b13481647cf775c5.com Open in urlscan Pro
185.162.9.62 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://b13481647cf775c5.com/rp3e9Ug4y1xoE/10364
Effective URL:
http://b13481647cf775c5.com/
Submission Tags: falconsandbox
Submission: On December 28 via api (December 28th 2020, 7:16:55 am UTC) from US

Summary HTTP 53 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 53 HTTP transactions. The main IP is 185.162.9.62, located in Naaldwijk, Netherlands and belongs to EUROHOSTER, BG. The main domain is b13481647cf775c5.com.

This is the only time b13481647cf775c5.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 36	185.162.9.62 185.162.9.62	207728 (EUROHOSTER) (EUROHOSTER)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1 13	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	3.225.142.136 3.225.142.136	14618 (AMAZON-AES) (AMAZON-AES)
3	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.225.103.4 34.225.103.4	14618 (AMAZON-AES) (AMAZON-AES)
53	7

36 185.162.9.62 (Naaldwijk, Netherlands) 2 redirects

ASN207728 (EUROHOSTER, BG)
PTR: hosted-by.eurohoster.online

b13481647cf775c5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.201.198 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.18.70.113 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.225.142.136 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-142-136.compute-1.amazonaws.com

paperform.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.53.111 (United States)

ASN13335 (CLOUDFLARENET, US)

g5cybersecurity.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.225.103.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-103-4.compute-1.amazonaws.com

g5cs-contact-form.paperform.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	b13481647cf775c5.com 2 redirects b13481647cf775c5.com	2 MB
13	zdassets.com 1 redirects static.zdassets.com ekr.zdassets.com	559 KB
4	paperform.co 2 redirects paperform.co g5cs-contact-form.paperform.co	8 KB
3	zendesk.com g5cybersecurity.zendesk.com	3 KB
3	yadro.ru 2 redirects counter.yadro.ru	2 KB
1	cloudflare.com ajax.cloudflare.com	5 KB
53	6

	Domain	Requested by
36	b13481647cf775c5.com	2 redirects b13481647cf775c5.com ajax.cloudflare.com
12	static.zdassets.com	1 redirects b13481647cf775c5.com static.zdassets.com
3	g5cybersecurity.zendesk.com	static.zdassets.com
3	paperform.co	2 redirects
3	counter.yadro.ru	2 redirects b13481647cf775c5.com
1	g5cs-contact-form.paperform.co	paperform.co
1	ekr.zdassets.com	static.zdassets.com
1	ajax.cloudflare.com	b13481647cf775c5.com
53	8

This site contains links to these domains. Also see Links.

Domain
g5cybersecurity.com
help.g5cybersecurity.com
dataprotectionbarbados.com
dataprotectionbahamas.com
dataprotectioncayman.com
dataprotectiontt.com
mitigate5certification.com
bugbountycaribbean.com
gcirt.com
twitter.com
www.linkedin.com
www.facebook.com
www.liveinternet.ru

Subject Issuer	Validity	Valid
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
counter.yadro.ru Let's Encrypt Authority X3	`2020-10-29` - `2021-01-27`	3 months	crt.sh
ssl911790.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-10-28` - `2021-05-06`	6 months	crt.sh
*.paperform.co Sectigo RSA Domain Validation Secure Server CA	`2020-03-20` - `2021-03-20`	a year	crt.sh
g5cybersecurity.zendesk.com Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://b13481647cf775c5.com/
Frame ID: CE7C31CB7824FD19FF0A976F13951D3E
Requests: 40 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/preload.c2839d69e85022a84eed.js
Frame ID: 4E1E217FACA059FD11906E3F5175ED13
Requests: 12 HTTP requests in this frame

Frame: https://g5cs-contact-form.paperform.co/?embed=1&takeover=0&inline=0&popup=1&_d=b13481647cf775c5.com&_in=1&_embed_id=1
Frame ID: 6A5467EA1547E4031B88B908EC132ADB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://b13481647cf775c5.com/rp3e9Ug4y1xoE/10364 HTTP 301
http://b13481647cf775c5.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Page Statistics

53
Requests

36 %
HTTPS

14 %
IPv6

6
Domains

8
Subdomains

7
IPs

3
Countries

2688 kB
Transfer

4821 kB
Size

0
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: http://g5cybersecurity.com/privacy/
Title: Services

Search URL Search Domain Scan URL

URL: http://g5cybersecurity.com/
Title: G5 Cyber Security, Inc.

Search URL Search Domain Scan URL

URL: http://g5cybersecurity.com/contact
Title: Contact G5CS

Search URL Search Domain Scan URL

URL: http://help.g5cybersecurity.com/
Title: Help

Search URL Search Domain Scan URL

URL: http://g5cybersecurity.com/meeting
Title: Schedule online meeting

Search URL Search Domain Scan URL

URL: http://g5cybersecurity.com/privacy//data-privacy-identification-services
Title: Visit »

Search URL Search Domain Scan URL

URL: http://g5cybersecurity.com/privacy//data-privacy-governance-services
Title: Visit »

Search URL Search Domain Scan URL

URL: http://g5cybersecurity.com/privacy//data-privacy-control-services
Title: Visit »

Search URL Search Domain Scan URL

URL: http://g5cybersecurity.com/privacy//data-privacy-communication-services
Title: Visit »

Search URL Search Domain Scan URL

URL: http://g5cybersecurity.com/privacy//data-privacy-protection-services
Title: Visit »

Search URL Search Domain Scan URL

URL: http://g5cybersecurity.com/privacy/pricing-plans-data-privacy
Title: HERE

Search URL Search Domain Scan URL

URL: http://g5cybersecurity.com/ticket
Title: Submit a ticket

Search URL Search Domain Scan URL

URL: http://dataprotectionbarbados.com/
Title: Data Protection Barbados

Search URL Search Domain Scan URL

URL: http://dataprotectionbahamas.com/
Title: Data Protection Bahamas

Search URL Search Domain Scan URL

URL: http://dataprotectioncayman.com/
Title: Data Protection The Cayman Islands

Search URL Search Domain Scan URL

URL: http://dataprotectiontt.com/
Title: Data Protection Trinidad and Tobago

Search URL Search Domain Scan URL

URL: http://g5cybersecurity.com/services
Title: Services

Search URL Search Domain Scan URL

URL: http://mitigate5certification.com/
Title: Mitigate-5 Certification

Search URL Search Domain Scan URL

URL: http://bugbountycaribbean.com/
Title: Bug Bounty Caribbean

Search URL Search Domain Scan URL

URL: http://gcirt.com/
Title: gCIRT

Search URL Search Domain Scan URL

URL: http://twitter.com/g5cybersecurity

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/g5-cyber-security/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/g5cybersec/

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://b13481647cf775c5.com/rp3e9Ug4y1xoE/10364 HTTP 301
http://b13481647cf775c5.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

http://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js HTTP 307
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Request Chain 19

http://counter.yadro.ru/hit?t44.6;r;s1600*1200*24;uhttp%3A//b13481647cf775c5.com/;hData%20Protection%20%26%20Privacy%20Turks%20%26%20Caicos%20Islands%20%7C%20by%20G5%20Cyber%20Security%2C%20Inc.%20%28G5CS%29;0.6968230751065054 HTTP 302
https://counter.yadro.ru/hit?t44.6;r;s1600*1200*24;uhttp%3A//b13481647cf775c5.com/;hData%20Protection%20%26%20Privacy%20Turks%20%26%20Caicos%20Islands%20%7C%20by%20G5%20Cyber%20Security%2C%20Inc.%20%28G5CS%29;0.6968230751065054 HTTP 302
https://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttp%3A//b13481647cf775c5.com/;hData%20Protection%20%26%20Privacy%20Turks%20%26%20Caicos%20Islands%20%7C%20by%20G5%20Cyber%20Security%2C%20Inc.%20%28G5CS%29;0.6968230751065054

