.js Show response
theme.zdassets.com/theme_assets/32923/ 38 KB
11 KB 68ms
68ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theme.zdassets.com/theme_assets/32923/e72498ef56c92ebb470d10d2509b2e4c6252c1db.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0feecb85380789bac4e6b81a97719d3a0b2c3e711f57f6d060d7158e2801a679

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 14:26:52 GMT
via: 1.1 b911c551065b8f78ad33b4c4564141bf.cloudfront.net (CloudFront)
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 13588
x-amz-server-side-encryption: AES256
cf-ray: 61078e142d1d0c8d-AMS
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
content-encoding: br
cf-request-id: 079897209900000c8d3eac2000000001
last-modified: Tue, 01 Dec 2020 15:34:07 GMT
server: cloudflare
etag: W/"c83f458fbab8de4b4572d0c12a5aaca3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
x-amz-version-id: A1MQ3HnhuBBrQZqmR5w4ohmaQjWu2edQ
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: AMS54-C1
content-type: application/javascript
x-amz-cf-id: O_OX_YYAunaaiUTLG5j8S-MmgrSZrrgtiEm0UTSlcpD1MSU841b6kA==

POST
H2 204 result Show response
support.grammarly.com/cdn-cgi/bm/cv/ 0
526 B 60ms
59ms XHR
text/plain 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://support.grammarly.com/cdn-cgi/bm/cv/result?req_id=61078e0e4eafc83b
Requested by: Host: support.grammarly.com
URL: https://support.grammarly.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Jan 2021 14:26:52 GMT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lFYa5tfqhhtp9FUbxFmOullNx4Lp%2BYTHZdT1YRPoGffeSezZtecBDWy1%2BAn0oQ6vSLIdNZ8eUoXvwImfTG9qtCkxI4yuxgnp8u8VaiYL1nQ88GbrPxM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 61078e1498ccc83b-AMS
cf-request-id: 07989720e00000c83bab337000000001

GET
H2 206 notification.d46d7db1.mp3
js.driftqa.com/conductor/assets/media/ 20 KB
21 KB 425ms
149ms Media
audio/mpeg 54.197.143.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftqa.com/conductor/assets/media/notification.d46d7db1.mp3

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.197.143.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-197-143-221.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ad80ac33ed04b4e6d78167b4162ecd3d2e8c29d17b43eb3df1f35b216b2ac5c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 12 Jan 2021 14:26:52 GMT
last-modified: Mon, 11 Jan 2021 22:15:42 GMT
server: nginx
access-control-allow-origin: *
etag: "d46d7db110874da77e094dcbc4bec8e6"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
Content-Range: bytes 0-20896/20897
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 20897

GET
H2 200 frame
z8tsnsg80b0g.statuspage.io/embed/ Frame 57AB 0
0 193ms
193ms Document
text/html 52.215.192.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://z8tsnsg80b0g.statuspage.io/embed/frame

Requested by

Host: z8tsnsg80b0g.statuspage.io
URL: https://z8tsnsg80b0g.statuspage.io/embed/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.215.192.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-192-131.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=259200
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: z8tsnsg80b0g.statuspage.io
:scheme: https
:path: /embed/frame
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A

Response headers

vary: Accept,Accept-Encoding,X-Forwarded-Host,X-Forwarded-Scheme,X-Forwarded-Proto,Fastly-SSL
cache-control: max-age=0, private, must-revalidate
x-cache: HIT
content-type: text/html; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=259200
date: Tue, 12 Jan 2021 14:26:52 GMT
x-request-id: 0519198b-2a24-4456-8cb7-0d8ea778fa32
x-download-options: noopen
x-xss-protection: 1; mode=block
x-runtime: 0.202001
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
etag: W/"gz[91d64e32d406a12262925675c9e3d8bd]"
x-statuspage-skip-logging: true
x-statuspage-version: 49063b50bec1b72c8412703f307d7ccab7a80fa2
referrer-policy: strict-origin-when-cross-origin
age: 323

