work256.com Open in urlscan Pro
192.185.139.175 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://taxrefunddd.com/
Effective URL:
https://work256.com/refund/
Submission: On December 21 via api (December 21st 2020, 2:17:10 am UTC) from US

Summary HTTP 106 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 26 domains to perform 106 HTTP transactions. The main IP is 192.185.139.175, located in Houston, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is work256.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 7th 2020. Valid for: 3 months.

This is the only time work256.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	184.168.131.241 184.168.131.241	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1 41	192.185.139.175 192.185.139.175	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
14	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
3	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
5	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1 2	2606:4700::68... 2606:4700::6812:bce4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7e10	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700::68... 2606:4700::6811:d3cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
2	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
1	65.9.68.25 65.9.68.25	16509 (AMAZON-02) (AMAZON-02)
1	52.22.72.157 52.22.72.157	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	104.111.245.190 104.111.245.190	16625 (AKAMAI-AS) (AKAMAI-AS)
3	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:80ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:10e... 2a02:26f0:10e:28b::228b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	151.101.1.35 151.101.1.35	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5505	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.26.9.183 104.26.9.183	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::681a:88b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
106	27

1 184.168.131.241 (Scottsdale, United States) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-184-168-131-241.ip.secureserver.net

taxrefunddd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 192.185.139.175 (Houston, United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-185-139-175.unifiedlayer.com

work256.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bce4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

webforms.pipedrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7e10 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.eu-central-1.pipedriveassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

ps.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.65.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.68.25 (Seattle, United States)

ASN16509 (AMAZON-02, US)

www.gotomeet.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.72.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-72-157.compute-1.amazonaws.com

opsecurity.sharefile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.245.190 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-245-190.deploy.static.akamaitechnologies.com

chimpstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.228.123 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:80ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10e:28b::228b (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

gui.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5505 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.9.183 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

code.tidio.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:88b (United States)

ASN13335 (CLOUDFLARENET, US)

widget-v4.tidiochat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	work256.com 1 redirects work256.com	467 KB
22	wp.com c0.wp.com stats.wp.com i1.wp.com i2.wp.com i0.wp.com pixel.wp.com	157 KB
7	gstatic.com fonts.gstatic.com	92 KB
7	paypal.com www.paypal.com t.paypal.com	244 KB
3	tidiochat.com widget-v4.tidiochat.com	235 KB
3	paypalobjects.com www.paypalobjects.com	18 KB
2	hubspot.com forms.hubspot.com track.hubspot.com	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	addtoany.com static.addtoany.com	60 KB
2	w.org ps.w.org s.w.org	4 KB
2	pipedrive.com 1 redirects webforms.pipedrive.com	803 B
2	googletagmanager.com www.googletagmanager.com	38 KB
2	googleapis.com fonts.googleapis.com	12 KB
1	tidio.co 1 redirects code.tidio.co	649 B
1	hsforms.com forms.hsforms.com	588 B
1	secureserver.net gui.secureserver.net	1 KB
1	hscollectedforms.net js.hscollectedforms.net	25 KB
1	hs-banner.com js.hs-banner.com	13 KB
1	hs-analytics.net js.hs-analytics.net	18 KB
1	chimpstatic.com chimpstatic.com	580 B
1	sharefile.com opsecurity.sharefile.com
1	gotomeet.me www.gotomeet.me
1	hs-scripts.com js.hs-scripts.com	923 B
1	pipedriveassets.com cdn.eu-central-1.pipedriveassets.com	14 KB
1	taxrefunddd.com 1 redirects taxrefunddd.com	218 B
0	1040.com Failed www.1040.com Failed
106	26

	Domain	Requested by
41	work256.com	1 redirects work256.com c0.wp.com
14	c0.wp.com	work256.com
7	fonts.gstatic.com	fonts.googleapis.com
4	www.paypal.com	work256.com www.paypal.com
3	widget-v4.tidiochat.com	code.tidio.co
3	t.paypal.com	work256.com
3	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	static.addtoany.com	work256.com static.addtoany.com
2	webforms.pipedrive.com	1 redirects webforms.pipedrive.com
2	i2.wp.com	work256.com
2	i1.wp.com	work256.com
2	www.googletagmanager.com	work256.com
2	stats.wp.com	work256.com
2	fonts.googleapis.com	work256.com
1	track.hubspot.com
1	code.tidio.co	1 redirects
1	forms.hsforms.com	work256.com
1	forms.hubspot.com	js.hscollectedforms.net
1	gui.secureserver.net	c0.wp.com
1	pixel.wp.com	work256.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	s.w.org	work256.com
1	chimpstatic.com	work256.com
1	opsecurity.sharefile.com	work256.com
1	www.gotomeet.me	work256.com
1	i0.wp.com	work256.com
1	js.hs-scripts.com	work256.com
1	ps.w.org	work256.com
1	cdn.eu-central-1.pipedriveassets.com	work256.com
1	taxrefunddd.com	1 redirects
0	www.1040.com Failed	work256.com
106	34

This site contains links to these domains. Also see Links.

Domain
victory.securefilepro.com
www.taxfileportal.com
www.1040.com
1.envato.market
www.addtoany.com
wordpress.org
woocommerce.com

Subject Issuer	Validity	Valid
cpanel.work256.com Let's Encrypt Authority X3	`2020-11-07` - `2021-02-05`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
pipedriveassets.com Cloudflare Inc ECC CA-3	`2020-11-05` - `2021-11-04`	a year	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2019-12-19` - `2021-12-18`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-03-10` - `2022-03-15`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
gotomeet.me Amazon	`2020-11-10` - `2021-12-09`	a year	crt.sh
*.sharefile.com DigiCert SHA2 Secure Server CA	`2020-03-25` - `2021-03-30`	a year	crt.sh
wildcardsan.us15.list-manage.com DigiCert SHA2 Secure Server CA	`2019-11-21` - `2021-02-19`	a year	crt.sh
*.secureserver.net Starfield Secure Certificate Authority - G2	`2019-10-22` - `2021-10-22`	2 years	crt.sh
t.paypal.com DigiCert SHA2 High Assurance Server CA	`2020-07-15` - `2022-07-20`	2 years	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
pipedrive.com Cloudflare Inc ECC CA-3	`2020-11-05` - `2021-11-04`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://work256.com/refund/
Frame ID: 3F1680C353607EB98EC6840BF27CAABE
Requests: 104 HTTP requests in this frame

Frame: https://www.gotomeet.me/Pfunandre
Frame ID: E01FD5392401568D7309EF9F91B58982
Requests: 1 HTTP requests in this frame

Frame: https://opsecurity.sharefile.com/remoteupload/12cf0f54-9b10-4a42-b3b7-a91b97dc011d
Frame ID: 7A6B9B47E23F7BE1B2369C939623AFFA
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html?frameId=d2f5832b-9f95-47a4-a178-d8643a1e9300&propertyId=K8SKZ36LQBWXJ-1&flow=visitor-info&variant=analytics&mrid=K8SKZ36LQBWXJ&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info
Frame ID: 63CACC9B7C06826EC1B9359171E703D9
Requests: 1 HTTP requests in this frame