Request Chain 20

http://static.zdassets.com/ekr/snippet.js?key=8a7a5e4a-e0c6-42d1-b67c-52d6622ac9e0 HTTP 301
https://static.zdassets.com/ekr/snippet.js?key=8a7a5e4a-e0c6-42d1-b67c-52d6622ac9e0

Request Chain 32

http://b13481647cf775c5.com/assets/images/section-bg.jpg HTTP 301
http://b13481647cf775c5.com/

Request Chain 36

http://paperform.co/__embed HTTP 301
https://paperform.co/__embed

Request Chain 50

https://paperform.co/form/g5cs-contact-form?embed=1&takeover=0&inline=0&popup=1&_d=b13481647cf775c5.com&_in=1&_embed_id=1 HTTP 302
https://g5cs-contact-form.paperform.co/?embed=1&takeover=0&inline=0&popup=1&_d=b13481647cf775c5.com&_in=1&_embed_id=1

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
b13481647cf775c5.com/
Redirect Chain

http://b13481647cf775c5.com/rp3e9Ug4y1xoE/10364
http://b13481647cf775c5.com/

18 KB
5 KB

413ms
411ms

Document
text/html

185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL

http://b13481647cf775c5.com/

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

878bf8e00892b7fbc4585e85d56734285d288373bc439a646c8007247f7f604b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: b13481647cf775c5.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx/1.15.12
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 28 Dec 2020 07:16:35 GMT
Vary: Accept-Encoding,User-Agent
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
x-xss-protection: 1; mode=block
Referrer-Policy: strict-origin
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Cache-control: no-store
Pragma: no-cache
Content-Encoding: gzip

Redirect headers

Server: nginx/1.15.12
Date: Mon, 28 Dec 2020 06:58:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: /

GET
H/1.1 200
OK bootstrap.min.css
b13481647cf775c5.com/assets/css/ 152 KB
28 KB 449ms
447ms Stylesheet
text/css 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL

http://b13481647cf775c5.com/assets/css/bootstrap.min.css

Requested by

Host: b13481647cf775c5.com
URL: http://b13481647cf775c5.com/

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

0dee80338fbc6424439878012a76a3ad62545b688626a7836948e546b4fad152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:36 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: text/css;charset=UTF-8
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK iconfont.css
b13481647cf775c5.com/assets/fonts/ 84 KB
16 KB 437ms
422ms Stylesheet
text/css 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL

http://b13481647cf775c5.com/assets/fonts/iconfont.css

Requested by

Host: b13481647cf775c5.com
URL: http://b13481647cf775c5.com/

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

e7e603743f23fd971354cb90cf3b9c8dbfc37009ecce7ce0838d96fad8ec07e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:36 GMT
Content-Encoding: gzip
referrer-policy: strict-origin
Server: nginx/1.15.12
x-frame-options: SAMEORIGIN
Content-Type: text/css;charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: no-store
Transfer-Encoding: chunked
permissions-policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff

GET
H/1.1 200
OK swiper.min.css
b13481647cf775c5.com/assets/css/ 13 KB
5 KB 423ms
409ms Stylesheet
text/css 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL

http://b13481647cf775c5.com/assets/css/swiper.min.css

Requested by

Host: b13481647cf775c5.com
URL: http://b13481647cf775c5.com/

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

b36400d09b5810e3aa454cb328dfa4d9afd1c5c8a60ee1761d905db28b1045b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:36 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: text/css;charset=UTF-8
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK venobox.css
b13481647cf775c5.com/assets/css/ 19 KB
4 KB 503ms
489ms Stylesheet
text/css 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL

http://b13481647cf775c5.com/assets/css/venobox.css

Requested by

Host: b13481647cf775c5.com
URL: http://b13481647cf775c5.com/

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

0e22880e6624fa39c5987e59652c9e6dfd3168491263ac4644cda717ba90094a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:36 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: text/css;charset=UTF-8
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK animate.css
b13481647cf775c5.com/assets/css/ 56 KB
6 KB 438ms
424ms Stylesheet
text/css 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL

http://b13481647cf775c5.com/assets/css/animate.css

Requested by

Host: b13481647cf775c5.com
URL: http://b13481647cf775c5.com/

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

c7c8f72481799e425b598a2e686a7b608ba0465532e3c0fba784f964f4486c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:36 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: text/css;charset=UTF-8
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK select2.min.css
b13481647cf775c5.com/assets/css/ 15 KB
3 KB 450ms
436ms Stylesheet
text/css 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL

http://b13481647cf775c5.com/assets/css/select2.min.css

Requested by

Host: b13481647cf775c5.com
URL: http://b13481647cf775c5.com/

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:36 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: text/css;charset=UTF-8
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK style.css
b13481647cf775c5.com/assets/css/ 43 KB
8 KB 818ms
393ms Stylesheet
text/css 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL

http://b13481647cf775c5.com/assets/css/style.css

Requested by

Host: b13481647cf775c5.com
URL: http://b13481647cf775c5.com/

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

fe62b786330f75e7c93a3dc60e16a536cac8a5cb08ba5bc9941cd6be2eee2b2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:36 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: text/css;charset=UTF-8
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK responsive.css
b13481647cf775c5.com/assets/css/ 1 KB
996 B 869ms
427ms Stylesheet
text/css 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL

http://b13481647cf775c5.com/assets/css/responsive.css

Requested by

Host: b13481647cf775c5.com
URL: http://b13481647cf775c5.com/

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

10362041d9448fde62cc38610cdbac7eecb18019ec5771c96dfe2e3d204b2434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:36 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: text/css;charset=UTF-8
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK color-1.css
b13481647cf775c5.com/assets/css/ 7 KB
3 KB 924ms
469ms Stylesheet
text/css 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL

http://b13481647cf775c5.com/assets/css/color-1.css

Requested by

Host: b13481647cf775c5.com
URL: http://b13481647cf775c5.com/

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

6bb3c7179befbc00a3560fda9c8f79eb11276b694cc46bc0ec8524fda9e6c40c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:36 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: text/css;charset=UTF-8
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK logo-data-protection-tci-white.png
b13481647cf775c5.com/assets/images/logo/ 21 KB
21 KB 394ms
393ms Image
image/png 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://b13481647cf775c5.com/assets/images/logo/logo-data-protection-tci-white.png

Requested by

Host: b13481647cf775c5.com
URL: http://b13481647cf775c5.com/

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

f7bb4ee0bfe611418d7928fbb33217bc07042230ca8f6677ca5c313ae97e9f9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:36 GMT
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK logo-data-protection-tci-colour.png
b13481647cf775c5.com/assets/images/logo/ 21 KB
22 KB 383ms
382ms Image
image/png 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://b13481647cf775c5.com/assets/images/logo/logo-data-protection-tci-colour.png