OPTIONS
H2 200 events
gnar.grammarly.com/ Frame 0
0 414ms
136ms Other 34.227.146.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gnar.grammarly.com/events
Protocol: H2
Server: 34.227.146.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-146-238.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://support.grammarly.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 12 Jan 2021 14:26:53 GMT
content-length: 0
vary: Origin
access-control-max-age: 1800
access-control-allow-origin: https://support.grammarly.com
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin
access-control-allow-methods: GET,PUT,POST,HEAD,DELETE
access-control-allow-credentials: true

POST
H2 200 events
gnar.grammarly.com/ 0
0 713ms
403ms Fetch 34.227.146.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gnar.grammarly.com/events

Requested by

Host: theme.zdassets.com
URL: https://theme.zdassets.com/theme_assets/32923/e72498ef56c92ebb470d10d2509b2e4c6252c1db.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.227.146.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-227-146-238.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Jan 2021 14:26:53 GMT
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: https://support.grammarly.com
cache-control: no-cache
access-control-allow-credentials: true
content-security-policy: default-src 'none'
vary: Origin
content-length: 0
x-content-type-options: nosniff

POST
H2 200 events
gnar.grammarly.com/ 0
0 536ms
225ms Fetch 34.227.146.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://gnar.grammarly.com/events

Requested by

Host: theme.zdassets.com
URL: https://theme.zdassets.com/theme_assets/32923/e72498ef56c92ebb470d10d2509b2e4c6252c1db.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.227.146.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-227-146-238.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Jan 2021 14:26:53 GMT
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: https://support.grammarly.com
cache-control: no-cache
access-control-allow-credentials: true
content-security-policy: default-src 'none'
vary: Origin
content-length: 0
x-content-type-options: nosniff

OPTIONS
H2 200 events
gnar.grammarly.com/ Frame 0
0 413ms
135ms Other 34.227.146.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gnar.grammarly.com/events
Protocol: H2
Server: 34.227.146.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-146-238.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://support.grammarly.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 12 Jan 2021 14:26:53 GMT
content-length: 0
vary: Origin
access-control-max-age: 1800
access-control-allow-origin: https://support.grammarly.com
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin
access-control-allow-methods: GET,PUT,POST,HEAD,DELETE
access-control-allow-credentials: true

GET
H2 200 core
js.driftt.com/ Frame 27D9 0
0 146ms
145ms Document
text/html 143.204.93.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=kw8fmp2crseu&forceShow=false&skipCampaigns=false&sessionId=a71f502f-55c5-4773-bbe7-f85d3dc1448f&sessionStarted=1610461612&campaignRefreshToken=074e95ff-d31c-435a-be7a-7bf23ec98470&pageLoadStartTime=1610461611612&driftEnableLog=null

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1610461800000/kw8fmp2crseu.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.93.33 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-93-33.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core?embedId=kw8fmp2crseu&forceShow=false&skipCampaigns=false&sessionId=a71f502f-55c5-4773-bbe7-f85d3dc1448f&sessionStarted=1610461612&campaignRefreshToken=074e95ff-d31c-435a-be7a-7bf23ec98470&pageLoadStartTime=1610461611612&driftEnableLog=null
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Mon, 11 Jan 2021 22:35:10 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: yfywYlh_N806SUS.bHnakTVAc_gD0z7b
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Tue, 12 Jan 2021 14:26:52 GMT
cache-control: no-cache
etag: W/"9d16bced7469ed3518d3f9cd751e3bd2"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: L50GKCmmjUX2Gdr8-2woIGqG_VUu6mANZMqe4v-R6Edvid9GT-BTGQ==

GET
H2 200 chat
js.driftt.com/core/ Frame A0F1 0
0 148ms
147ms Document
text/html 143.204.93.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?driftEnableLog=null

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1610461800000/kw8fmp2crseu.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.93.33 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-93-33.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core/chat?driftEnableLog=null
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://support.grammarly.com/hc/en-us/articles/360041542831-What-should-I-do-if-I-suspect-that-my-account-was-compromised-?utm_source=SecurityAlert&utm_medium=email&utm_campaign=LoginNotification&utm_content=1A

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Mon, 11 Jan 2021 22:35:10 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: yfywYlh_N806SUS.bHnakTVAc_gD0z7b
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Tue, 12 Jan 2021 14:26:52 GMT
cache-control: no-cache
etag: "9d16bced7469ed3518d3f9cd751e3bd2"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: LZGSyFcPHARFPbpwxjrvPmTi6FZoB0eFMTxEeDMne-_Oto_t5xplhA==