Frame: https://webforms.pipedrive.com/f/1HItfXX7clh3KNs2cVqX42CNZVaRhn0QPwDWkuafQhTkUGekGbF5BYZFxpkCkoAf1?embeded=1&uuid=id1g7hg
Frame ID: 62321C9A63EF45367B6C250A0FB2A515
Requests: 1 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com//1_47_0/static/js/widget.5256de5ea994e67b7927.js
Frame ID: 2AEE13151B5F62DD35D5182AB085C105
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://taxrefunddd.com/ HTTP 301
https://work256.com/refund HTTP 301
https://work256.com/refund/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /addtoany\.com\/menu\/page\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+sweetalert2(?:\.min)?\.css/i

Page Statistics

106
Requests

99 %
HTTPS

54 %
IPv6

26
Domains

34
Subdomains

27
IPs

4
Countries

1421 kB
Transfer

4189 kB
Size

12
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://victory.securefilepro.com/connect/#/login
Title: Files

Search URL Search Domain Scan URL

URL: http://www.taxfileportal.com/
Title: TaxFilePortal.com

Search URL Search Domain Scan URL

URL: https://www.1040.com/?did=66563

Search URL Search Domain Scan URL

URL: https://1.envato.market/Kd23v
Title: Pro version on CodeCanyon

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fwork256.com%2Frefund%2F&title=Tax%20Refund%20Direct%20Deposit
Title: Share

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: WordPress.org

Search URL Search Domain Scan URL

URL: https://woocommerce.com/
Title: Built with Storefront & WooCommerce

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://taxrefunddd.com/ HTTP 301
https://work256.com/refund HTTP 301
https://work256.com/refund/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://webforms.pipedrive.com/f/loader HTTP 303
https://cdn.eu-central-1.pipedriveassets.com/leadbooster-chat/assets/web-forms/loader.min.js

Request Chain 104

https://code.tidio.co/wluppbtzurz5cbru77skdxnwa4ue2s6l.js HTTP 302
https://widget-v4.tidiochat.com/1_47_0/static/js/render.5256de5ea994e67b7927.js

106 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
work256.com/refund/
Redirect Chain

http://taxrefunddd.com/
https://work256.com/refund
https://work256.com/refund/

82 KB
25 KB

1773ms
1772ms

Document
text/html

192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: f4307bd5002862ce8cc72ddb109919427d9cd07cb817b7f23686d47429ffdbd5

Request headers

:method: GET
:authority: work256.com
:scheme: https
:path: /refund/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: wp_woocommerce_session_aa7d1f5eba683155796d4c3941c31e63=f772960121cf7c0e245e659b9d5b35c6%7C%7C1608689809%7C%7C1608686209%7C%7C488637e79ae5722a72b71c588df3d2b6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:50 GMT
server: Apache
p3p: CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM"
link: <https://work256.com/wp-json/>; rel="https://api.w.org/", <https://work256.com/wp-json/wp/v2/pages/3379>; rel="alternate"; type="application/json", <https://work256.com/?p=3379>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8

Redirect headers

date: Mon, 21 Dec 2020 02:16:48 GMT
server: Apache
p3p: CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM"
x-redirect-by: WordPress
set-cookie: wp_woocommerce_session_aa7d1f5eba683155796d4c3941c31e63=f772960121cf7c0e245e659b9d5b35c6%7C%7C1608689809%7C%7C1608686209%7C%7C488637e79ae5722a72b71c588df3d2b6; expires=Wed, 23-Dec-2020 02:16:49 GMT; Max-Age=172800; path=/; secure; HttpOnly
location: https://work256.com/refund/
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 wpadverts-ci.css
work256.com/wp-content/plugins/wpadverts-category-icons//assets/css/ 119 B
194 B 149ms
144ms Stylesheet
text/css 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/plugins/wpadverts-category-icons//assets/css/wpadverts-ci.css?ver=1.0
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: 78153bce2b9e4b55412e45ddca07bdd1ddb65aa84a1c78a921f1e446cc533ad9

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:51 GMT
content-encoding: gzip
last-modified: Wed, 30 Sep 2020 12:50:58 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 105

GET
H2 200 sweetalert2.min.css
work256.com/wp-content/plugins/user-registration/assets/css/sweetalert2/ 24 KB
6 KB 150ms
145ms Stylesheet
text/css 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/plugins/user-registration/assets/css/sweetalert2/sweetalert2.min.css?ver=8.17.1
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: cdfa29aeb006e5008bc0466123b0d6628a915986956317637749841771e5f64d

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:51 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 16:10:05 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 5789

GET
H2 200 user-registration.css
work256.com/wp-content/plugins/user-registration/assets/css/ 37 KB
8 KB 222ms
217ms Stylesheet
text/css 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/plugins/user-registration/assets/css/user-registration.css?ver=1.9.2.1
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: a34e058248857d5f73437d8641981180a47d0e42b57655bbded89f8f55e33e7e

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:51 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 16:10:05 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 7662

GET
H2 200 my-account-layout.css
work256.com/wp-content/plugins/user-registration/assets/css/ 3 KB
750 B 221ms
216ms Stylesheet
text/css 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/plugins/user-registration/assets/css/my-account-layout.css?ver=1.9.2.1
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: 601a4e5e4b8d63e67b80e7f905a50dc1abafb3a99ad9d4d0ef930d5f5a7ab98d

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:51 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 16:10:05 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 718

GET
H2 200 dashicons.min.css
c0.wp.com/c/5.6/wp-includes/css/ 58 KB
34 KB 107ms
43ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.6/wp-includes/css/dashicons.min.css

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8273f0538929ede9599e3cfea8142a252a7d0cb6dbacb230bf188490dde79d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 21 Dec 2020 02:16:51 GMT
content-encoding: br
last-modified: Wed, 21 Oct 2020 13:16:07 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Tue, 21 Dec 2021 02:16:51 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.6/wp-includes/css/dist/block-library/ 50 KB
7 KB 107ms
44ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.6/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 21 Dec 2020 02:16:51 GMT
content-encoding: br
last-modified: Tue, 01 Dec 2020 12:21:40 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Tue, 21 Dec 2021 02:16:51 GMT

GET
H2 200 theme.min.css
c0.wp.com/c/5.6/wp-includes/css/dist/block-library/ 2 KB
699 B 107ms
44ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.6/wp-includes/css/dist/block-library/theme.min.css

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

83596846d160e44c98d8674d1f4b35be40646ec5ea30d9df136012028d354aa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 21 Dec 2020 02:16:51 GMT
content-encoding: br
last-modified: Tue, 13 Oct 2020 13:10:30 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Tue, 21 Dec 2021 02:16:51 GMT

GET
H2 200 vendors-style.css
c0.wp.com/p/woocommerce/4.8.0/packages/woocommerce-blocks/build/ 3 KB
942 B 107ms
44ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/4.8.0/packages/woocommerce-blocks/build/vendors-style.css

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

7c489dd2e13acb8940f20b68b9ae2225c53d71643b08609834043c174c4cedaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 21 Dec 2020 02:16:51 GMT
content-encoding: br
last-modified: Mon, 22 Jun 2020 20:23:35 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Tue, 21 Dec 2021 02:16:51 GMT