Requested by

Host: b13481647cf775c5.com
URL: http://b13481647cf775c5.com/

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

eeb48105b03e248962b235fc277ce93ed87244e7014b4d8d6209b32777b91908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:36 GMT
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK header-tci.png
b13481647cf775c5.com/assets/images/ 377 KB
378 KB 792ms
791ms Image
image/png 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://b13481647cf775c5.com/assets/images/header-tci.png

Requested by

Host: b13481647cf775c5.com
URL: http://b13481647cf775c5.com/

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

18dc791d7a7576e220e535dde2a6521eb49cebf9ca2218633955324eb4762760

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:36 GMT
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK service.png
b13481647cf775c5.com/assets/images/icons/ 5 KB
5 KB 423ms
423ms Image
image/png 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://b13481647cf775c5.com/assets/images/icons/service.png

Requested by

Host: b13481647cf775c5.com
URL: http://b13481647cf775c5.com/

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

a18d39f48477980161214c007a035a2d3be84a2979adaeb2ba088d9547b9a5ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:36 GMT
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK consult.png
b13481647cf775c5.com/assets/images/icons/ 5 KB
6 KB 369ms
368ms Image
image/png 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://b13481647cf775c5.com/assets/images/icons/consult.png

Requested by

Host: b13481647cf775c5.com
URL: http://b13481647cf775c5.com/

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

e56678bc5c1e78c42472951955d1ac5561d4c5140d672b8d841179f8c542973c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:36 GMT
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK service.png
b13481647cf775c5.com/assets/images/icons/mini/ 1 KB
2 KB 524ms
523ms Image
image/png 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://b13481647cf775c5.com/assets/images/icons/mini/service.png

Requested by

Host: b13481647cf775c5.com
URL: http://b13481647cf775c5.com/

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

417fd76d90c5bc2b0b156e6cefa4daa77333b6fc2dbbd51de21878efd4c4d23e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:37 GMT
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK consult.png
b13481647cf775c5.com/assets/images/icons/mini/ 1 KB
2 KB 481ms
480ms Image
image/png 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://b13481647cf775c5.com/assets/images/icons/mini/consult.png

Requested by

Host: b13481647cf775c5.com
URL: http://b13481647cf775c5.com/

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

0e3c2173cb7db45b7de0b29372321ff217e0b523e348607f7a94669b13649a23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:37 GMT
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK services.png
b13481647cf775c5.com/assets/images/ 258 KB
259 KB 737ms
737ms Image
image/png 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://b13481647cf775c5.com/assets/images/services.png

Requested by

Host: b13481647cf775c5.com
URL: http://b13481647cf775c5.com/

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

0844dd2be72dfa5563d05c299812425c72d889c0098b97c37e40ae6eb823c1f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:37 GMT
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK consultation.png
b13481647cf775c5.com/assets/images/ 320 KB
320 KB 832ms
832ms Image
image/png 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://b13481647cf775c5.com/assets/images/consultation.png

Requested by

Host: b13481647cf775c5.com
URL: http://b13481647cf775c5.com/

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

eda651ced389780f28f1218760584444909cbf8fb0d61f5dd5e74f3639c5aa76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:38 GMT
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Content-Type-Options: nosniff

GET
H2

200

rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/
Redirect Chain

http://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

12 KB
5 KB

30ms
17ms

Script
application/javascript

2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: b13481647cf775c5.com
URL: http://b13481647cf775c5.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Dec 2020 07:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 0749cdcf3800004a7adca25000000001
last-modified: Thu, 17 Dec 2020 18:39:38 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5fdba5ea-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Gezk417NumgVlKWkIHB8%2FkMypqGZPDSUQzUI8xkbeOGJ85VF5Arilu13v7PydgX3elVde3gmjbsldMLAO5DIxBLNjI2V78HyEXT3zzw7Fcn3jz6w2f8Y3fzzhITn9w93"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 60897f2b88a94a7a-FRA
expires: Wed, 30 Dec 2020 07:16:35 GMT

Redirect headers

Location: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t44.6;r;s1600*1200*24;uhttp%3A//b13481647cf775c5.com/;hData%20Protection%20%26%20Privacy%20Turks%20%26%20Caicos%20Islands%20%7C%20by%20G5%20Cyber%20Security%2C%20Inc.%20...
https://counter.yadro.ru/hit?t44.6;r;s1600*1200*24;uhttp%3A//b13481647cf775c5.com/;hData%20Protection%20%26%20Privacy%20Turks%20%26%20Caicos%20Islands%20%7C%20by%20G5%20Cyber%20Security%2C%20Inc.%2...
https://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttp%3A//b13481647cf775c5.com/;hData%20Protection%20%26%20Privacy%20Turks%20%26%20Caicos%20Islands%20%7C%20by%20G5%20Cyber%20Security%2C%20Inc....

132 B
586 B

51ms
51ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttp%3A//b13481647cf775c5.com/;hData%20Protection%20%26%20Privacy%20Turks%20%26%20Caicos%20Islands%20%7C%20by%20G5%20Cyber%20Security%2C%20Inc.%20%28G5CS%29;0.6968230751065054

Requested by

Host: b13481647cf775c5.com
URL: http://b13481647cf775c5.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

fa523f248a332cb89ae3ad8cf51d840153e0f96bcc2a4c8db736e02a340dab48

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:37 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 132
Expires: Sat, 28 Dec 2019 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:37 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttp%3A//b13481647cf775c5.com/;hData%20Protection%20%26%20Privacy%20Turks%20%26%20Caicos%20Islands%20%7C%20by%20G5%20Cyber%20Security%2C%20Inc.%20%28G5CS%29;0.6968230751065054
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sat, 28 Dec 2019 21:00:00 GMT

GET
H2

200

snippet.js Show response
static.zdassets.com/ekr/
Redirect Chain

http://static.zdassets.com/ekr/snippet.js?key=8a7a5e4a-e0c6-42d1-b67c-52d6622ac9e0
https://static.zdassets.com/ekr/snippet.js?key=8a7a5e4a-e0c6-42d1-b67c-52d6622ac9e0

24 KB
7 KB

59ms
25ms

Script
application/javascript

104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=8a7a5e4a-e0c6-42d1-b67c-52d6622ac9e0

Requested by

Host: b13481647cf775c5.com
URL: http://b13481647cf775c5.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Dec 2020 07:16:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 1
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: 757BFDB141A17C49
x-amz-id-2: Rh4GW+JV1Gs38rNRpvTM9FTNVHCXtm7xzp9FpH8MZjMZZMkizAV/8knG8QrtjaqynbzhyBuwspA=
last-modified: Tue, 10 Mar 2020 23:13:51 GMT
server: cloudflare
etag: W/"f47f1934dec578b3ec2daacb7e61d9c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: QzcBmfzwuCnSPtNhWyKUV.rVnAqAKY6a
cf-request-id: 0749cdd34b00009bd3fe3cb000000001
cf-ray: 60897f321a099bd3-AMS

Redirect headers

Date: Mon, 28 Dec 2020 07:16:36 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://static.zdassets.com/ekr/snippet.js?key=8a7a5e4a-e0c6-42d1-b67c-52d6622ac9e0
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 60897f317c0dc847-AMS
cf-request-id: 0749cdd2e80000c847ccafd000000001
Expires: Mon, 28 Dec 2020 08:16:36 GMT