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.grammarly.com/	1970-01-23 06:57:01	Name: gnar_containerId Value: odfmbo6th6t61g2
.grammarly.com/	1970-01-20 00:06:37	Name: csrf-token Value: AABIz04v6csJG7cDYZegFtKQGDSqHKaSzUcIkw
.grammarly.com/	1970-01-20 00:06:37	Name: grauth Value: AABIz3kqAHSbx1z0exRrvSPD3QM_RJyPEY4hWZrESHM7rsTWNqzBS0GmWCLOmYkyvQrDTKFDv3G6bFfA
support.grammarly.com/	1970-01-19 15:21:03	Name: drift_campaign_refresh Value: 074e95ff-d31c-435a-be7a-7bf23ec98470
support.grammarly.com/	1969-12-31 23:59:59	Name: _help_center_session Value: WDV0TXNoTkhNdldOWldXd2htSTRpRE95Slp3aGYzNGVrUVVGYTBoenY3eFJ6TXYrV0ZyRElGUG12ekxDQzY1OUpPR3U2U0JiRlZ4ZnJmei96bXhWbGc9PS0tazlia3BEZUVnWDdMSWFZZkNubVN6UT09--ca57215b8c1ac9a881f7b4bba24f34978773b637
.grammarly.com/	1970-01-19 15:22:28	Name: _gid Value: GA1.2.932344659.1610461612
.grammarly.com/	1970-01-20 08:52:13	Name: _ga Value: GA1.2.1490236534.1610461612
.grammarly.com/	1970-01-19 15:21:01	Name: _gat Value: 1
.support.grammarly.com/	1970-01-19 15:21:03	Name: __cf_bm Value: 224bca2bd7837e43011f37f08b7374f79be60d19-1610461612-1800-AcmnjlGjFlz33MbPrJgnkovIg4+TS72b/+5DE9rSwpvHhx9NkC6VSemIj7rEm2Ql2PhO/rx7gyqsfA981JTdDihfDZGLAZFn8cBUWQBF0b2nb6Lr2rAiHhspgH0EIY0+uISrwyTZ0Eo4jVB8hn+kWlU=
.support.grammarly.com/	1969-12-31 23:59:59	Name: __cfruid Value: c1722b6318fa5e5a042b508f3531e0ab764bec69-1610461611
.support.grammarly.com/	1970-01-19 16:04:13	Name: __cfduid Value: de9cc6a333d2e231c921a7287657ba99e1610461611

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://theme.zdassets.com/theme_assets/32923/e72498ef56c92ebb470d10d2509b2e4c6252c1db.js(Line 1) Message: Going to initialize gnar client
console-api	log	URL: https://theme.zdassets.com/theme_assets/32923/e72498ef56c92ebb470d10d2509b2e4c6252c1db.js(Line 1) Message: Gnar client is initialized

