urlscan.io logo urlscan.io
SecurityTrails logo

wwwes.help.stayforlong.com Open in urlscan Pro
18.217.38.206  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://wwwes.help.stayforlong.com/
Effective URL: https://wwwes.help.stayforlong.com/
Submission: On January 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 22 HTTP transactions. The main IP is 18.217.38.206, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is wwwes.help.stayforlong.com.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on January 30th 2024. Valid for: 3 months.
This is the only time wwwes.help.stayforlong.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 18.217.38.206 16509 (AMAZON-02)
3 2606:4700:303... 13335 (CLOUDFLAR...)
15 104.22.20.94 13335 (CLOUDFLAR...)
1 2a00:1450:400... ()
22 5
Domain Requested by
14 acme.acquire.io wwwes.help.stayforlong.com
acme.acquire.io
3 kb-router.test-mraj.workers.dev wwwes.help.stayforlong.com
2 wwwes.help.stayforlong.com 1 redirects
1 fonts.googleapis.com client
1 acquire-apps.acquire.io acme.acquire.io
22 5

This site contains no links.

Subject Issuer Validity Valid
wwwes.help.stayforlong.com
ZeroSSL ECC Domain Secure Site CA		 2024-01-30 -
2024-04-29		 3 months crt.sh
test-mraj.workers.dev
GTS CA 1P5		 2023-12-12 -
2024-03-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-29 -
2024-04-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://wwwes.help.stayforlong.com/
Frame ID: 128813645711758790F7848C2920606A
Requests: 19 HTTP requests in this frame

Frame: https://acme.acquire.io/front/assets/cancel@2x.svg
Frame ID: DE58FB19AA9D052E54BE700126F3D5E9
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto:400,500,700
Frame ID: AB38687A69DA1986D68DCFE779BB9777
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

(1) New Message

Page URL History Show full URLs

  1. http://wwwes.help.stayforlong.com/ HTTP 301
    https://wwwes.help.stayforlong.com/ Page URL

Page Statistics

22
Requests

91 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

1072 kB
Transfer

3829 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wwwes.help.stayforlong.com/ HTTP 301
    https://wwwes.help.stayforlong.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wwwes.help.stayforlong.com/
Redirect Chain
  • http://wwwes.help.stayforlong.com/
  • https://wwwes.help.stayforlong.com/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wwwes.help.stayforlong.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
18.217.38.206 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-217-38-206.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
c1fa61fd65180c7603ff5ee8f10b90c74daae52ea9d0eefba338730a3a7d106e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-RAY
84dc7130fe8661cd-ORD
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 30 Jan 2024 20:25:05 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5zUEBdR1BcnNu5I9PR2V7RUaVtCiL%2Fnm7HjTkDZl%2BqWj1Jhu%2FzibMHbNfIMYJIvw7OjgXuMa2Xnp%2FwuMlPDSMuavvioW%2BoN3J3FP5%2BjLgOVCeZT3PJbmdnEepIXRixcCqIm1v4x8w2Sa%2FWVjBxW5Uc%2FV"}],"group":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400