GET
H/1.1 200
OK custom.js Show response
b13481647cf775c5.com/assets/js/ 4 KB
4 KB 813ms
392ms Script
application/javascript 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL

http://b13481647cf775c5.com/assets/js/custom.js

Requested by

Host: ajax.cloudflare.com
URL: http://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

362fd6a9d759bd549cb1c3a0b63d27c0b03048fe22872cedf2408c84b5a822d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:37 GMT
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK wow.min.js Show response
b13481647cf775c5.com/assets/js/ 8 KB
8 KB 900ms
446ms Script
application/javascript 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL

http://b13481647cf775c5.com/assets/js/wow.min.js

Requested by

Host: ajax.cloudflare.com
URL: http://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

7852a22b72ead62cfc4a1b1ca32874b3e222f232a991a6d1432313572f534135

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:37 GMT
referrer-policy: strict-origin
Server: nginx/1.15.12
x-frame-options: SAMEORIGIN
Content-Type: application/javascript
x-xss-protection: 1; mode=block
cache-control: no-store
Transfer-Encoding: chunked
permissions-policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Accept-Ranges: bytes
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff

GET
H/1.1 200
OK jquery.form.js Show response
b13481647cf775c5.com/assets/js/ 43 KB
43 KB 1163ms
400ms Script
application/javascript 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL

http://b13481647cf775c5.com/assets/js/jquery.form.js

Requested by

Host: ajax.cloudflare.com
URL: http://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

3a16fd80d67008f1c947cf93ebb20e2af2ed1a6317e194d35ed15046076c4211

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:37 GMT
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK jquery.validate.min.js Show response
b13481647cf775c5.com/assets/js/ 24 KB
24 KB 1186ms
412ms Script
application/javascript 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL

http://b13481647cf775c5.com/assets/js/jquery.validate.min.js

Requested by

Host: ajax.cloudflare.com
URL: http://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:37 GMT
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK select2.min.js Show response
b13481647cf775c5.com/assets/js/ 69 KB
69 KB 1222ms
409ms Script
application/javascript 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL

http://b13481647cf775c5.com/assets/js/select2.min.js

Requested by

Host: ajax.cloudflare.com
URL: http://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

c1f5534ed276a1eaa57b106c7dadcc994a01efbc033513ea4f5435580d8c327e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:37 GMT
referrer-policy: strict-origin
Server: nginx/1.15.12
x-frame-options: SAMEORIGIN
Content-Type: application/javascript
x-xss-protection: 1; mode=block
cache-control: no-store
Transfer-Encoding: chunked
permissions-policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Accept-Ranges: bytes
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff

GET
H/1.1 200
OK venobox.min.js Show response
b13481647cf775c5.com/assets/js/ 11 KB
12 KB 1404ms
503ms Script
application/javascript 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL

http://b13481647cf775c5.com/assets/js/venobox.min.js

Requested by

Host: ajax.cloudflare.com
URL: http://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

bd1700e87438d82deaef042539820d44032e00fa6302674e453435c2ffe3c2d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:38 GMT
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK swiper.min.js Show response
b13481647cf775c5.com/assets/js/ 134 KB
135 KB 1386ms
430ms Script
application/javascript 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL

http://b13481647cf775c5.com/assets/js/swiper.min.js

Requested by

Host: ajax.cloudflare.com
URL: http://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

6404c2c4781c6da96a8b70311e6eec3e6c1b7ecde86787de1a60804550e65e28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:38 GMT
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK smooth-scroll.min.js Show response
b13481647cf775c5.com/assets/js/ 5 KB
6 KB 1555ms
416ms Script
application/javascript 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL

http://b13481647cf775c5.com/assets/js/smooth-scroll.min.js

Requested by

Host: ajax.cloudflare.com
URL: http://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

627004a6d9ba4f4b90ee6d18da6d4416de50c4f378cb6febc7838c658f08aac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:38 GMT
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK jquery.easing.js Show response
b13481647cf775c5.com/assets/js/ 8 KB
8 KB 1571ms
401ms Script
application/javascript 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL

http://b13481647cf775c5.com/assets/js/jquery.easing.js

Requested by

Host: ajax.cloudflare.com
URL: http://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

63709f8c3cbb640f3476eeca0379d3d1016f1d61f2b3e34e612c76d8b3486eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:38 GMT
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK bootstrap.min.js Show response
b13481647cf775c5.com/assets/js/ 59 KB
59 KB 1577ms
388ms Script
application/javascript 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL

http://b13481647cf775c5.com/assets/js/bootstrap.min.js

Requested by

Host: ajax.cloudflare.com
URL: http://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:38 GMT
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK jquery.min.js Show response
b13481647cf775c5.com/assets/js/ 86 KB
87 KB 1668ms
437ms Script
application/javascript 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL

http://b13481647cf775c5.com/assets/js/jquery.min.js

Requested by

Host: ajax.cloudflare.com
URL: http://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:38 GMT
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff

GET
H/1.1

200
OK

/
b13481647cf775c5.com/
Redirect Chain

http://b13481647cf775c5.com/assets/images/section-bg.jpg
http://b13481647cf775c5.com/

18 KB
18 KB

420ms
419ms

Image
text/html

185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://b13481647cf775c5.com/

Requested by

Host: b13481647cf775c5.com
URL: http://b13481647cf775c5.com/assets/css/color-1.css

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:38 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: text/html;charset=UTF-8
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff

Redirect headers

Location: /
Date: Mon, 28 Dec 2020 06:58:48 GMT
Server: nginx/1.15.12
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ProximaNova-Bold_1.woff2
b13481647cf775c5.com/assets/fonts/Proxima/ 26 KB
26 KB 746ms
470ms Font
font/woff2 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL

http://b13481647cf775c5.com/assets/fonts/Proxima/ProximaNova-Bold_1.woff2

Requested by

Host: b13481647cf775c5.com
URL: http://b13481647cf775c5.com/assets/css/style.css

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

fbfa829162f30a941f8093b532ad4feb68ef45d0b960f86443c45d33f82af188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: http://b13481647cf775c5.com
Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:37 GMT
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK icomoon8711.ttf
b13481647cf775c5.com/assets/fonts/ 493 KB
494 KB 1067ms
770ms Font
font/ttf 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL

http://b13481647cf775c5.com/assets/fonts/icomoon8711.ttf?119o20

Requested by

Host: b13481647cf775c5.com
URL: http://b13481647cf775c5.com/assets/fonts/iconfont.css

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

e693536ccfbdb56280059564580789705ed0167a766a3bf349d96514b3122d4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: http://b13481647cf775c5.com
Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:37 GMT
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: font/ttf
x-xss-protection: 1; mode=block
Cache-control: max-age=14400
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK ProximaNova-Regular_1.woff2
b13481647cf775c5.com/assets/fonts/Proxima/ 26 KB
27 KB 931ms
527ms Font
font/woff2 185.162.9.62
EUROHOSTER