GET
H2 200 style.css
c0.wp.com/p/woocommerce/4.8.0/packages/woocommerce-blocks/build/ 164 KB
17 KB 118ms
55ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/4.8.0/packages/woocommerce-blocks/build/style.css

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1081cb728f0c8510b0cf73bf9135269e48f354b303d1acc0bfafbdf1ffb8b006

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 21 Dec 2020 02:16:51 GMT
content-encoding: br
last-modified: Wed, 25 Nov 2020 05:26:07 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Tue, 21 Dec 2021 02:16:51 GMT

GET
H2 200 gutenberg-blocks.css
work256.com/wp-content/themes/storefront/assets/css/base/ 42 KB
5 KB 152ms
147ms Stylesheet
text/css 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/themes/storefront/assets/css/base/gutenberg-blocks.css?ver=3.0.0
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: 1ecf7307b0ad6bb24d5500935b2de837b170b02b326cd06fcc8b1b977408b9c2

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:51 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 23:30:32 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 4810

GET
H2 200 store.min.css
work256.com/wp-content/plugins/reseller-store/assets/css/ 4 KB
1 KB 221ms
217ms Stylesheet
text/css 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/plugins/reseller-store/assets/css/store.min.css?ver=2.2.4
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: 60c041607295b3bf909c52838b3266d58a5c8bd33a2876dc978a9506c8859b95

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:51 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 04:10:06 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1355

GET
H2 200 wc-gateway-ppec-frontend.css
work256.com/wp-content/plugins/woocommerce-gateway-paypal-express-checkout/assets/css/ 2 KB
724 B 221ms
217ms Stylesheet
text/css 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/plugins/woocommerce-gateway-paypal-express-checkout/assets/css/wc-gateway-ppec-frontend.css?ver=2.1.1
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: aca3591e0e9d51a14fabb21aedaac7ccffc2ca824d62850ae6fafc21d53a2461

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:51 GMT
content-encoding: gzip
last-modified: Tue, 24 Nov 2020 04:10:10 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 669

GET
H2 200 pagestyle.css
work256.com/wp-content/plugins/zstore-manager-basic/css/ 2 KB
910 B 153ms
150ms Stylesheet
text/css 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/plugins/zstore-manager-basic/css/pagestyle.css?ver=5.6
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: 55b76eec653cf1d5863170c5b6e7f48a69132990adb3f32a102cc04ba56b6ebc

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:51 GMT
content-encoding: gzip
last-modified: Sat, 14 Nov 2020 21:03:06 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 855

GET
H2 200 style.css
work256.com/wp-content/themes/storefront/ 40 KB
12 KB 224ms
220ms Stylesheet
text/css 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/themes/storefront/style.css?ver=3.0.0
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: 5be58297f88740ded3e7d6143cd3f8a55a91194972dca105338188eed3022421

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:51 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 23:30:32 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 11854

GET
H2 200 icons.css
work256.com/wp-content/themes/storefront/assets/css/base/ 82 KB
17 KB 224ms
221ms Stylesheet
text/css 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/themes/storefront/assets/css/base/icons.css?ver=3.0.0
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: b74b12af9b42ee0eb8bb4afa63fccf016a7cadb62f62aedd440712c7e8557fb4

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:51 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 23:30:32 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 19ms
15ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.0.0

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b0fadb949b500febb9674eb031eeacf9fa08a3e8e0583cdadcc55f6054dce99b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Dec 2020 01:50:51 GMT
server: ESF
date: Mon, 21 Dec 2020 02:16:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Dec 2020 02:16:51 GMT

GET
H2 200 widgets.css
work256.com/wp-content/themes/storefront/assets/css/jetpack/ 221 B
190 B 268ms
265ms Stylesheet
text/css 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/themes/storefront/assets/css/jetpack/widgets.css?ver=3.0.0
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: 30a9e12d6d2864ecdb1f308cbbd4a63f38247ef88216697e38105c5995cbfc43

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:51 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 23:30:32 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 158

GET
H2 200 addtoany.min.css
work256.com/wp-content/plugins/add-to-any/ 1 KB
507 B 308ms
305ms Stylesheet
text/css 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: 20a84f304abfaf56bb829a84199344bca40bf7d4dba451e109a840cbdf728436

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:51 GMT
content-encoding: gzip
last-modified: Sun, 06 Sep 2020 22:44:25 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 475

GET
H2 200 woocommerce.css
work256.com/wp-content/themes/storefront/assets/css/woocommerce/ 59 KB
14 KB 268ms
265ms Stylesheet
text/css 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/themes/storefront/assets/css/woocommerce/woocommerce.css?ver=3.0.0
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: 0cfd4521bfc7feb0c6b7dac1ccdd4c6f370432be61ddd0a53aa15f9e9db65f21

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:51 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 23:30:32 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 13838

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/9.2.1/css/ 75 KB
13 KB 117ms
55ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.2.1/css/jetpack.css

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

7772a9cc35fc902c0cccb8871670ec3e45e4695e1bc6941aee1c24db3de8c544

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 21 Dec 2020 02:16:51 GMT
content-encoding: br
last-modified: Tue, 25 Aug 2020 15:45:57 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Tue, 21 Dec 2021 02:16:51 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/5.6/wp-includes/js/jquery/ 87 KB
30 KB 117ms
56ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.6/wp-includes/js/jquery/jquery.min.js

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 21 Dec 2020 02:16:51 GMT
content-encoding: br
last-modified: Wed, 07 Oct 2020 16:33:25 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Tue, 21 Dec 2021 02:16:51 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.6/wp-includes/js/jquery/ 11 KB
4 KB 117ms
56ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.6/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 21 Dec 2020 02:16:51 GMT
content-encoding: br
last-modified: Thu, 19 Nov 2020 09:31:13 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Tue, 21 Dec 2021 02:16:51 GMT

GET
H2 200 addtoany.min.js Show response
work256.com/wp-content/plugins/add-to-any/ 129 B
197 B 223ms
221ms Script
application/javascript 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:51 GMT
content-encoding: gzip
last-modified: Sun, 06 Sep 2020 22:44:25 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 126

GET
H2 200 gtm4wp-form-move-tracker.js Show response
work256.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 1 KB
390 B 224ms
221ms Script
application/javascript 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.11.6
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: bc71c403dc6113c8597e111a99d6a6a197dd2f2355402f8392ca4812dca57d3d

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:51 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 23:24:00 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 335

GET
H2 200 gtm4wp-woocommerce-classic.js Show response
work256.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 1 KB
449 B 267ms
265ms Script
application/javascript 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-woocommerce-classic.js?ver=1.11.6
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: a2e099c196ad7e3994f510a5f0a3ae4ac5491c6f338d39e929fb837cc68f7df1

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:51 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 23:24:00 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 417

GET
H2 200 s-202052.js Show response
stats.wp.com/ 16 KB
6 KB 36ms
31ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/s-202052.js
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 21b1c346a04696c68f33050088b8bbda850a1d9c015bd70df23d7bb34f6d0e1c

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams
date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: gzip
server: nginx
etag: W/"5e98e496-3ec1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Mon, 20 Dec 2021 20:39:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 37ms
32ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-177356856-1