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=259200;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.grammarly.com
click.send.grammarly.com
fonts.googleapis.com
gnar.grammarly.com
grammarly.zendesk.com
js.driftqa.com
js.driftt.com
p13.zdassets.com
static.zdassets.com
support.grammarly.com
theme.zdassets.com
www.google-analytics.com
z8tsnsg80b0g.statuspage.io
104.16.53.111
104.18.71.113
13.111.39.50
143.204.93.33
2a00:1450:4001:800::200a
2a00:1450:4001:808::200e
34.227.146.238
52.200.32.121
52.215.192.131
54.197.143.221
0343f37ebbd97d0f147e4adb5fa3b2362f7f48d79db51cbaa613ebcb4dbc9515
03caad05a4f794276e5e3e4c2b9993e0cd581552467964043cfcf10a5b3b09a9
06ba7c62f0b110ea62670d76b52bd809148553e4dd40d3bb95de172029a11fb9
072027b565ae37e4042704c52e10e808170320e62f839becb1697060dd196557
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0feecb85380789bac4e6b81a97719d3a0b2c3e711f57f6d060d7158e2801a679
11b847c46984649bbf7b77df543dde398a307e6229cfac4cce2f5a5bc6a4cf80
133457767755d875a3f0a33b8e3b258418a0be25c8fd44e0c1a9a1e454114783
14efda3e0771a14940acc5e8816ca45627ebacd4a32d9a19d6e7d1991a2ad4b8
1697d1e4e23121531a7203cbeb41379b91d8c69fbb543cedf3ff1fd73c2a8504
1d782eb90bb6aa3004707279e7e56e691e794acd66a89543a3d2cc03a2396182
28ad124d1fc1ae632134cd1c684170318f8482b377f1df542ae618007fa5961b
2d7ca392d9b45723af1cd44a9178db19fd0af6a7aaa49afd882e3a472201f7b2
32d9127874c4b9aa0819d9e42c02b27a5043f20b13e9e6a4ca5787b87c767ddb
35ff0a636f44b82d97a309d670b26c15b712bf94fa1c9fa55f97e4b57ef1e11c
396df295e2a5498dc0de1d3cead3882a2ede729a3ead34bf984ae359b900c488
3d06c80cd01b86ab2219e60f65d99af62f8b028f41e40775a93685cbd7c8d270
41d2e9bf472cf76832d6a166869a6d0c73fd2e4623243dbeb0c9679f74b068bc
531cebc14ea087b238eefe9cad6e5ae62cfeebb55279af1c00001a9044b05b80
53fa099243658e60c60b390636946785b27b3895caa0bb8e6d84f184a48a0c9d
561cbf25e415fbfbc72c55b5638dc81cac5f5316d5963113daba10babe6ec795
68ad5f10d646d83aa430135f5e706a2f1dfa6fb993e006a7625e7315de4de483
837f77f041cd4d306ca925d93fe4599485d172cbda4ba662c5d08de92740b743
8aeadb5af15b4ab9929c803ee180f4a6a534b81964a9d6992af87b7ad108ea8e
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a2694ce61388585e692dd9e86a53630832f63cce9c7d6d0401522aca12bbdea8
a4a01fb8a5e3c82ca5cfcdd5e910f3aa29c5bcff4a3728212e25ba8ca931fc96
a89c1f4e77cb8ea2b91dd56291dbc457913aa60955882975319802e40d9822bb
ad80ac33ed04b4e6d78167b4162ecd3d2e8c29d17b43eb3df1f35b216b2ac5c5
ae3551f8803c202cd7059766f680c374cfa16bc84fa5fbf07819b63a70e3ff6c
af75ef88a08a11991a5572ea5c9c97e7db1b7049bd0a1b4178d2051082e82c73
b906348e01526fa7a88150ab2bd2265ef7e86e379b1492c50c21a071f2f643d1
be250d3cc90eaf4626b3e28621d03f4f4ccd3803784f7f82abecc784594de22d
c3469379fcc8061ff973a8677f68efcdcd08d65bfdc8341bef1e566b86f24896
c42fae5b017274d4c996d79e497fb3a6764eacdc55943253e0b776c0b2b539a0
c96cae1ab565358b89a1f10af08309d2caa7970193b49273f352a9e47424e4e2
cc6fef41f718988375e6774e0772183e68d2fe4ac7fdb46f99e1276ace91b1a4
d1f4a3e99532437ecca930773223ad25f494f5f52e6b41acf79204e60ce4ebe8
d21984a7645d87b1ab81f3d70fa94dc912a30afe7a3a635783fd4bdde510a62a
d4a1f807266d42d542f84c8bae2fdaad8d2b121b7c2ac492a5b856ed436cddc4
daa8251f32e30b804f208b1f76977d363425e478afc33a1d7b7c00a91cda0666
e1cc6fae28de77c07947c67ab3a915aa8afd130471f2a6244182773136490fa6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ff29f44d68214045c19e9c4354047b6b23841a4ebffcc67c46251441d44fd198

support.grammarly.com Open in urlscan Pro 104.16.53.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

100 %HTTPS

20 %IPv6

8 Domains

13 Subdomains

9 IPs

3 Countries

1022 kBTransfer

2975 kBSize

11 Cookies

29 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

support.grammarly.com Open in urlscan Pro
104.16.53.111 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

100 %
HTTPS

20 %
IPv6

8
Domains

13
Subdomains

9
IPs

3
Countries

1022 kB
Transfer

2975 kB
Size

11
Cookies

57 HTTP transactions
0 data transactions