General

Check archive.org

Show headers Download Go to

Full URL

http://b13481647cf775c5.com/assets/fonts/Proxima/ProximaNova-Regular_1.woff2

Requested by

Host: b13481647cf775c5.com
URL: http://b13481647cf775c5.com/assets/css/style.css

Protocol

HTTP/1.1

Server

185.162.9.62 Naaldwijk, Netherlands, ASN207728 (EUROHOSTER, BG),

Reverse DNS

hosted-by.eurohoster.online

Software

nginx/1.15.12 /

Resource Hash

77d221fb5a9f1e1dbfd1b9ae72b7348aee224a48c2d8714db6c971363b79d821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: http://b13481647cf775c5.com
Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Dec 2020 07:16:37 GMT
Referrer-Policy: strict-origin
Server: nginx/1.15.12
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
x-xss-protection: 1; mode=block
Cache-control: no-store
Transfer-Encoding: chunked
Permissions-Policy: accelerometer=(); camera=(); geolocation=(); gyroscope=(); magnetometer=(); microphone=(); payment=(); usb=()
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff

GET
H/1.1

200
OK

__embed Show response
paperform.co/
Redirect Chain

http://paperform.co/__embed
https://paperform.co/__embed

22 KB
7 KB

302ms
101ms

Script
application/javascript

3.225.142.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://paperform.co/__embed
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.225.142.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-142-136.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d5bc22540272af460362d5148a9417e2b944dd5cba734cba71963d6c499cd297

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 28 Dec 2020 07:16:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Aug 2020 02:17:10 GMT
Server: nginx
ETag: W/"5f2773a6-57fd"
Vary: Accept-Encoding
Content-Type: application/octet-stream, application/javascript
Cache-Control: max-age=300, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 28 Dec 2020 07:21:39 GMT

Redirect headers

Location: https://paperform.co/__embed
Date: Mon, 28 Dec 2020 07:16:39 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 8a7a5e4a-e0c6-42d1-b67c-52d6622ac9e0 Show response
ekr.zdassets.com/compose/ 1 KB
911 B 220ms
186ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/8a7a5e4a-e0c6-42d1-b67c-52d6622ac9e0

Requested by

Host: static.zdassets.com
URL: http://static.zdassets.com/ekr/snippet.js?key=8a7a5e4a-e0c6-42d1-b67c-52d6622ac9e0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0219140869024b6f2197cfa8f9bfffc345051c9c833d81470e8ab07d3831cec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Dec 2020 07:16:39 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: MISS
status: 200 OK
strict-transport-security: max-age=0
cf-request-id: 0749cddc0c0000d8b1c9037000000001
x-request-id: 5448a236-09a1-4601-b521-fcb70e7b825d
x-runtime: 0.003369
server: cloudflare
etag: W/"0219140869024b6f2197cfa8f9bfffc3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 60897f401fc8d8b1-AMS

GET
H2 200 preload.c2839d69e85022a84eed.js Show response
static.zdassets.com/web_widget/latest/ Frame 4E1E 61 KB
19 KB 33ms
31ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/preload.c2839d69e85022a84eed.js

Requested by

Host: static.zdassets.com
URL: http://static.zdassets.com/ekr/snippet.js?key=8a7a5e4a-e0c6-42d1-b67c-52d6622ac9e0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b49cf0af89499a71cd81d6919fbef36fe565c49f2435ab3cc2f7b6f170143737

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Dec 2020 07:16:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1219725
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: D68291D1C5444D3F
x-amz-id-2: REjcu4TCPfrROhk0YMMFTMJc8pttypD0TQBhe+wr/ETA/Ed9SdRYtjRWviO6lgJhdB97O0CZnJE=
last-modified: Thu, 10 Dec 2020 04:33:24 GMT
server: cloudflare
etag: W/"4ddcec4b7470c8fe96b1b40b02f1cb3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: .Q5fJ7o.P4BqhGwPuH7tlGWbaIrldmrn
cf-request-id: 0749cddcce00009bd308082000000001
cf-ray: 60897f414f7f9bd3-AMS
expires: Fri, 10 Dec 2021 04:33:23 GMT

GET
H2 200 web_widget.9dc7b1f513c47f4ab974.chunk.js Show response
static.zdassets.com/web_widget/latest/vendors~lazy/ Frame 4E1E 245 KB
63 KB 68ms
67ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/vendors~lazy/web_widget.9dc7b1f513c47f4ab974.chunk.js

Requested by

Host: static.zdassets.com
URL: http://static.zdassets.com/ekr/snippet.js?key=8a7a5e4a-e0c6-42d1-b67c-52d6622ac9e0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

957f3a81d57b42875e7b2b3c033b1f86fc5fcc9a0c6b2416cef0ed0c8471c49a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Dec 2020 07:16:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1653746
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: CC5C848335B21FD3
x-amz-id-2: neFehjWihkcyEqT6MuUprsxsIrCE+zZT8M010GJRCxu1i+24SIWa5rcV33niL5qJ+/C/9zkb+AU=
last-modified: Wed, 09 Dec 2020 03:45:48 GMT
server: cloudflare
etag: W/"acc0d0f9c31d1ba8afda0426cd8ac225"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: YViqwF933Mr4L08jWgG0ApRh7Ttlus_S
cf-request-id: 0749cddcce00009bd31ba04000000001
cf-ray: 60897f414f809bd3-AMS
expires: Thu, 09 Dec 2021 03:45:47 GMT

GET
H2 200 web_widget.549a8e20c699c545ebc6.chunk.js Show response
static.zdassets.com/web_widget/latest/lazy/ Frame 4E1E 496 KB
95 KB 81ms
80ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/lazy/web_widget.549a8e20c699c545ebc6.chunk.js

Requested by

Host: static.zdassets.com
URL: http://static.zdassets.com/ekr/snippet.js?key=8a7a5e4a-e0c6-42d1-b67c-52d6622ac9e0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb19aa9aed8ac0bf160e82435d45c776f521e6ce2cd79df22d307c52bcbb85a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Dec 2020 07:16:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1219725
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 6FFBA04D8B0B4CBF
x-amz-id-2: hqecUe61Vm3w66xVtDSNc6zF64V6sVY/5h40gD0gbHe+QCI5Mz5dmgAiQ/akCjayMFWSh6H86nQ=
last-modified: Thu, 10 Dec 2020 04:32:34 GMT
server: cloudflare
etag: W/"faafbead228c50c7d151fb040f26ed43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: N9rx7iv7KALCAz4wKggh0_eiOsfgMZ_w
cf-request-id: 0749cddcce00009bd322255000000001
cf-ray: 60897f414f819bd3-AMS
expires: Fri, 10 Dec 2021 04:32:33 GMT

GET
H2 200 web_widget.6c7ea89c43fd8a7bac80.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame 4E1E 335 KB
66 KB 76ms
75ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web_widget.6c7ea89c43fd8a7bac80.chunk.js

Requested by

Host: static.zdassets.com
URL: http://static.zdassets.com/ekr/snippet.js?key=8a7a5e4a-e0c6-42d1-b67c-52d6622ac9e0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46aba846f60ac79322b9b63959f937397e150ef3f74bc808cef91ec1bf064c6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Dec 2020 07:16:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1219725
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: D7E7C7E305790C0C
x-amz-id-2: JBh78FhlOyJFYiGU7PcUbkGako1upIL72719OPMJ2aB48LMOhNaXUOcMPrekMk3fzMbaoFH9grM=
last-modified: Thu, 10 Dec 2020 04:33:26 GMT
server: cloudflare
etag: W/"6032c557f0f862de7b035676da91946d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: wV5pEgzl7KezT_9THnJdIGb.HmHG4ADJ
cf-request-id: 0749cddcce00009bd30d82a000000001
cf-ray: 60897f414f829bd3-AMS
expires: Fri, 10 Dec 2021 04:33:25 GMT

