urlscan.io logo urlscan.io
SecurityTrails logo

tcg.grimdarkgaming.com.au Open in urlscan Pro
23.227.38.74  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tcg.grimdarkgaming.com.au/?entity=14725642
Effective URL: https://tcg.grimdarkgaming.com.au/password
Submission: On June 28 via api from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 23.227.38.74, located in Ottawa, Canada and belongs to CLOUDFLARENET, US. The main domain is tcg.grimdarkgaming.com.au.
TLS certificate: Issued by R3 on May 4th 2024. Valid for: 3 months.
This is the only time tcg.grimdarkgaming.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 23.227.38.74 13335 (CLOUDFLAR...)
7 23.227.60.200 13335 (CLOUDFLAR...)
1 3.5.80.135 16509 (AMAZON-02)
11 4
Apex Domain
Subdomains		 Transfer
7 shopify.com
cdn.shopify.com — Cisco Umbrella Rank: 2357
36 KB
4 grimdarkgaming.com.au
tcg.grimdarkgaming.com.au
16 KB
1 amazonaws.com
activestorage-public.s3.us-west-2.amazonaws.com — Cisco Umbrella Rank: 442778
6 KB
11 3
Domain Requested by
7 cdn.shopify.com tcg.grimdarkgaming.com.au
cdn.shopify.com
4 tcg.grimdarkgaming.com.au 1 redirects cdn.shopify.com
1 activestorage-public.s3.us-west-2.amazonaws.com
11 3

This site contains links to these domains. Also see Links.

Domain
www.shopify.com
Subject Issuer Validity Valid
tcg.grimdarkgaming.com.au
R3		 2024-05-04 -
2024-08-02		 3 months crt.sh
cdn.shopify.com
E1		 2024-05-03 -
2024-08-01		 3 months crt.sh
*.s3-us-west-2.amazonaws.com
Amazon RSA 2048 M01		 2024-05-15 -
2025-05-13		 a year crt.sh

This page contains 2 frames:

Primary Page: https://tcg.grimdarkgaming.com.au/password
Frame ID: B0AA6FFC4C9BA6AE613970F503163B7B
Requests: 11 HTTP requests in this frame

Frame: https://cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/ba_forms.css
Frame ID: 81A3B88F872F7D6F0CC80130C6C70CD9
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Please Log In

Page URL History Show full URLs

  1. http://tcg.grimdarkgaming.com.au/?entity=14725642 HTTP 307
    https://tcg.grimdarkgaming.com.au/?entity=14725642 HTTP 302
    https://tcg.grimdarkgaming.com.au/password Page URL