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a9073fcb3fb7afb0d28fbf4f6edab054145fad44c81e12c1e864ecb963b85c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39021
x-xss-protection: 0
last-modified: Mon, 21 Dec 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 21 Dec 2020 02:16:52 GMT

GET
H2 200 cropped-cropped-Colors_cr-1.jpg
i1.wp.com/work256.com/wp-content/uploads/2020/09/ 14 KB
14 KB 98ms
33ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/work256.com/wp-content/uploads/2020/09/cropped-cropped-Colors_cr-1.jpg?w=529&ssl=1

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

f5b5756b4849e5c425daded52eb1178e1fada5c1a653342099bd9a12bb116673

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Mon, 21 Dec 2020 02:16:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Sep 2020 05:20:15 GMT
server: nginx
etag: "5cf1e782a84d638f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://work256.com/wp-content/uploads/2020/09/cropped-cropped-Colors_cr-1.jpg>; rel="canonical"
content-length: 14090
expires: Thu, 08 Sep 2022 17:20:15 GMT

GET
H2 200 wp-emoji-release.min.js Show response
work256.com/wp-includes/js/ 14 KB
5 KB 275ms
270ms Script
application/javascript 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: 3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: gzip
last-modified: Wed, 09 Dec 2020 00:10:28 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 4950

GET
H2 200 user-registration-smallscreen.css
work256.com/wp-content/plugins/user-registration/assets/css/ 732 B
331 B 235ms
232ms Stylesheet
text/css 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/plugins/user-registration/assets/css/user-registration-smallscreen.css?ver=1.9.2.1
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: 8ee5cc5d135a3c7f563d2752347400e122d13f2e2a6ad300d171d9dbbce69762

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 16:10:05 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 300

GET
H2 400 SquareBanner.jpg
i2.wp.com/www.1040.com/assets/affiliates/images/ 87 B
87 B 506ms
442ms Image
text/html 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.wp.com/www.1040.com/assets/affiliates/images/SquareBanner.jpg?w=980&ssl=1
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: i1.wp.com
Software: nginx /
Resource Hash: 3111667f131fe35172925ebef7026e7ce805f590d0998d027133523d7d1176d1

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: EXPIRED ams 4
date: Mon, 21 Dec 2020 02:16:52 GMT
server: nginx
content-type: text/html; charset=utf-8

GET
H2

200

loader.min.js Show response
cdn.eu-central-1.pipedriveassets.com/leadbooster-chat/assets/web-forms/
Redirect Chain

https://webforms.pipedrive.com/f/loader
https://cdn.eu-central-1.pipedriveassets.com/leadbooster-chat/assets/web-forms/loader.min.js

39 KB
14 KB

70ms
32ms

Script
application/javascript

2606:4700::6810:7e10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.eu-central-1.pipedriveassets.com/leadbooster-chat/assets/web-forms/loader.min.js

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7e10 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59829fd13cfdf01257b1db5d723cbd25e0a5ca539df711f0222480a7facd55fb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0, 1; mode=block

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 519942
x-dns-prefetch-control: off
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0, 1; mode=block
cf-request-id: 0724aee36b0000dfe3020f1000000001
referrer-policy: no-referrer
last-modified: Mon, 14 Dec 2020 09:27:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=0
strict-transport-security: max-age=31536000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cf-ray: 604e1a7f1af3dfe3-FRA

Redirect headers

date: Mon, 21 Dec 2020 02:16:52 GMT
x-correlation-id: 1eb3c8a5-4934-433f-bcdc-29386560375e
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
pdtrusted-wgw-real-user-ip: 2a01:4f8:192:5414::2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
x-download-options: noopen
location: https://cdn.eu-central-1.pipedriveassets.com/leadbooster-chat/assets/web-forms/loader.min.js
vary: Origin, Accept-Encoding
cache-control: no-cache
badi: Routing: eu-central-1=>eu-central-1; Version: a2cc; Host: bari;
cf-request-id: 0724aee281000005edc7b9e000000001
cf-ray: 604e1a7d9b0a05ed-FRA
access-control-expose-headers: X-RateLimit-Remaining, X-RateLimit-Limit, X-RateLimit-Reset

GET
H2 200 round_black.svg
work256.com/wp-content/plugins/mailpoet/assets/img/form_close_icon/ 1 KB
1 KB 272ms
268ms Image
image/svg+xml 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://work256.com/wp-content/plugins/mailpoet/assets/img/form_close_icon/round_black.svg?mailpoet_version=3.56.1
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: cab75276e4727e916c815562fda60534585e15f7d43c460f6b3bc26ce5573581

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
last-modified: Wed, 16 Dec 2020 16:09:58 GMT
server: Apache
accept-ranges: bytes
content-length: 1318
content-type: image/svg+xml

GET
H2 200 mailbox@3x.png
i2.wp.com/ps.w.org/mailpoet/assets/form-templates/template-4/ 1 KB
2 KB 91ms
27ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/ps.w.org/mailpoet/assets/form-templates/template-4/mailbox@3x.png?resize=95%2C90&ssl=1

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

24948233f47412d33ef98861271079f4401081ec1d3dad21474a14830a2465a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Mon, 21 Dec 2020 02:16:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 13 Oct 2020 17:18:46 GMT
server: nginx
etag: "ad81a428397f386c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://ps.w.org/mailpoet/assets/form-templates/template-4/mailbox@3x.png>; rel="canonical"
content-length: 1434
expires: Fri, 14 Oct 2022 05:18:46 GMT

GET SquareBanner.jpg
www.1040.com/assets/affiliates/images/ 0
0

GET
H2 200 mailbox@3x.png
ps.w.org/mailpoet/assets/form-templates/template-4/ 3 KB
3 KB 97ms
28ms Image
image/png 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ps.w.org/mailpoet/assets/form-templates/template-4/mailbox@3x.png

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

bfaab501be685332f20e1341156c5da89958599f8c7d15f22b5f24a62fef156f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 21 Dec 2020 02:16:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Oct 2020 13:36:45 GMT
server: nginx
etag: "2391689//mailpoet/assets/form-templates/template-4/mailbox@3x.png"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 3342

GET
H2 200 mailpoet-public.dd713c66.css
work256.com/wp-content/plugins/mailpoet/assets/dist/css/ 17 KB
3 KB 139ms
139ms Stylesheet
text/css 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/plugins/mailpoet/assets/dist/css/mailpoet-public.dd713c66.css?ver=5.6
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: e30ba0dcd75f0c43de9d0d9e90c22a7f2f89d264908895fdf87e1c54ae96999c

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: gzip
last-modified: Wed, 16 Dec 2020 16:09:58 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 3187