GET
H2 200 vendors~web_widget.ccbc82c9f877226a18ba.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame 4E1E 493 KB
150 KB 86ms
85ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/vendors~web_widget.ccbc82c9f877226a18ba.chunk.js

Requested by

Host: static.zdassets.com
URL: http://static.zdassets.com/ekr/snippet.js?key=8a7a5e4a-e0c6-42d1-b67c-52d6622ac9e0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe24463504e3dd9e313848538f3cffe1dcb04fcd50f2b446c690aec554d6947

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Dec 2020 07:16:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1653746
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 86120E002DA9D202
x-amz-id-2: YXnASpXzy7U3iWZL0ZIe4jOUQ70OMH7RIeYgG3ssxCBqyoNpd6GLAvgn8e5QorEhdAK2/50WN/g=
last-modified: Wed, 09 Dec 2020 03:45:49 GMT
server: cloudflare
etag: W/"64d67bfca286493ba83366c7d77d37ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: VBSOWfwvDFkm3g5tWUtswynZM70AY5pZ
cf-request-id: 0749cddccf00009bd305bea000000001
cf-ray: 60897f414f839bd3-AMS
expires: Thu, 09 Dec 2021 03:45:48 GMT

GET
H2 200 web_widget~messenger.943ae64619f5da844a13.chunk.js Show response
static.zdassets.com/web_widget/latest/vendors~lazy/ Frame 4E1E 330 KB
66 KB 38ms
37ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/vendors~lazy/web_widget~messenger.943ae64619f5da844a13.chunk.js

Requested by

Host: static.zdassets.com
URL: http://static.zdassets.com/ekr/snippet.js?key=8a7a5e4a-e0c6-42d1-b67c-52d6622ac9e0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c0f7bef50fc44d58fa62a6226f0034a262b08c58f8b2311f86313f1f33ae0c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Dec 2020 07:16:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1219725
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: D8EC4D2C09B9C6F1
x-amz-id-2: SAiQ8l6P1VsqXjXf8ghMstaifpnD61vD1pVTOUK4kxkT/k/Y6qBpZPZZg1p0d9s9UH4kHUWN1Ao=
last-modified: Thu, 10 Dec 2020 04:33:25 GMT
server: cloudflare
etag: W/"ff4dbf334ee71fdae2c4b64f1d4db70f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: BdXiBkeN0ivevGsrxFMyvAXx2ioU5nsM
cf-request-id: 0749cddccf00009bd31e366000000001
cf-ray: 60897f414f849bd3-AMS
expires: Fri, 10 Dec 2021 04:33:24 GMT

GET
H2 200 talk-sdk.fced29ac845e4c42422b.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame 4E1E 68 KB
18 KB 93ms
92ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/talk-sdk.fced29ac845e4c42422b.chunk.js

Requested by

Host: static.zdassets.com
URL: http://static.zdassets.com/ekr/snippet.js?key=8a7a5e4a-e0c6-42d1-b67c-52d6622ac9e0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07c11651c7d7d1133b696cfb396b2d60b02bf481768ba5c7c27f0a7c3c93e1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Dec 2020 07:16:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1653746
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 8C6AA0A920CB7F8A
x-amz-id-2: CKjG9bj0QTt7TauOX4HhQnTfMNIQFLPs6fN9euFMIVZ19zQXlWn646AK9bhEJMdpceChKUfv4tw=
last-modified: Wed, 09 Dec 2020 03:45:47 GMT
server: cloudflare
etag: W/"e0d48bf92424d80462f91d1ec9e02fa3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: iEzunsM6HpC7h1X9GcalwRfmhpdvkfHO
cf-request-id: 0749cddcd100009bd305beb000000001
cf-ray: 60897f414f859bd3-AMS
expires: Thu, 09 Dec 2021 03:45:46 GMT

GET
H2 200 chat-sdk.ef57fe179f7fdba70997.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame 4E1E 257 KB
50 KB 60ms
59ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/chat-sdk.ef57fe179f7fdba70997.chunk.js

Requested by

Host: static.zdassets.com
URL: http://static.zdassets.com/ekr/snippet.js?key=8a7a5e4a-e0c6-42d1-b67c-52d6622ac9e0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cd2c4f7c32d76dfddf8850d4d93209e41914394cd46184978e5c4cec5986f3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Dec 2020 07:16:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1653746
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 85F7B0FA2630C3AF
x-amz-id-2: +a1chk4Af1vAt9uXfnQjh84yUPm0Ak4tGBNjsSdNSSrg1udVRoqABNM+E1aRtpmpxPakTpfz4p8=
last-modified: Wed, 09 Dec 2020 03:44:55 GMT
server: cloudflare
etag: W/"471486ebf305f761724c4a3d88d24c68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: tUzJzxwRIGBtH2yGLDY0ifhL7s6uFqT5
cf-request-id: 0749cddccf00009bd32b94f000000001
cf-ray: 60897f414f879bd3-AMS
expires: Thu, 09 Dec 2021 03:44:53 GMT

GET
H2 200 config Show response
g5cybersecurity.zendesk.com/embeddable/ 1009 B
1 KB 124ms
79ms XHR
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://g5cybersecurity.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: http://static.zdassets.com/ekr/snippet.js?key=8a7a5e4a-e0c6-42d1-b67c-52d6622ac9e0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5153c5ed8b210bdfe5f783f820e985b0ecb014b74780354a51f542786956308

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff

Request headers

Referer: http://b13481647cf775c5.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Dec 2020 07:16:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-7bc4f9d44d-j4bs8
access-control-allow-methods: GET
strict-transport-security: max-age=31536000;
vary: Origin, Accept-Encoding
cf-request-id: 0749cddd260000faa05423d000000001
x-request-id: 607e83c029ac0c85-DUB
x-runtime: 0.019478
server: cloudflare
etag: W/"e5153c5ed8b210bdfe5f783f820e985b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UAFmGx4jUmAaIEMXRMrulDhxdsxsWOCq7JwHeyi472epRuT7%2FE0l3x38%2BHsBH4XvIMJKuLu%2BR2fRLAoITUDqXM0IM4F%2BiXLTeHlWLxKykVKSeiv9ge5QEqd23Ys%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 60897f41dce9faa0-AMS

GET
H2 200 en-us-json.15692f2f120276004b07.chunk.js Show response
static.zdassets.com/web_widget/latest/locales/ Frame 4E1E 25 KB
5 KB 24ms
24ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/locales/en-us-json.15692f2f120276004b07.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.c2839d69e85022a84eed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e6a8ebb415b2e0f742a329be7950247d3a421ebaf9182826b6f6200fa272e8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Dec 2020 07:16:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2107053
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 1ED6D26C864D7022
x-amz-id-2: isvhE8RS8iSmQxPL60i3U8Xy1rSBLEt6HiKrfLU5tPR84e46II87TUgVAMde5XyzSvgDBIvY4So=
last-modified: Thu, 03 Dec 2020 05:35:47 GMT
server: cloudflare
etag: W/"92bf604e2109e764598caba6181d1b87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: fU6PbKFokFWY4fQI_leztNkNTO_uPXEo
cf-request-id: 0749cddd9b00009bd30d833000000001
cf-ray: 60897f42981c9bd3-AMS
expires: Fri, 03 Dec 2021 05:35:45 GMT