Redirect headers

Connection
keep-alive
Content-Length
166
Content-Type
text/html
Date
Tue, 30 Jan 2024 20:25:05 GMT
Location
https://wwwes.help.stayforlong.com/
404.svg
kb-router.test-mraj.workers.dev/kb-router/assets/ 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kb-router.test-mraj.workers.dev/kb-router/assets/404.svg
Requested by
Host: wwwes.help.stayforlong.com
URL: https://wwwes.help.stayforlong.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3385 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf1dc8fd62df244129fa61f3a4116d61abf3c88410259e8f38c607abf8bf0bf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwwes.help.stayforlong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 20:25:05 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ET1y8WH2sp2nGU63mzReDz4O5R287T7AJSQcO6PTy6Ucdv9E%2BtdI7%2B4fgXaVVZgRxlnTz3ikWy7i7pPuo2AFMgah7cTql9zZXMIBnFtWfB2E8I8nYd9Ff0UTVBXoKbBDhIHtpcBb7klh%2FZfprV%2BxxcC5plDXCroA2Piy7mCR"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cf-ray
84dc7132dec971d6-FRA
alt-svc
h3=":443"; ma=86400
acquire-logo.svg
kb-router.test-mraj.workers.dev/kb-router/assets/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kb-router.test-mraj.workers.dev/kb-router/assets/acquire-logo.svg
Requested by
Host: wwwes.help.stayforlong.com
URL: https://wwwes.help.stayforlong.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3385 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed8ba6f373ccac658864549a63c71cd224245dbed8f06b03a2838d1fc445c36b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwwes.help.stayforlong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 20:25:05 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WsayYBQvZl5FzZee2BV4xUyrSfI5kkAWHdc9pNdu30i3%2F5RvugUsGTTJIhFpLx3TuwFTn0WIi6j%2F07qdloal%2FjNLZuxxw%2BZl4gpnYQjqU6Lz1FAGafykiZEdZi6gMVy4sAsyz44Q%2B2z%2Fa4tRoYdbaPMY%2F95KtAKKzdWxu6Af"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cf-ray
84dc7132dec871d6-FRA
alt-svc
h3=":443"; ma=86400
pattern.svg
kb-router.test-mraj.workers.dev/kb-router/assets/ 		16 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kb-router.test-mraj.workers.dev/kb-router/assets/pattern.svg
Requested by
Host: wwwes.help.stayforlong.com
URL: https://wwwes.help.stayforlong.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3385 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbd1bf86107331a9b6be111e7feaf24b3eaa133af3e9a3a9b6d913c64763b1d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwwes.help.stayforlong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 20:25:05 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RP72ugZW1xC8wueYAVRFNa9pmC%2FSvnOSXx1QIADJOhsandF4i2ptSKTxvvqptYKXQWB1UFg0l4Oia%2FIwrOGzOkE3ADDVo38SOWg8fwIsPUfLtbSUdR81fe%2BnNcIU44ENvpj%2FXzNVfX060gHqIa30%2FjbZmz6DtUPyW5IeZmiW"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cf-ray
84dc7132decb71d6-FRA
alt-svc
h3=":443"; ma=86400
widget.js
acme.acquire.io/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acme.acquire.io/widget.js
Requested by
Host: wwwes.help.stayforlong.com
URL: https://wwwes.help.stayforlong.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.20.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
57fdede5ffe67a78792d6ed0636cbe99f3ba81ad48e5a8d8922ef492b14db9e8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwwes.help.stayforlong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 20:25:05 GMT
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
cf-cache-status
HIT
x-acq-zone
zone1
content-security-policy
frame-ancestors 'none'
age
26119
cf-polished
origSize=27318
x-powered-by
Express
content-encoding
gzip
x-xss-protection
1; mode=block
x-sid
crm_5
last-modified
Tue, 30 Jan 2024 13:09:46 GMT
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
x-frame-options
deny
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=86400
cf-ray
84dc7133bd3e371d-FRA
init
acme.acquire.io/api/v1/crm/messenger/visitor/ 		51 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://acme.acquire.io/api/v1/crm/messenger/visitor/init?-x-user-type=contact
Requested by
Host: acme.acquire.io
URL: https://acme.acquire.io/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.20.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b780c2fef783196fd1dbbd8a5d669d4eb96b9a366c1d2927f04ec614fb358621
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wwwes.help.stayforlong.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/json