GET
H3-Q050 200 css
fonts.googleapis.com/ 198 KB
11 KB 50ms
29ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Abril+FatFace%3A400%2C400i%2C700%2C700i%7CAlegreya%3A400%2C400i%2C700%2C700i%7CAlegreya+Sans%3A400%2C400i%2C700%2C700i%7CAmatic+SC%3A400%2C400i%2C700%2C700i%7CAnonymous+Pro%3A400%2C400i%2C700%2C700i%7CArchitects+Daughter%3A400%2C400i%2C700%2C700i%7CArchivo%3A400%2C400i%2C700%2C700i%7CArchivo+Narrow%3A400%2C400i%2C700%2C700i%7CAsap%3A400%2C400i%2C700%2C700i%7CBarlow%3A400%2C400i%2C700%2C700i%7CBioRhyme%3A400%2C400i%2C700%2C700i%7CBonbon%3A400%2C400i%2C700%2C700i%7CCabin%3A400%2C400i%2C700%2C700i%7CCairo%3A400%2C400i%2C700%2C700i%7CCardo%3A400%2C400i%2C700%2C700i%7CChivo%3A400%2C400i%2C700%2C700i%7CConcert+One%3A400%2C400i%2C700%2C700i%7CCormorant%3A400%2C400i%2C700%2C700i%7CCrimson+Text%3A400%2C400i%2C700%2C700i%7CEczar%3A400%2C400i%2C700%2C700i%7CExo+2%3A400%2C400i%2C700%2C700i%7CFira+Sans%3A400%2C400i%2C700%2C700i%7CFjalla+One%3A400%2C400i%2C700%2C700i%7CFrank+Ruhl+Libre%3A400%2C400i%2C700%2C700i%7CGreat+Vibes%3A400%2C400i%2C700%2C700i%7CHeebo%3A400%2C400i%2C700%2C700i%7CIBM+Plex%3A400%2C400i%2C700%2C700i%7CInconsolata%3A400%2C400i%2C700%2C700i%7CIndie+Flower%3A400%2C400i%2C700%2C700i%7CInknut+Antiqua%3A400%2C400i%2C700%2C700i%7CInter%3A400%2C400i%2C700%2C700i%7CKarla%3A400%2C400i%2C700%2C700i%7CLibre+Baskerville%3A400%2C400i%2C700%2C700i%7CLibre+Franklin%3A400%2C400i%2C700%2C700i%7CMontserrat%3A400%2C400i%2C700%2C700i%7CNeuton%3A400%2C400i%2C700%2C700i%7CNotable%3A400%2C400i%2C700%2C700i%7CNothing+You+Could+Do%3A400%2C400i%2C700%2C700i%7CNoto+Sans%3A400%2C400i%2C700%2C700i%7CNunito%3A400%2C400i%2C700%2C700i%7COld+Standard+TT%3A400%2C400i%2C700%2C700i%7COxygen%3A400%2C400i%2C700%2C700i%7CPacifico%3A400%2C400i%2C700%2C700i%7CPoppins%3A400%2C400i%2C700%2C700i%7CProza+Libre%3A400%2C400i%2C700%2C700i%7CPT+Sans%3A400%2C400i%2C700%2C700i%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CRakkas%3A400%2C400i%2C700%2C700i%7CReenie+Beanie%3A400%2C400i%2C700%2C700i%7CRoboto+Slab%3A400%2C400i%2C700%2C700i%7CRopa+Sans%3A400%2C400i%2C700%2C700i%7CRubik%3A400%2C400i%2C700%2C700i%7CShadows+Into+Light%3A400%2C400i%2C700%2C700i%7CSpace+Mono%3A400%2C400i%2C700%2C700i%7CSpectral%3A400%2C400i%2C700%2C700i%7CSue+Ellen+Francisco%3A400%2C400i%2C700%2C700i%7CTitillium+Web%3A400%2C400i%2C700%2C700i%7CUbuntu%3A400%2C400i%2C700%2C700i%7CVarela%3A400%2C400i%2C700%2C700i%7CVollkorn%3A400%2C400i%2C700%2C700i%7CWork+Sans%3A400%2C400i%2C700%2C700i%7CYatra+One%3A400%2C400i%2C700%2C700i&ver=5.6

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dbe19688be3e5dd357362a92f3a74202624a385dd0c842452103005c53edb91d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Dec 2020 02:14:14 GMT
server: ESF
date: Mon, 21 Dec 2020 02:16:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Dec 2020 02:16:52 GMT

GET
H2 200 wpadverts-frontend.css
work256.com/wp-content/plugins/wpadverts/assets/css/ 59 KB
16 KB 153ms
144ms Stylesheet
text/css 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/plugins/wpadverts/assets/css/wpadverts-frontend.css?ver=1.4.2
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: ad48937f49a6720466de15b4b0889bee88681f6aae2b4a3c0cfdc560687bd975

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: gzip
last-modified: Mon, 14 Dec 2020 16:10:07 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 15731

GET
H2 200 wpadverts-glyphs.css
work256.com/wp-content/plugins/wpadverts/assets/css/ 45 KB
8 KB 148ms
140ms Stylesheet
text/css 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/plugins/wpadverts/assets/css/wpadverts-glyphs.css?ver=4.7.2
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: 5f988e7dc18e61145c363b18496f07749ec9226f0d946f2e7469e3dec8b6bbc1

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: gzip
last-modified: Mon, 14 Dec 2020 16:10:07 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 8203

GET
H2 200 photon.min.js Show response
c0.wp.com/p/jetpack/9.2.1/_inc/build/photon/ 758 B
468 B 37ms
28ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.2.1/_inc/build/photon/photon.min.js

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: br
last-modified: Tue, 31 Mar 2020 17:26:38 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Tue, 21 Dec 2021 02:16:52 GMT

GET
H2 200 jquery.adrotate.clicktracker.js Show response
work256.com/wp-content/plugins/adrotate/library/ 365 B
322 B 146ms
138ms Script
application/javascript 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: 65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: gzip
last-modified: Tue, 24 Nov 2020 04:10:09 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 267

GET
H2 200 8876507.js Show response
js.hs-scripts.com/ 1 KB
923 B 148ms
128ms Script
application/javascript 2606:4700::6811:d3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/8876507.js?integration=WordPress
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff413137600f38d84cba2a19da1bb22ec53e468f050bba2da6827e2e67478042

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-trace: 2BDB1C238546DDF3EEE3AE6C619B5CCA977D2A3783000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://work256.com
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 604e1a7daa322ba1-FRA
cf-request-id: 0724aee28d00002ba196b3c000000001
expires: Mon, 21 Dec 2020 02:17:52 GMT

GET
H2 200 js-cookie.min.js Show response
work256.com/wp-content/plugins/reseller-store/assets/js/ 2 KB
928 B 148ms
140ms Script
application/javascript 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/plugins/reseller-store/assets/js/js-cookie.min.js?ver=2.1.3
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: 9d7fa20785fb8f6ccc3c7796c13287ca13df78cd93b832b245337f9001a841bb

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 04:10:06 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 896

GET
H2 200 store.min.js Show response
work256.com/wp-content/plugins/reseller-store/assets/js/ 5 KB
2 KB 146ms
138ms Script
application/javascript 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/plugins/reseller-store/assets/js/store.min.js?ver=2.2.4
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: d6c1958dcfcd24dabf04651be98106e1539086cb041d1a5338c32f1e81641b66

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 04:10:06 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1817

GET
H2 200 domain-search.min.js Show response
work256.com/wp-content/plugins/reseller-store/assets/js/ 157 KB
63 KB 158ms
151ms Script
application/javascript 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/plugins/reseller-store/assets/js/domain-search.min.js?ver=2.2.4
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: df7b38a698cd0873a344c9f8a3b635d3967e6eb5179b1caa553d54cded28a2c5