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

57 kB
Transfer

161 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tcg.grimdarkgaming.com.au/?entity=14725642 HTTP 307
    https://tcg.grimdarkgaming.com.au/?entity=14725642 HTTP 302
    https://tcg.grimdarkgaming.com.au/password Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request password
tcg.grimdarkgaming.com.au/
Redirect Chain
  • http://tcg.grimdarkgaming.com.au/?entity=14725642
  • https://tcg.grimdarkgaming.com.au/?entity=14725642
  • https://tcg.grimdarkgaming.com.au/password
53 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tcg.grimdarkgaming.com.au/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
shops.myshopify.com
Software
cloudflare /
Resource Hash
fd03d8558eb62a39fc54eba43c115e1f5511c70b6eeebb2868c157bbfc20b068
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89b05ae65fd95738-SYD
content-encoding
br
content-language
en
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type
text/html; charset=utf-8
date
Fri, 28 Jun 2024 20:16:32 GMT
etag
"cacheable:7ddb673dcd2d697e614e3d50c13ca1ff"
link
<https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by
Shopify
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K7ZcjAn6Pn5qOjletzgd45kIzKc%2FKPvXm1%2FBbHE3EfJWNcjAGs%2FmydVMMLnYAA4XYKtpw%2B5goSTVV%2BE9XHVhKCq7ZYs8pxRuobKgkxl7VuTXW3AQCaDbXRCSK0%2FXOdrI8ut9JshNiC%2BX0V0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
processing;dur=138;desc="gc:40", db;dur=29, fetch;dur=1, wasm, asn;desc="396356", edge;desc="SYD", country;desc="AU", theme;desc="133088641213", pageType;desc="password", servedBy;desc="cszj", requestID;desc="4e121fa9-005d-4db1-a245-e6fd76728eb5-1719605791" cfRequestDuration;dur=342.000008, earlyhints
strict-transport-security
max-age=7889238
vary
Accept
x-cache
miss
x-content-type-options
nosniff
x-dc
gcp-australia-southeast1,gcp-us-central1,gcp-us-central1
x-download-options
noopen
x-frame-options
DENY
x-permitted-cross-domain-policies
none
x-request-id
4e121fa9-005d-4db1-a245-e6fd76728eb5-1719605791
x-robots-tag
nofollow
x-shardid
188
x-shopid
57815924925
x-shopify-nginx-no-cookies
0
x-sorting-hat-podid
188
x-sorting-hat-shopid
57815924925
x-storefront-renderer-rendered
1
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89b05ae56f8e5738-SYD
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type
text/html; charset=utf-8
date
Fri, 28 Jun 2024 20:16:31 GMT
location
https://tcg.grimdarkgaming.com.au/password
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by
Shopify
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7r01rtnemupPLVSO%2B1Hp9DcpgktG%2FGVwpAjnbMlH23Nmod9JGmKOlqzhJdVDj6wLvok45h4T7M6bXtb1c0dih3SowmWODnLlk2bsOBPI2RgvhU0mqXXSCno9K1flbe9JV1NwDK%2BLKXg%2FnmA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
processing;dur=27, db;dur=5, asn;desc="396356", edge;desc="SYD", country;desc="AU", theme;desc="133088641213", pageType;desc="index", servedBy;desc="w7tf", requestID;desc="ca41089b-19b2-4345-923e-247521e4399a-1719605791" cfRequestDuration;dur=142.999887
strict-transport-security
max-age=7889238
vary
Accept
x-cache
allow
x-content-type-options
nosniff
x-dc
gcp-australia-southeast1,gcp-asia-southeast1,gcp-asia-southeast1
x-download-options
noopen
x-frame-options
DENY
x-permitted-cross-domain-policies
none
x-request-id
ca41089b-19b2-4345-923e-247521e4399a-1719605791
x-shardid
188
x-shopid
57815924925
x-sorting-hat-podid
188
x-sorting-hat-shopid
57815924925
x-storefront-renderer-rendered
1
x-xss-protection
1; mode=block
rivo-app-embed.js
cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/ 		988 B
886 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/rivo-app-embed.js
Requested by
Host: tcg.grimdarkgaming.com.au
URL: https://tcg.grimdarkgaming.com.au/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
aff943551b9b2b28a654a9f75ddb3245c41409256c9f1633946aab83a744a9a4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tcg.grimdarkgaming.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 20:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-central1
age
140070
server-timing
imagery;dur=82.988, imageryFetch;dur=63.859, cfRequestDuration;dur=13.999939
alt-svc
h3=":443"; ma=86400
content-length
348
x-xss-protection
1; mode=block
x-request-id
aa1beca2-a613-47e7-ac49-41ae5f3beafc-1719465719
last-modified
Thu, 27 Jun 2024 05:21:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=apKoG7Orj86LpNHQAwnolCQ6UXznlmWzMiuUjEhl%2BibtUxXu1qIvn7ZNtnK%2Febo4ABHt2ltqOfPam9hTNZpKdo%2BK4%2FeWA5CzMv1x8aV%2FuD6WFIY5CI2og6yOLn5sCgxCfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/rivo-app-embed.js>; rel="canonical"
cf-ray
89b05ae8aea9a974-SYD
inbox-chat-loader.js
cdn.shopify.com/extensions/21d5878d-45d8-4bb8-bd9c-3eed522cb42d/inbox-589/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/extensions/21d5878d-45d8-4bb8-bd9c-3eed522cb42d/inbox-589/assets/inbox-chat-loader.js
Requested by
Host: tcg.grimdarkgaming.com.au
URL: https://tcg.grimdarkgaming.com.au/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
0cb70493b17f39652863c068c09d707d16e08512a82055eb4533d7249db83559
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tcg.grimdarkgaming.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 20:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
age
180686
server-timing
imagery;dur=67.143, imageryFetch;dur=51.073, cfRequestDuration;dur=12.000084
alt-svc
h3=":443"; ma=86400
content-length
779
x-xss-protection
1; mode=block
x-request-id
d5e4f7bb-0db5-48b1-aa89-859f14f952cb-1719425100
last-modified
Wed, 26 Jun 2024 18:05:00 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t75LWbAdlZBLzYrYX3BPLadmKoYWU3W7triLX3SPdpL57C5elwyCPDkVvPE85SjQtkQA0BrDe1uIsHpo%2FEigGjWxeQhQi3cfRzuPjhwxH25y60LSa1eNzOWUOkvL4tgYbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/extensions/21d5878d-45d8-4bb8-bd9c-3eed522cb42d/inbox-589/assets/inbox-chat-loader.js>; rel="canonical"
cf-ray
89b05ae8aeaaa974-SYD
truncated
/ 		992 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f113b6eafc3fa6e4a1828d4b2e0e22302cf17c00e0d9c829ad412513fb2c2dae