Response headers

date
Tue, 30 Jan 2024 20:25:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-acq-zone
zone1
strict-transport-security
max-age=15552000; preload
x-powered-by
Express
content-security-policy
frame-ancestors 'none'
x-xss-protection
1; mode=block
x-sid
crm_7
server
cloudflare
x-frame-options
deny
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wwwes.help.stayforlong.com
cache-control
no-cache, no-store, max-age=0
access-control-allow-credentials
true
cf-ray
84dc71378935371d-FRA
access-control-allow-headers
auth-acq-contact-id,x-csrf-token,content-type,x-requested-with,authorization
init
acme.acquire.io/api/v1/crm/messenger/visitor/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://acme.acquire.io/api/v1/crm/messenger/visitor/init?-x-user-type=contact
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.20.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://wwwes.help.stayforlong.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
auth-acq-contact-id,x-csrf-token,content-type,x-requested-with,authorization
access-control-allow-origin
https://wwwes.help.stayforlong.com
cf-cache-status
DYNAMIC
cf-ray
84dc7134bcdb4d95-FRA
content-encoding
gzip
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Tue, 30 Jan 2024 20:25:06 GMT
server
cloudflare
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-acq-zone
zone1
x-content-type-options
nosniff
x-frame-options
deny
x-powered-by
Express
x-sid
crm_4
x-xss-protection
1; mode=block
frontend.bundle.min.js
acme.acquire.io/dist/701ef69fe7be/ 		1 MB
389 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acme.acquire.io/dist/701ef69fe7be/frontend.bundle.min.js?v=1706266000340
Requested by
Host: acme.acquire.io
URL: https://acme.acquire.io/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.20.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b643e4a0be43c763c185ad7145cbb0f030e65ee9294d2f01165ca3008773e113
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwwes.help.stayforlong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 20:25:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-acq-zone
zone1
strict-transport-security
max-age=15552000; preload
age
130999
last-modified
Fri, 26 Jan 2024 10:46:40 GMT
server
cloudflare
etag
W/"65b38d90-13a2b2"
vary
Accept-Encoding
access-control-max-age
1728000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1728000, public
cf-ray
84dc7140fb84371d-FRA
expires
Sun, 18 Feb 2024 08:01:49 GMT
visitor.js
acme.acquire.io/cobrowse/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acme.acquire.io/cobrowse/visitor.js
Requested by
Host: acme.acquire.io
URL: https://acme.acquire.io/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.20.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
14cb6ff3c04b1512d3326db2fb021ff75230ae8040060646fce0a8b63ab530bb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwwes.help.stayforlong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 20:25:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Tue, 30 Jan 2024 13:09:47 GMT
x-acq-zone
zone1
strict-transport-security
max-age=15552000; preload
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-upstream
135.148.34.110:2130
cache-control
public,max-age=0
cf-ray
84dc71422ca9371d-FRA
x-sid
service-cobrowse-webrtc_1
app_init.js
acquire-apps.acquire.io/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://acquire-apps.acquire.io/app_init.js?account=acme&appId=google_analytics
Requested by
Host: acme.acquire.io
URL: https://acme.acquire.io/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.20.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwwes.help.stayforlong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
2.bundle.min.js
acme.acquire.io/dist/701ef69fe7be/ 		91 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acme.acquire.io/dist/701ef69fe7be/2.bundle.min.js
Requested by
Host: acme.acquire.io
URL: https://acme.acquire.io/dist/701ef69fe7be/frontend.bundle.min.js?v=1706266000340
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.20.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba1e2894f76857408dfe5b88358cbd20f7bd92b22acc42d5233e3c5536870fdf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwwes.help.stayforlong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 20:25:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-acq-zone
zone1
strict-transport-security
max-age=15552000; preload
age
130998
last-modified
Fri, 26 Jan 2024 10:46:40 GMT
server
cloudflare
etag
W/"65b38d90-16de3"
vary
Accept-Encoding
access-control-max-age
1728000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1728000, public
cf-ray
84dc71423cb6371d-FRA
expires
Sun, 18 Feb 2024 08:01:50 GMT
60.bundle.min.js
acme.acquire.io/dist/701ef69fe7be/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acme.acquire.io/dist/701ef69fe7be/60.bundle.min.js
Requested by
Host: acme.acquire.io
URL: https://acme.acquire.io/dist/701ef69fe7be/frontend.bundle.min.js?v=1706266000340
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.20.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91176b0da13fb1a5a7abbc259539fccbd2a8c2faaa3905394f0ccec4627e22d9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwwes.help.stayforlong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 20:25:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-acq-zone
zone1
strict-transport-security
max-age=15552000; preload
age
130998
last-modified
Fri, 26 Jan 2024 10:46:40 GMT
server
cloudflare
etag
W/"65b38d90-9e99"
vary
Accept-Encoding
access-control-max-age
1728000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1728000, public
cf-ray
84dc71423cb7371d-FRA
expires
Sun, 18 Feb 2024 08:01:50 GMT
56.min.css
acme.acquire.io/dist/701ef69fe7be/ 		1 KB
558 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://acme.acquire.io/dist/701ef69fe7be/56.min.css
Requested by
Host: acme.acquire.io
URL: https://acme.acquire.io/dist/701ef69fe7be/frontend.bundle.min.js?v=1706266000340
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.20.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fd16a4d8a5d4e659f7ae05538ca19fb4fa3067092739138bec0e380e0b3dcff
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwwes.help.stayforlong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 20:25:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-acq-zone