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 04:10:06 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery.blockUI.min.js Show response
c0.wp.com/p/woocommerce/4.8.0/assets/js/jquery-blockui/ 9 KB
3 KB 36ms
29ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/4.8.0/assets/js/jquery-blockui/jquery.blockUI.min.js

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

120aaf6681ca6d34a40c559779f0a0038582a79fce1b868ff901c94d27c89c72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: br
last-modified: Wed, 23 May 2018 15:30:10 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Tue, 21 Dec 2021 02:16:52 GMT

GET
H2 200 add-to-cart.min.js Show response
c0.wp.com/p/woocommerce/4.8.0/assets/js/frontend/ 3 KB
1023 B 37ms
29ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/4.8.0/assets/js/frontend/add-to-cart.min.js

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: br
last-modified: Tue, 22 Sep 2020 21:16:49 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Tue, 21 Dec 2021 02:16:52 GMT

GET
H2 200 woocommerce.min.js Show response
c0.wp.com/p/woocommerce/4.8.0/assets/js/frontend/ 2 KB
695 B 37ms
30ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/4.8.0/assets/js/frontend/woocommerce.min.js

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

946e3771efeabcf9a23d88089ce6ef6cb94531e36775004483fd8e237275dc29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: br
last-modified: Mon, 22 Jun 2020 20:23:35 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Tue, 21 Dec 2021 02:16:52 GMT

GET
H2 200 cart-fragments.min.js Show response
c0.wp.com/p/woocommerce/4.8.0/assets/js/frontend/ 3 KB
986 B 37ms
30ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/woocommerce/4.8.0/assets/js/frontend/cart-fragments.min.js

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9c7c023f91428234ca0ea4df1199758686f4dcd04da96ba63571788fb3389c0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: br
last-modified: Tue, 17 Nov 2020 20:33:35 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Tue, 21 Dec 2021 02:16:52 GMT

GET
H2 200 zStoredisplay.js Show response
work256.com/wp-content/plugins/zstore-manager-basic/js/ 1 KB
403 B 150ms
143ms Script
application/javascript 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/plugins/zstore-manager-basic/js/zStoredisplay.js?ver=5.6
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: ec6b17986e18647f04e79a1d11342d7f471787911936053bee50c8f18c99869e

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: gzip
last-modified: Sat, 14 Nov 2020 21:03:06 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 371

GET
H2 200 mailchimp-woocommerce-public.min.js Show response
work256.com/wp-content/plugins/mailchimp-for-woocommerce/public/js/ 6 KB
2 KB 151ms
144ms Script
application/javascript 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.5.0
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: 00a390bc76c4ac07d5f6520c4bb2133bb493108ead46dff42286d7bd2af96ffb

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 04:10:05 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2264

GET
H2 200 navigation.min.js Show response
work256.com/wp-content/themes/storefront/assets/js/ 3 KB
1 KB 150ms
143ms Script
application/javascript 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/themes/storefront/assets/js/navigation.min.js?ver=3.0.0
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: 28f9893fe7545d88fb4df65466abc22c0414efdc45581acd799a8ced6b87b0e2

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 23:30:32 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1026

GET
H2 200 skip-link-focus-fix.min.js Show response
work256.com/wp-content/themes/storefront/assets/js/ 447 B
291 B 150ms
143ms Script
application/javascript 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/themes/storefront/assets/js/skip-link-focus-fix.min.js?ver=20130115
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: 298deb58ba18876cc734ca2ab7a03665fd8f2080d2606759a9e174ea6a27e9a7

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 23:30:32 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 259

GET
H2 200 pep.min.js Show response
work256.com/wp-content/themes/storefront/assets/js/vendor/ 18 KB
6 KB 275ms
269ms Script
application/javascript 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/themes/storefront/assets/js/vendor/pep.min.js?ver=0.4.3
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: d952e41a5ec72320f1e8660af9dc65a2a043467bc5a8d57b69422e740cc0b8b9

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 23:30:32 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 6525

GET
H2 200 header-cart.min.js Show response
work256.com/wp-content/themes/storefront/assets/js/woocommerce/ 531 B
339 B 275ms
269ms Script
application/javascript 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/themes/storefront/assets/js/woocommerce/header-cart.min.js?ver=3.0.0
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: 2875bdd16c004407f9f3190e3983384de61a9f37bf360600c963853a1595d56a

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 23:30:32 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 307

GET
H2 200 footer.min.js Show response
work256.com/wp-content/themes/storefront/assets/js/ 745 B
413 B 239ms
232ms Script
application/javascript 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/themes/storefront/assets/js/footer.min.js?ver=3.0.0
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: 1cec602b4a6c5b65bf7951b61b97a00dc2fb654e31144002e91f66d2004f9086

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 23:30:32 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 381

GET
H2 200 ai.js Show response
work256.com/wp-content/plugins/advanced-iframe/js/ 75 KB
22 KB 276ms
270ms Script
application/javascript 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/plugins/advanced-iframe/js/ai.js?ver=1
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: da7103236e3745597f1329ea19158d51ff3b1a02a1a8224e6f94c99c5f53818f

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: gzip
last-modified: Thu, 12 Nov 2020 16:10:01 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 wp-embed.min.js Show response
c0.wp.com/c/5.6/wp-includes/js/ 1 KB
721 B 36ms
30ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.6/wp-includes/js/wp-embed.min.js

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: br
last-modified: Sat, 26 Oct 2019 00:17:07 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Tue, 21 Dec 2021 02:16:52 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ 774 KB
236 KB 145ms
44ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AQbghYd-7mRPyimEriYScIgTnYUsLnr5wVnPnmfPaSzwKrUe3qNzfEc5hXr9Ucf_JG_HFAZpJMJYXMuk&intent=capture&locale=en_US&components=buttons,funding-eligibility,messages&commit=false&currency=USD

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

12ae0b344c428f27cba554aa0554ba1e72cee317fc50c406965ffa7439b8cd3c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-8LzFrJhXmjJFVYF8wUOsrN+cbgvrmPIsN5r1jzSnjX/W2J+4' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-8LzFrJhXmjJFVYF8wUOsrN+cbgvrmPIsN5r1jzSnjX/W2J+4' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-8LzFrJhXmjJFVYF8wUOsrN+cbgvrmPIsN5r1jzSnjX/W2J+4' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-8LzFrJhXmjJFVYF8wUOsrN+cbgvrmPIsN5r1jzSnjX/W2J+4' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 10992
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT
p3p: true
paypal-debug-id: e0706cbbca738
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 240846
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7383-LHR, cache-cph20634-CPH
x-timer: S1608517012.195659,VS0,VE26
x-frame-options: SAMEORIGIN
date: Mon, 21 Dec 2020 02:16:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 21 Dec 2020 02:02:57 GMT
cache-control: max-age=10800
etag: W/"3acce-NG8ipYlUfRS9m8KbzcU5pqCpO3o"
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 wc-gateway-ppec-smart-payment-buttons.js Show response
work256.com/wp-content/plugins/woocommerce-gateway-paypal-express-checkout/assets/js/ 10 KB
4 KB 274ms
269ms Script
application/javascript 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/plugins/woocommerce-gateway-paypal-express-checkout/assets/js/wc-gateway-ppec-smart-payment-buttons.js?ver=2.1.1
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: 43c164fa291cf51838ce3dbe62dfbc32fd8c803bd5603a24e09401ca62ac6455