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		720 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab2f72bdfee8ab476a5a4bb024a0f2b33f0a3d24fe426ed553267e53fcc9de54

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
ba_tracking.js
cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/ba_tracking.js
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/rivo-app-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
2cda7ad039c3f7fa3b071d3c89346e0e41400f7760ce85e7287cc506beaa534b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tcg.grimdarkgaming.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 20:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
140070
server-timing
imagery;dur=96.139, imageryFetch;dur=44.582, cfRequestDuration;dur=12.999773
alt-svc
h3=":443"; ma=86400
content-length
4565
x-xss-protection
1; mode=block
x-request-id
48cd178e-b943-4e24-bb17-5558fa361087-1719465719
last-modified
Thu, 27 Jun 2024 05:22:00 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WQBbty1Y88h7%2F%2F7amzfMckwqVZZP9lJADMsPMUXw%2Bpu1WDnhkA3u23oci%2B0J%2BMd0ZbftUPpOFlvwBzJS5D%2B2hq99cW45yQelNTboqpJRB2TgcRcXmv4AvGQr1a9cGhFlig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/ba_tracking.js>; rel="canonical"
cf-ray
89b05ae98efba974-SYD
ba_loy_init.js
cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/ba_loy_init.js
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/rivo-app-embed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
afb98a2a6bd8418a736cf42c852aee221e6f2e398247e9f11518d0f2de4c73f5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tcg.grimdarkgaming.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 20:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
140070
server-timing
imagery;dur=104.367, imageryFetch;dur=96.453, cfRequestDuration;dur=13.000011
alt-svc
h3=":443"; ma=86400
content-length
11737
x-xss-protection
1; mode=block
x-request-id
11e47ba3-3e4a-48a9-9ee2-3609af001517-1719465720
last-modified
Thu, 27 Jun 2024 05:22:00 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aaLL%2Feav3T14zlEtaJP43BlbFU3CqwReu%2BIAsMh4kDF9kwsut892Qx1UciUbnS5tFFyw0MdDlaY6uFWgH9l2JgDCH%2FZXdOP9UhQOHGp4AY2WScyIWvp5w7GIVTGTU%2Bvppg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/ba_loy_init.js>; rel="canonical"
cf-ray
89b05ae9ca64a7f6-SYD
ba_forms_init.js
cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/ba_forms_init.js
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/ba_loy_init.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
1db0f3e988e8c7c5b05e49c3f5c1d6e7c295ebde5a6c8c938c9d6cf8c1f7c3fd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tcg.grimdarkgaming.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 20:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-east1
age
10825
server-timing
imagery;dur=89.146, imageryFetch;dur=37.554, cfRequestDuration;dur=13.999939
alt-svc
h3=":443"; ma=86400
content-length
5339
x-xss-protection
1; mode=block
x-request-id
dee85106-c551-4a48-ae3d-d2d0f469ad8c-1719594896
last-modified
Fri, 28 Jun 2024 17:14:56 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BNqOjqooJ%2FFPud61rOVlNpQF%2FpsdHMNK%2Fcdn7G89vj6ubAf%2F0HDzeAknalCMwoRHs93FdTJhOUnOoKJD2brJ8jfiIm1BA2LQu7jNScnQsAZBUIDuQONcbaiC4%2B0UEmRqaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/ba_forms_init.js>; rel="canonical"
cf-ray
89b05ae9ea74a7f6-SYD
ba_forms.css
cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/ Frame 81A3 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/ba_forms.css
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/ba_forms_init.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
52770a55ed29cab38fab674db8e5c7dad04bb41cd2b2168c4dc98d6a9423f61f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tcg.grimdarkgaming.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 20:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
140051
server-timing
imagery;dur=81.523, imageryFetch;dur=68.573, cfRequestDuration;dur=16.999960
alt-svc
h3=":443"; ma=86400
content-length
1455
x-xss-protection
1; mode=block
x-request-id
0ef3e91b-c203-4297-a2aa-b220681c73b8-1719465728
last-modified
Thu, 27 Jun 2024 05:22:08 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9vZ9xD5PCkkNVLuJOShfcA5j6zKFyteDy2iCGQZb9HEO9JChiYaKpOAyE035NLaPAUBCpE7fgTKUiZ3AhOtrO5gbjLpp3HpNJuj2ibAnHuQ85RD%2Fio%2BfVXSXUCskuG1%2Bng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/ba_forms.css>; rel="canonical"
cf-ray
89b05aea2a97a7f6-SYD
ba_forms_widget.js
cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/ Frame 81A3 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/ba_forms_widget.js
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/ba_forms_init.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
cdn.shopify.com
Software
cloudflare /
Resource Hash
ead7615b88385998cd2d5321481798af4d694a4280b9e70d2eaeeb362a2304b8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tcg.grimdarkgaming.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 20:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
140051
server-timing
imagery;dur=77.423, imageryFetch;dur=48.108, cfRequestDuration;dur=13.000011
alt-svc
h3=":443"; ma=86400
content-length
7839
x-xss-protection
1; mode=block
x-request-id
e0e269d1-06c6-46ed-a652-bc098424c006-1719465728
last-modified
Thu, 27 Jun 2024 05:22:08 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9dscMnWIAejfnuQpDp963d7BHfwxX4KluUNu8uMW%2BNdx%2FMzDTBmT8cAA0VNDJhYb7kGaNGcyG8ZAlY8Ak%2BKaJF5Y%2BEpfHZfW3vpPmMk%2Ft083kVOFZPixu7wkPnIJq2Uc8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/ba_forms_widget.js>; rel="canonical"
cf-ray
89b05aea2a99a7f6-SYD
truncated
/ 		237 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71c6602fe306f4d830ef1aff2891e569ff7fe924973a6d866e4ccb411e85990c