GET
H2 200 status Show response
g5cybersecurity.zendesk.com/talk_embeddables_service/web/ Frame 4E1E 103 B
760 B 57ms
57ms XHR
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://g5cybersecurity.zendesk.com/talk_embeddables_service/web/status?subdomain=g5cybersecurity&nickname=Support

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.ccbc82c9f877226a18ba.chunk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f29433c207001e2a24ec34e2c03dd13e00cd1f37d1cecf993327f3efdadd4de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Dec 2020 07:16:39 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SK3Oy%2Fuon3YDZZCS1CdIdag7ytvRqVrYeK5IH15TsrEuvkv%2BIPJwSY%2BcUe6v%2FIsIdCB88TkP5mP07saaR9ozvzXMfRe5pw1ZSeF8cEFbPpUaraL%2FpScNpfgCpgw%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains
cf-request-id: 0749cdde230000faa049992000000001
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"67-yATIH6Ik7DPDAQ49/mesDUR0Ox0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining: 499
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-ratelimit-reset: 1609139801
x-ratelimit-limit: 500
cf-ray: 60897f436f12faa0-AMS

GET
H2 200 embeddable_blip Show response
g5cybersecurity.zendesk.com/ Frame 4E1E 0
370 B 106ms
106ms XHR
text/html 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g5cybersecurity.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cDovL2IxMzQ4MTY0N2NmNzc1YzUuY29tLyIsInRpbWUiOjIwMCwibG9hZFRpbWUiOjM4LjQzNDk5NzIwMDk2NTg4LCJuYXZpZ2F0b3JMYW5ndWFnZSI6ImVuLVVTIiwicGFnZVRpdGxlIjoiRGF0YSBQcm90ZWN0aW9uICYgUHJpdmFjeSBUdXJrcyAmIENhaWNvcyBJc2xhbmRzIHwgYnkgRzUgQ3liZXIgU2VjdXJpdHksIEluYy4gKEc1Q1MpIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzgzLjAuNDEwMy42MSBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlLCJpc1Jlc3BvbnNpdmUiOnRydWUsInZpZXdwb3J0TWV0YSI6IndpZHRoPWRldmljZS13aWR0aCwgaW5pdGlhbC1zY2FsZT0xIiwiaGVscENlbnRlckRlZHVwIjpmYWxzZX0sImJ1aWQiOiIwNzZlZWE4NDYxMDEwY2E0YTMzMmQ3ZTg0Nzk5YTZmZCIsInN1aWQiOiJhOTgyMDBhOTM2NWRhMzhjNDQ5ODUxYTU4ZTRlM2MzMSIsInZlcnNpb24iOiI1ZGU4NjdjYjAiLCJ0aW1lc3RhbXAiOiIyMDIwLTEyLTI4VDA3OjE2OjM5LjYxMloiLCJ1cmwiOiJodHRwOi8vYjEzNDgxNjQ3Y2Y3NzVjNS5jb20vIn0%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.ccbc82c9f877226a18ba.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Dec 2020 07:16:39 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4MkT30q5OGAHzLpFGTETldKzz%2BYSHOXUXsTWDy94gSFYsRNIe9dnVfwpUVAL92Lk5uE8O%2F89v7Ekelk59Etyjv53F9wg5tls%2FQSorS3FgGVUx7lEVMBjjoJr8us%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: http://b13481647cf775c5.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 60897f439f5afaa0-AMS
cf-request-id: 0749cdde420000faa010950000000001

GET
H/1.1

200
OK

Cookie set /
g5cs-contact-form.paperform.co/ Frame 6A54
Redirect Chain

https://paperform.co/form/g5cs-contact-form?embed=1&takeover=0&inline=0&popup=1&_d=b13481647cf775c5.com&_in=1&_embed_id=1
https://g5cs-contact-form.paperform.co/?embed=1&takeover=0&inline=0&popup=1&_d=b13481647cf775c5.com&_in=1&_embed_id=1

0
0

528ms
317ms

Document
text/html

34.225.103.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://g5cs-contact-form.paperform.co/?embed=1&takeover=0&inline=0&popup=1&_d=b13481647cf775c5.com&_in=1&_embed_id=1
Requested by: Host: paperform.co
URL: http://paperform.co/__embed
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.225.103.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-103-4.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Host: g5cs-contact-form.paperform.co
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://b13481647cf775c5.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Mon, 28 Dec 2020 07:16:40 GMT
Set-Cookie: XSRF-TOKEN=eyJpdiI6IkNMKzJLMTVEclJza2tBWVJuSHVmb3c9PSIsInZhbHVlIjoiOUowRVppVkVTR3JWSTI5MGJLRUsrdytMR2dvYWxNKzgydzV6QUk2bDM2UHhkUkxuUVNSQURYeDhGOXA5WVAzUSIsIm1hYyI6ImE3ODFhZjA0OTQ1OTYxMWVmNjU4ZDg2MjBjY2FmNGRiNzQ5YjEyNzEzYmQ3N2QxMGU3YzYyMzE3NjY2YzYxZDcifQ%3D%3D; expires=Mon, 28-Dec-2020 07:46:40 GMT; Max-Age=1800; path=/; secure; samesite=none laravel_session=eyJpdiI6IitQSnpyTDcrUUs4QnBnZWpheEJBS0E9PSIsInZhbHVlIjoiM2w2dmN1QVhGSkxOUHFEV0xEdGFUZ1A5MUFPZzZCcGk3bCsrSFRiXC8yVlwvbWVsS2FtU1wvRU1RdkIwa3Zvb1ZEUiIsIm1hYyI6IjQxMzFlZTU0MTVmMGU2ODg5Y2Q0ODY3YjAwMWZmYzVkNDhkZjkwZmM0YmNlMDRkZTUzN2Y3MjFjZTlhNWMzYjMifQ%3D%3D; expires=Mon, 28-Dec-2020 07:46:40 GMT; Max-Age=1800; path=/; secure; httponly; samesite=none
Content-Encoding: gzip

Redirect headers

Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Mon, 28 Dec 2020 07:16:39 GMT
Location: https://g5cs-contact-form.paperform.co?embed=1&takeover=0&inline=0&popup=1&_d=b13481647cf775c5.com&_in=1&_embed_id=1
Set-Cookie: XSRF-TOKEN=eyJpdiI6Ik43SDBueFl3ZEJVUzdLR2hUYVZNREE9PSIsInZhbHVlIjoiZXRUMVRZZnZSRlRNSVhJRlFObnc4aTkrQ1REbkpNSFJYcm1DZmcrU3NhRlBzQkRXSjRiZ1RueUJzNHpDTENCaiIsIm1hYyI6IjRkMzg1NmNiOGNhYmE3YzllYjZmY2JlN2M2ZDBiYTYwNGUwZjNjZTI4MjU1NTUwYTEyNWJiNTcwNDBkZjI2NWEifQ%3D%3D; expires=Mon, 04-Jan-2021 07:16:39 GMT; Max-Age=604800; path=/; secure; samesite=none laravel_session=eyJpdiI6ImE1SW9GM01iS2NJcUN0U0wrSFdKQ1E9PSIsInZhbHVlIjoiZkhmaTJhUDRTeXd2cGNOV0VFdXF6aU1pUjgzS3RlTjhaTlpOREJRVmlJYXhXOUUyZ1k1MmZrTTBsVzVIT0tuVyIsIm1hYyI6IjI2MTg5MzUyM2FiNTEwZThjN2E3ZjZlY2IyNzhjNDA2OTM1MmZkNzg3YjFiOTRiZjViMzk1ZDg2MTMxZjJhNDEifQ%3D%3D; expires=Mon, 04-Jan-2021 07:16:39 GMT; Max-Age=604800; path=/; secure; httponly; samesite=none
Referrer-Policy: strict-origin-when-cross-origin