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: gzip
last-modified: Tue, 24 Nov 2020 04:10:10 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3879

GET
H2 200 public.27bd06f0.js Show response
work256.com/wp-content/plugins/mailpoet/assets/dist/js/ 114 KB
38 KB 278ms
272ms Script
application/javascript 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/plugins/mailpoet/assets/dist/js/public.27bd06f0.js?ver=3.56.1
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: 93bc776744e62a4ad1590b6171a80bdbb7b550fa550bd9015b6ab94db5173ce3

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: gzip
last-modified: Wed, 16 Dec 2020 16:09:58 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 e-202052.js Show response
stats.wp.com/ 9 KB
3 KB 29ms
27ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202052.js
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams
date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Mon, 20 Dec 2021 07:08:51 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 82 KB
27 KB 29ms
14ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bbd49454237351594bd41e1a6194677be17eccc8ebce4eb60045e7d51ebcabc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 172727
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0724aee2ae00004a9ee7b51000000001
last-modified: Thu, 08 Oct 2020 23:55:07 GMT
server: cloudflare
etag: W/"146c7-5b1318fce2e58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 604e1a7de8d24a9e-FRA
cf-bgj: minify

GET
H3-Q050 404 gtm.js
www.googletagmanager.com/ 0
0 42ms
28ms Script
text/html 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtm.js?id=GTM-T8H5VDR
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://work256.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.0.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 21:51:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:14 GMT
server: sffe
age: 275101
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13324
x-xss-protection: 0
expires: Fri, 17 Dec 2021 21:51:51 GMT

GET
H2 200 fa-solid-900.woff2
work256.com/wp-content/themes/storefront/assets/fonts/ 78 KB
78 KB 225ms
224ms Font
font/woff2 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/themes/storefront/assets/fonts/fa-solid-900.woff2
Requested by: Host: work256.com
URL: https://work256.com/wp-content/themes/storefront/assets/css/base/icons.css?ver=3.0.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: 7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

Origin: https://work256.com
Referer: https://work256.com/wp-content/themes/storefront/assets/css/base/icons.css?ver=3.0.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
last-modified: Tue, 15 Dec 2020 23:30:32 GMT
server: Apache
accept-ranges: bytes
content-length: 79444
content-type: font/woff2

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 13 KB
13 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://work256.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.0.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Dec 2020 21:05:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:16 GMT
server: sffe
age: 277860
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13108
x-xss-protection: 0
expires: Fri, 17 Dec 2021 21:05:52 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu3cOWxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ec7f22119da3493aedefd66ffd30f0aaf4cf4aee42d8254638bcca5971c3568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://work256.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.0.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 18:42:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:08 GMT
server: sffe
age: 372868
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13224
x-xss-protection: 0
expires: Thu, 16 Dec 2021 18:42:24 GMT

GET
H2 200 1k4THd-e1548419706592.jpg
i0.wp.com/work256.com/wp-content/uploads/2020/09/ 8 KB
8 KB 33ms
32ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/work256.com/wp-content/uploads/2020/09/1k4THd-e1548419706592.jpg?w=324&ssl=1

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

f539fecdc3c34c7562a9117ac135ef6151b2a4f295365039ebe3aa52f083b8c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Mon, 21 Dec 2020 02:16:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Oct 2020 06:36:36 GMT
server: nginx
etag: "663d4419200cc5e4"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://work256.com/wp-content/uploads/2020/09/1k4THd-e1548419706592.jpg>; rel="canonical"
content-length: 8246
expires: Sat, 22 Oct 2022 18:36:36 GMT

GET
H2 200 Pfunandre
www.gotomeet.me/ Frame E01F 0
0 488ms
405ms Document
text/html 65.9.68.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gotomeet.me/Pfunandre

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.68.25 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';base-uri 'self';script-src 'self' cdn.mxpnl.com/libs/mixpanel-2-latest.min.js unpkg.com/ua-parser-js@0.7.21/dist/ua-parser.min.js;style-src 'self' 'unsafe-inline' weblibrary.cdn.getgo.com/togo/6.3.4/ cdnjs.cloudflare.com/ajax/libs/font-awesome/ maxcdn.bootstrapcdn.com/font-awesome/4.5.0/;font-src 'self' weblibrary.cdn.getgo.com/togo/6.3.4/ cdnjs.cloudflare.com/ajax/libs/font-awesome/ maxcdn.bootstrapcdn.com/font-awesome/4.5.0/;img-src 'self' cdn.gotomeet.at/images/ www.filepicker.io/api/file/ https://avatars.servers.getgo.com/ d1ho4l1jd34cw6.cloudfront.net/api/file/;connect-src api.mixpanel.com/decide/ api.mixpanel.com/track/ api-js.mixpanel.com/decide/ api-js.mixpanel.com/track/ lb0-telemetry-ed.dev.citrixsaassbe.net/reportEvent lb0-telemetry-rc.dev.citrixsaassbe.net/reportEvent telemetrystage.servers.getgo.com/reportEvent telemetry.servers.getgo.com/reportEvent;report-uri /_internal/csp_report
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.gotomeet.me
:scheme: https
:path: /Pfunandre
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://work256.com/refund/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://work256.com/refund/

Response headers

content-type: text/html;charset=UTF-8
date: Mon, 21 Dec 2020 02:16:52 GMT
x-uuid-header: 2300074283483108352
content-security-policy: default-src 'none';base-uri 'self';script-src 'self' cdn.mxpnl.com/libs/mixpanel-2-latest.min.js unpkg.com/ua-parser-js@0.7.21/dist/ua-parser.min.js;style-src 'self' 'unsafe-inline' weblibrary.cdn.getgo.com/togo/6.3.4/ cdnjs.cloudflare.com/ajax/libs/font-awesome/ maxcdn.bootstrapcdn.com/font-awesome/4.5.0/;font-src 'self' weblibrary.cdn.getgo.com/togo/6.3.4/ cdnjs.cloudflare.com/ajax/libs/font-awesome/ maxcdn.bootstrapcdn.com/font-awesome/4.5.0/;img-src 'self' cdn.gotomeet.at/images/ www.filepicker.io/api/file/ https://avatars.servers.getgo.com/ d1ho4l1jd34cw6.cloudfront.net/api/file/;connect-src api.mixpanel.com/decide/ api.mixpanel.com/track/ api-js.mixpanel.com/decide/ api-js.mixpanel.com/track/ lb0-telemetry-ed.dev.citrixsaassbe.net/reportEvent lb0-telemetry-rc.dev.citrixsaassbe.net/reportEvent telemetrystage.servers.getgo.com/reportEvent telemetry.servers.getgo.com/reportEvent;report-uri /_internal/csp_report
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=30
content-language: en-US
x-cache: Miss from cloudfront
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: q4jDPH1S7cYnIVON6oGOFGM9zjwsjl_xD5Ix2c-0yPr-fBA-ipB7EA==