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
trvxru3xeh4wrzrkztiv08eh9sm0
activestorage-public.s3.us-west-2.amazonaws.com/ Frame 81A3 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activestorage-public.s3.us-west-2.amazonaws.com/trvxru3xeh4wrzrkztiv08eh9sm0
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
3.5.80.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
1781d60ff99bcae1afbd45ff121ec37d216840374867ebbac388d1329b765d69

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tcg.grimdarkgaming.com.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 28 Jun 2024 20:16:33 GMT
Last-Modified
Tue, 03 May 2022 00:58:33 GMT
Server
AmazonS3
x-amz-request-id
5YB6ZH75PQ6XS6ZT
ETag
"c7456bfc57e216d7ddb04756f3f24a93"
Content-Type
image/png
Content-Disposition
inline; filename="social-medias-rewards-rating-14 1 %281%29.png"; filename*=UTF-8''social-medias-rewards-rating-14%201%20%281%29.png
Accept-Ranges
bytes
Content-Length
5558
x-amz-id-2
Ysq641AWcredwg+DulH6Bx5GKdubwbI+FzL48E+oRBDBfOfsamrIDaiowELxPVwSKkg4AuWfb5Cp0maKm5HCzg==
app_metrics
tcg.grimdarkgaming.com.au/apps/ba-loy/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tcg.grimdarkgaming.com.au/apps/ba-loy/app_metrics
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/ba_tracking.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
shops.myshopify.com
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://tcg.grimdarkgaming.com.au/password
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 20:16:33 GMT
strict-transport-security
max-age=7889238
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-dc
gcp-australia-southeast1,gcp-asia-southeast1,gcp-asia-southeast1
server-timing
processing;dur=14, db;dur=3, asn;desc="396356", edge;desc="SYD", country;desc="AU", servedBy;desc="9rvb", requestID;desc="376ff036-367e-4110-a0f4-d53b558457ed-1719605793", cfRequestDuration;dur=130.000114, cfRequestDuration;dur=141.000032
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
376ff036-367e-4110-a0f4-d53b558457ed-1719605793
x-sorting-hat-shopid
57815924925
x-shardid
188
x-storefront-renderer-rendered
1
server
cloudflare
x-download-options
noopen
vary
Accept, Accept-Encoding
x-frame-options
DENY
content-language
en
content-type
text/html; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EMFmvTpUmQ8ojmNAV4U5nRH5PT1yvYhretSC5iTmaGHSLTq1NmnDBA4JfC3QDWc4uXzilbt14PX93Q6PqOQu%2FyTYd8ATcjmtYykO9NSvJZVuZ9OhR%2B4j1ItTE9QE7yMiAeEBGrH2YLTqBkU%3D"}],"group":"cf-nel","max_age":604800}
x-shopid
57815924925
cf-ray
89b05af0083da7e9-SYD
x-sorting-hat-podid
188
app_metrics
tcg.grimdarkgaming.com.au/apps/ba-loy/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tcg.grimdarkgaming.com.au/apps/ba-loy/app_metrics
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/ba_tracking.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
shops.myshopify.com
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://tcg.grimdarkgaming.com.au/password
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 20:16:33 GMT
strict-transport-security
max-age=7889238
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
x-dc
gcp-australia-southeast1,gcp-asia-southeast1,gcp-asia-southeast1
server-timing
processing;dur=15, db;dur=3, asn;desc="396356", edge;desc="SYD", country;desc="AU", servedBy;desc="264t", requestID;desc="72787d42-8b4b-4515-aab7-4faf85415e7d-1719605793", cfRequestDuration;dur=141.000032, cfRequestDuration;dur=154.000044
powered-by
Shopify
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
72787d42-8b4b-4515-aab7-4faf85415e7d-1719605793
x-sorting-hat-shopid
57815924925
x-shardid
188
x-storefront-renderer-rendered
1
server
cloudflare
x-download-options
noopen
vary
Accept, Accept-Encoding
x-frame-options
DENY
content-language
en
content-type
text/html; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aELIY4pchLqBeIsF2Tra7jIKY4ebQCrtp0%2FALkPJ0ssZdTcFj7bhS5v%2FcBd4DmneYGI47A3OAIPHcWUQWI8QckekivWQP9INkcon8imXku9uHtl5OzWwDkeCer%2FmlXjEP3DKRQbp9vk2Uoo%3D"}],"group":"cf-nel","max_age":604800}
x-shopid
57815924925
cf-ray
89b05af098bba7e9-SYD
x-sorting-hat-podid
188