zone1
strict-transport-security
max-age=15552000; preload
age
130998
last-modified
Fri, 26 Jan 2024 10:46:40 GMT
server
cloudflare
etag
W/"65b38d90-488"
vary
Accept-Encoding
access-control-max-age
1728000
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1728000, public
cf-ray
84dc71423cba371d-FRA
expires
Sun, 18 Feb 2024 08:01:50 GMT
56.bundle.min.js
acme.acquire.io/dist/701ef69fe7be/ 		1 MB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acme.acquire.io/dist/701ef69fe7be/56.bundle.min.js
Requested by
Host: acme.acquire.io
URL: https://acme.acquire.io/dist/701ef69fe7be/frontend.bundle.min.js?v=1706266000340
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.20.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83a8bfdb3f623e851d081b0eff0e19b7f1c24a97d49b3318ebccd5d00ed0af7c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwwes.help.stayforlong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 20:25:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-acq-zone
zone1
strict-transport-security
max-age=15552000; preload
age
130998
last-modified
Fri, 26 Jan 2024 10:46:40 GMT
server
cloudflare
etag
W/"65b38d90-101489"
vary
Accept-Encoding
access-control-max-age
1728000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1728000, public
cf-ray
84dc71423cbe371d-FRA
expires
Sun, 18 Feb 2024 08:01:50 GMT
62.bundle.min.js
acme.acquire.io/dist/701ef69fe7be/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acme.acquire.io/dist/701ef69fe7be/62.bundle.min.js
Requested by
Host: acme.acquire.io
URL: https://acme.acquire.io/dist/701ef69fe7be/frontend.bundle.min.js?v=1706266000340
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.20.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4184dc22762b9bc12f86e2906611d8aed150f4e4920069824b049912b810e61
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwwes.help.stayforlong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 20:25:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-acq-zone
zone1
strict-transport-security
max-age=15552000; preload
age
130998
last-modified
Fri, 26 Jan 2024 10:46:40 GMT
server
cloudflare
etag
W/"65b38d90-777a"
vary
Accept-Encoding
access-control-max-age
1728000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1728000, public
cf-ray
84dc71423cc3371d-FRA
expires
Sun, 18 Feb 2024 08:01:50 GMT
app.19bca71703f9f0884b89130b7b1340f5d1de5405.js
acme.acquire.io/cobrowse/ 		1 MB
459 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acme.acquire.io/cobrowse/app.19bca71703f9f0884b89130b7b1340f5d1de5405.js
Requested by
Host: acme.acquire.io
URL: https://acme.acquire.io/cobrowse/visitor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.20.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
caab751d917c0076fab338d0b4a289473f44421470b2b5b0f4d05ce3d0f1a63f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwwes.help.stayforlong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 20:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-acq-zone
zone1
strict-transport-security
max-age=15552000; preload
x-powered-by
Express
x-sid
service-cobrowse-webrtc_1
last-modified
Tue, 21 Nov 2023 06:12:29 GMT
server
cloudflare
etag
W/"135f65-18bf0823e40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-upstream
135.148.34.110:2130
cache-control
public, max-age=0
cf-ray
84dc71448f0f371d-FRA
cancel@2x.svg
acme.acquire.io/front/assets/ Frame DE58 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acme.acquire.io/front/assets/cancel@2x.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.20.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
css
fonts.googleapis.com/ Frame AB38 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500,700
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
fcd07d21f21002d006e7e9a4797896bb12f00ea503ccbfed143527826c61694e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 Jan 2024 20:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 20:11:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Jan 2024 20:25:09 GMT
13.bundle.min.js
acme.acquire.io/dist/701ef69fe7be/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acme.acquire.io/dist/701ef69fe7be/13.bundle.min.js
Requested by
Host: acme.acquire.io
URL: https://acme.acquire.io/dist/701ef69fe7be/frontend.bundle.min.js?v=1706266000340
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.20.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca2150df113adca24410f8a7e15d36993ea722e20e74803e4e790d4915824649
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wwwes.help.stayforlong.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 20:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-acq-zone
zone1
strict-transport-security
max-age=15552000; preload
age
130996
last-modified
Fri, 26 Jan 2024 10:46:40 GMT
server
cloudflare
etag
W/"65b38d90-12ce"
vary
Accept-Encoding
access-control-max-age
1728000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1728000, public
cf-ray
84dc71497c9a371d-FRA
expires
Sun, 18 Feb 2024 08:01:53 GMT
trigger.mp3
acme.acquire.io/assets/sound/ 		18 KB
18 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://acme.acquire.io/assets/sound/trigger.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.20.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85b640d979f5163953e1fae0051d92a6ddd78375b5602fc58cdfbb6e0d65982e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wwwes.help.stayforlong.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 30 Jan 2024 20:25:09 GMT
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
cf-cache-status
HIT
x-acq-zone
zone1
age
26120
Content-Range
bytes 0-18389/18390
Content-Length
18390
last-modified
Fri, 26 Jan 2024 10:42:06 GMT
server
cloudflare
etag
"65b38c7e-47d6"
vary
Accept-Encoding
access-control-max-age
43200
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=43200, public, max-age=43200
cf-ray
84dc71498ca9371d-FRA
expires
Wed, 31 Jan 2024 01:09:49 GMT
call.ogg
acme.acquire.io/cobrowse/asset/sound/ 		0
0
cobrowse.css
acme.acquire.io/cobrowse/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
acme.acquire.io
URL
https://acme.acquire.io/cobrowse/asset/sound/call.ogg
Domain
acme.acquire.io
URL
https://acme.acquire.io/cobrowse/cobrowse.css