GET
H2 206 chat-incoming-message-notification.mp3
static.zdassets.com/web_widget/static/ Frame 4E1E 19 KB
20 KB 53ms
53ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/static/chat-incoming-message-notification.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 28 Dec 2020 07:16:40 GMT
cf-cache-status: DYNAMIC
x-amz-request-id: 5004E386AA1E25D6
x-amz-server-side-encryption: AES256
cf-ray: 60897f4719f49bd3-AMS
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: DPdtvv93Zvaa2ZLS3nwc4Oe4y8hiRWlUG686uVHl1+Cmfdp/CSjL9cSy1finlhTnZDh8WwPknDM=
last-modified: Tue, 12 Feb 2019 01:07:53 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
x-amz-version-id: 7QfN44DQ.h7tzqx9G_4CeAsccdu5t2pF
cache-control: public, max-age=31536000
cf-request-id: 0749cde06b00009bd30d84a000000001
accept-ranges: bytes
content-type: audio/mpeg; charset=utf-8
expires: Wed, 12 Feb 2020 01:07:52 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
b13481647cf775c5.com
counter.yadro.ru
ekr.zdassets.com
g5cs-contact-form.paperform.co
g5cybersecurity.zendesk.com
paperform.co
static.zdassets.com
104.16.53.111
104.18.70.113
185.162.9.62
2606:4700::6810:a823
3.225.142.136
34.225.103.4
88.212.201.198
0219140869024b6f2197cfa8f9bfffc345051c9c833d81470e8ab07d3831cec7
07c11651c7d7d1133b696cfb396b2d60b02bf481768ba5c7c27f0a7c3c93e1cc
0844dd2be72dfa5563d05c299812425c72d889c0098b97c37e40ae6eb823c1f5
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0dee80338fbc6424439878012a76a3ad62545b688626a7836948e546b4fad152
0e22880e6624fa39c5987e59652c9e6dfd3168491263ac4644cda717ba90094a
0e3c2173cb7db45b7de0b29372321ff217e0b523e348607f7a94669b13649a23
0e6a8ebb415b2e0f742a329be7950247d3a421ebaf9182826b6f6200fa272e8c
10362041d9448fde62cc38610cdbac7eecb18019ec5771c96dfe2e3d204b2434
15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81
18dc791d7a7576e220e535dde2a6521eb49cebf9ca2218633955324eb4762760
362fd6a9d759bd549cb1c3a0b63d27c0b03048fe22872cedf2408c84b5a822d1
3a16fd80d67008f1c947cf93ebb20e2af2ed1a6317e194d35ed15046076c4211
417fd76d90c5bc2b0b156e6cefa4daa77333b6fc2dbbd51de21878efd4c4d23e
46aba846f60ac79322b9b63959f937397e150ef3f74bc808cef91ec1bf064c6e
4c0f7bef50fc44d58fa62a6226f0034a262b08c58f8b2311f86313f1f33ae0c0
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
627004a6d9ba4f4b90ee6d18da6d4416de50c4f378cb6febc7838c658f08aac1
63709f8c3cbb640f3476eeca0379d3d1016f1d61f2b3e34e612c76d8b3486eb3
6404c2c4781c6da96a8b70311e6eec3e6c1b7ecde86787de1a60804550e65e28
6bb3c7179befbc00a3560fda9c8f79eb11276b694cc46bc0ec8524fda9e6c40c
6cd2c4f7c32d76dfddf8850d4d93209e41914394cd46184978e5c4cec5986f3d
77d221fb5a9f1e1dbfd1b9ae72b7348aee224a48c2d8714db6c971363b79d821
7852a22b72ead62cfc4a1b1ca32874b3e222f232a991a6d1432313572f534135
878bf8e00892b7fbc4585e85d56734285d288373bc439a646c8007247f7f604b
8fe24463504e3dd9e313848538f3cffe1dcb04fcd50f2b446c690aec554d6947
957f3a81d57b42875e7b2b3c033b1f86fc5fcc9a0c6b2416cef0ed0c8471c49a
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
a18d39f48477980161214c007a035a2d3be84a2979adaeb2ba088d9547b9a5ea
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2
b36400d09b5810e3aa454cb328dfa4d9afd1c5c8a60ee1761d905db28b1045b3
b49cf0af89499a71cd81d6919fbef36fe565c49f2435ab3cc2f7b6f170143737
bd1700e87438d82deaef042539820d44032e00fa6302674e453435c2ffe3c2d9
c1f5534ed276a1eaa57b106c7dadcc994a01efbc033513ea4f5435580d8c327e
c7c8f72481799e425b598a2e686a7b608ba0465532e3c0fba784f964f4486c9e
d5bc22540272af460362d5148a9417e2b944dd5cba734cba71963d6c499cd297
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5153c5ed8b210bdfe5f783f820e985b0ecb014b74780354a51f542786956308
e56678bc5c1e78c42472951955d1ac5561d4c5140d672b8d841179f8c542973c
e693536ccfbdb56280059564580789705ed0167a766a3bf349d96514b3122d4f
e7e603743f23fd971354cb90cf3b9c8dbfc37009ecce7ce0838d96fad8ec07e7
eb19aa9aed8ac0bf160e82435d45c776f521e6ce2cd79df22d307c52bcbb85a4
eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7
eda651ced389780f28f1218760584444909cbf8fb0d61f5dd5e74f3639c5aa76
eeb48105b03e248962b235fc277ce93ed87244e7014b4d8d6209b32777b91908
f29433c207001e2a24ec34e2c03dd13e00cd1f37d1cecf993327f3efdadd4de9
f7bb4ee0bfe611418d7928fbb33217bc07042230ca8f6677ca5c313ae97e9f9e
fa523f248a332cb89ae3ad8cf51d840153e0f96bcc2a4c8db736e02a340dab48
fbfa829162f30a941f8093b532ad4feb68ef45d0b960f86443c45d33f82af188
fe62b786330f75e7c93a3dc60e16a536cac8a5cb08ba5bc9941cd6be2eee2b2d

b13481647cf775c5.com Open in urlscan Pro 185.162.9.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

36 %HTTPS

14 %IPv6

6 Domains

8 Subdomains

7 IPs

3 Countries

2688 kBTransfer

4821 kBSize

0 Cookies

24 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

b13481647cf775c5.com Open in urlscan Pro
185.162.9.62 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

36 %
HTTPS

14 %
IPv6

6
Domains

8
Subdomains

7
IPs

3
Countries

2688 kB
Transfer

4821 kB
Size

0
Cookies

53 HTTP transactions
0 data transactions