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage object| Rivo function| manageChatStateBasedOnCurrentSettings function| settingChanged string| timezone object| baMet function| addSellingPlanToCart

14 Cookies

Domain/Path Name / Value
tcg.grimdarkgaming.com.au/ Name: receive-cookie-deprecation
Value: 1
tcg.grimdarkgaming.com.au/ Name: keep_alive
Value: 3f3f8d66-021b-408c-8ab2-3d07fee561eb
tcg.grimdarkgaming.com.au/ Name: secure_customer_sig
Value:
tcg.grimdarkgaming.com.au/ Name: localization
Value: AU
tcg.grimdarkgaming.com.au/ Name: cart_currency
Value: AUD
.grimdarkgaming.com.au/ Name: _tracking_consent
Value: %7B%22con%22%3A%7B%22CMP%22%3A%7B%22a%22%3A%22%22%2C%22m%22%3A%22%22%2C%22p%22%3A%22%22%2C%22s%22%3A%22%22%7D%7D%2C%22v%22%3A%222.1%22%2C%22region%22%3A%22AUNSW%22%2C%22reg%22%3A%22%22%7D
.grimdarkgaming.com.au/ Name: _cmp_a
Value: %7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22sale_of_data_region%22%3Afalse%7D
.grimdarkgaming.com.au/ Name: _shopify_y
Value: c8962132-4b17-4bf2-b643-6221ce15ee01
.grimdarkgaming.com.au/ Name: _shopify_s
Value: c939fa3b-591d-4fbc-b287-1243dab87afa
.grimdarkgaming.com.au/ Name: _orig_referrer
Value:
.grimdarkgaming.com.au/ Name: _landing_page
Value: %2Fpassword
tcg.grimdarkgaming.com.au/ Name: baMet_visit
Value: d0feea996d3147c3afd5fecf028853711719605792267
tcg.grimdarkgaming.com.au/ Name: rivo_form_13024_view_recorded
Value: true
tcg.grimdarkgaming.com.au/ Name: baMet_baEvs
Value: %5B%5D

6 Console Messages

Source Level URL
Text
rendering info URL: https://tcg.grimdarkgaming.com.au/password(Line 287)
Message:
Autofocus processing was blocked because a document already has a focused element.
recommendation verbose URL: https://tcg.grimdarkgaming.com.au/password
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
security warning URL: https://cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/ba_loy_init.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://cdn.shopify.com/extensions/1363e609-3a8e-4e93-ac17-dae076ec324f/rivo-loyalty-referrals-128/assets/ba_forms_init.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://tcg.grimdarkgaming.com.au/apps/ba-loy/app_metrics
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://tcg.grimdarkgaming.com.au/apps/ba-loy/app_metrics
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block