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| acquire boolean| __acq_loaded string| acquireAppENV boolean| acquireConfigProduction boolean| acquireConfigDebug string| acquireConfigNodeServer string| acquireConfigAssetsServer string| _acquire_type number| acquireTabId object| acquireVisitorInitResponse string| domain object| __$acquire_io_wbpk object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime object| configData function| acquireSocketLib function| acquireSocketLibWrapper function| AcqConnector function| acquireUAParser function| _ function| _acquire_init function| _acquire_reload function| testemits object| acquireIO function| getState boolean| acquireCobrowseEnv string| acquireCobrowseAccount string| acquireCobrowseNodeServer object| acquireCobrowseSettings string| acquireCobrowseAssetServer object| acquireCobrowseUser object| $fsx function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __values function| __read function| __spread function| __spreadArrays function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault object| acquireCobrowseRTC

6 Cookies

Domain/Path Name / Value
acme.acquire.io/ Name: _acq_id_contact
Value: s%3AeyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MjU3OTIzNjQsImlhdCI6MTcwNjY0NjMwNywiZXhwIjoxNzM4MTgyMzA3fQ.fEOMh0AnO-dzaetChjXzhWciRZGJ4VT9odPZpNjZNKU.H6JUpXjsodS%2FUa0T96qoQ0cvpXYsaxh8foOROvu4iYY
.help.stayforlong.com/ Name: _acq_id_contact_local
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MjU3OTIzNjQsImlhdCI6MTcwNjY0NjMwNywiZXhwIjoxNzM4MTgyMzA3fQ.fEOMh0AnO-dzaetChjXzhWciRZGJ4VT9odPZpNjZNKU
wwwes.help.stayforlong.com/ Name: _acq_id_contact_local
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MjU3OTIzNjQsImlhdCI6MTcwNjY0NjMwNywiZXhwIjoxNzM4MTgyMzA3fQ.fEOMh0AnO-dzaetChjXzhWciRZGJ4VT9odPZpNjZNKU
wwwes.help.stayforlong.com/ Name: _acq_visit
Value: {"pagesViewed":1,"time":"2024-01-30T20:25:08.187Z"}
wwwes.help.stayforlong.com/ Name: prevent_greeting_repetition
Value: 1
wwwes.help.stayforlong.com/ Name: chatbot_applied
Value: 0

1 Console Messages

Source Level URL
Text
network error URL: https://wwwes.help.stayforlong.com/
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acme.acquire.io
acquire-apps.acquire.io
fonts.googleapis.com
kb-router.test-mraj.workers.dev
wwwes.help.stayforlong.com
acme.acquire.io
104.22.20.94
18.217.38.206
2606:4700:3031::6815:3385
2a00:1450:4001:82f::200a
14cb6ff3c04b1512d3326db2fb021ff75230ae8040060646fce0a8b63ab530bb
1fd16a4d8a5d4e659f7ae05538ca19fb4fa3067092739138bec0e380e0b3dcff
57fdede5ffe67a78792d6ed0636cbe99f3ba81ad48e5a8d8922ef492b14db9e8
83a8bfdb3f623e851d081b0eff0e19b7f1c24a97d49b3318ebccd5d00ed0af7c
85b640d979f5163953e1fae0051d92a6ddd78375b5602fc58cdfbb6e0d65982e
91176b0da13fb1a5a7abbc259539fccbd2a8c2faaa3905394f0ccec4627e22d9
a4184dc22762b9bc12f86e2906611d8aed150f4e4920069824b049912b810e61
b643e4a0be43c763c185ad7145cbb0f030e65ee9294d2f01165ca3008773e113
b780c2fef783196fd1dbbd8a5d669d4eb96b9a366c1d2927f04ec614fb358621
ba1e2894f76857408dfe5b88358cbd20f7bd92b22acc42d5233e3c5536870fdf
c1fa61fd65180c7603ff5ee8f10b90c74daae52ea9d0eefba338730a3a7d106e
ca2150df113adca24410f8a7e15d36993ea722e20e74803e4e790d4915824649
caab751d917c0076fab338d0b4a289473f44421470b2b5b0f4d05ce3d0f1a63f
cf1dc8fd62df244129fa61f3a4116d61abf3c88410259e8f38c607abf8bf0bf6
dbd1bf86107331a9b6be111e7feaf24b3eaa133af3e9a3a9b6d913c64763b1d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed8ba6f373ccac658864549a63c71cd224245dbed8f06b03a2838d1fc445c36b
fcd07d21f21002d006e7e9a4797896bb12f00ea503ccbfed143527826c61694e