GET
H2 200 12cf0f54-9b10-4a42-b3b7-a91b97dc011d
opsecurity.sharefile.com/remoteupload/ Frame 7A6B 0
0 1048ms
813ms Document
text/html 52.22.72.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://opsecurity.sharefile.com/remoteupload/12cf0f54-9b10-4a42-b3b7-a91b97dc011d

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.22.72.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-72-157.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-PtOgbCK4r3skMpW1MspcXg==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors *; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: opsecurity.sharefile.com
:scheme: https
:path: /remoteupload/12cf0f54-9b10-4a42-b3b7-a91b97dc011d
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://work256.com/refund/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://work256.com/refund/

Response headers

cache-control: private,no-cache, no-store, must-revalidate
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: 0
vary: Accept-Encoding
citrix-transactionid: 97a88154-1632-4fbd-ba51-c92010e9f4d7
set-cookie: ASP.NET_SessionId=akl5ejjijrynt52gkzffy3ou; path=/; secure; HttpOnly SFWEB_SRVNAME=i-0d42e10b36166046e; path=/
content-security-policy: style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-PtOgbCK4r3skMpW1MspcXg==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors *; report-uri /api/cspviolation
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
date: Mon, 21 Dec 2020 02:16:53 GMT
content-length: 1320
x-sf-server: web_new_ssl/i-0d42e10b36166046e_us-east-1c
strict-transport-security: max-age=16000000; includeSubDomains; preload;

GET
H2 200 cropped-Colors_cr-1.jpg
i1.wp.com/work256.com/wp-content/uploads/2020/09/ 10 KB
11 KB 40ms
40ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/work256.com/wp-content/uploads/2020/09/cropped-Colors_cr-1.jpg?zoom=2&resize=324%2C300&ssl=1

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

c1c4b40dfd6eac3531dfdb23d4a77b057a3878a195917fb3a80ea8d79c4ea939

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Mon, 21 Dec 2020 02:16:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 02:29:57 GMT
server: nginx
etag: "f1ae0506432e496e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://work256.com/wp-content/uploads/2020/09/cropped-Colors_cr-1.jpg>; rel="canonical"
content-length: 10682
expires: Sat, 10 Sep 2022 14:29:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-177356856-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 719
date: Mon, 21 Dec 2020 02:04:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Mon, 21 Dec 2020 04:04:53 GMT

GET
H/1.1 200
OK 8df3d324f88c5a037968cb754.js Show response
chimpstatic.com/mcjs-connected/js/users/d9984a4bf69b4101c40951d42/ 50 B
580 B 504ms
438ms Script
application/javascript 104.111.245.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://chimpstatic.com/mcjs-connected/js/users/d9984a4bf69b4101c40951d42/8df3d324f88c5a037968cb754.js
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.245.190 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-245-190.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency: 104
Date: Mon, 21 Dec 2020 02:16:52 GMT
Last-Modified: Sun, 06 Sep 2020 11:35:50 GMT
Server: AmazonS3
x-amz-request-id: 3AADC5CA9316031F
X-EdgeConnect-MidMile-RTT: 0
ETag: "104d46a3208b40e8ded389332f5a78a3"
Content-Type: application/javascript
Cache-Control: max-age=1764
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50
x-amz-id-2: 4T7lC49QmzGXew49Hn82NMPxjwM3SzKbuKjvplldiT0qyR569VRtAfp5C6TKNlDVr2bK7qTRKZ0=
Expires: Mon, 21 Dec 2020 02:46:16 GMT

GET
H2 200 ramp-experiment-ssr.json Show response
www.paypalobjects.com/upstream/assets/messaging/modal/ 508 B
764 B 110ms
43ms XHR
application/json 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/upstream/assets/messaging/modal/ramp-experiment-ssr.json

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQbghYd-7mRPyimEriYScIgTnYUsLnr5wVnPnmfPaSzwKrUe3qNzfEc5hXr9Ucf_JG_HFAZpJMJYXMuk&intent=capture&locale=en_US&components=buttons,funding-eligibility,messages&commit=false&currency=USD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

8a1468a198f22ea86634a22c3962668b4a7d3d305e277a0383e594ad9f582bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: e9bd56a12dc89
dc: phx-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 413
last-modified: Mon, 19 Oct 2020 20:23:04 GMT
etag: W/"5f8df5a8-1fc"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3600
access-control-allow-headers: x-csrf-token
expires: Mon, 21 Dec 2020 03:16:52 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 14 KB
5 KB 21ms
21ms Script
application/x-javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=work256.com&t=xo&v=5.0.187&source=payments_sdk&client_id=AQbghYd-7mRPyimEriYScIgTnYUsLnr5wVnPnmfPaSzwKrUe3qNzfEc5hXr9Ucf_JG_HFAZpJMJYXMuk&comp=buttons,funding-eligibility,messages&vault=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0747447844f68f1a4a8be812ba74a8627e66164aa23572b4d9cf42003486edd3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-1ry5XdWtK2I7tu2R9HKEvGkW++v5r92EkgvGZoURuoduFR3/' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline'; form-action 'self' https://.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-1ry5XdWtK2I7tu2R9HKEvGkW++v5r92EkgvGZoURuoduFR3/' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 31150
x-cache: HIT, HIT
paypal-debug-id: 7f3ef434a42a3
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4890
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7345-LHR, cache-cph20634-CPH
x-timer: S1608517012.481520,VS0,VE2
x-frame-options: SAMEORIGIN
date: Mon, 21 Dec 2020 02:16:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
etag: W/"3722-/JnGHAA34rn/NH8e2BRvCq9yCyc"
accept-ranges: bytes
x-cache-hits: 1, 1

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d3295ce01d228de6f1f8d97dcfc7a5b4ba3550985f62ffd21bad2c9b1f67eca

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c84e1ed197438fffecc2c6fbe3e7e4fd8f060af2236f3a50e2e16c891c82cf16

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1f44b.svg
s.w.org/images/core/emoji/13.0.1/svg/ 2 KB
921 B 29ms
28ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/13.0.1/svg/1f44b.svg

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

1c8231e24838de4ad2d966d5cb48563a2a6e540a15848d337fa3c466d0730775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Oct 2020 16:13:30 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 wpadverts-glyphs.woff2
work256.com/wp-content/plugins/wpadverts/assets/font/ 120 KB
121 KB 140ms
139ms Font
font/woff2 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://work256.com/wp-content/plugins/wpadverts/assets/font/wpadverts-glyphs.woff2?55810574
Requested by: Host: work256.com
URL: https://work256.com/wp-content/plugins/wpadverts/assets/css/wpadverts-glyphs.css?ver=4.7.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-139-175.unifiedlayer.com
Software: Apache /
Resource Hash: 335250340a375c4edb7dac3dfb9a5cc42df33c0aa30a561a84b1dbb25d9773b8

Request headers

Origin: https://work256.com
Referer: https://work256.com/wp-content/plugins/wpadverts/assets/css/wpadverts-glyphs.css?ver=4.7.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
last-modified: Mon, 14 Dec 2020 16:10:07 GMT
server: Apache
accept-ranges: bytes
content-length: 122932
content-type: font/woff2

GET
H3-Q050 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
14 KB 33ms
20ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Abril+FatFace%3A400%2C400i%2C700%2C700i%7CAlegreya%3A400%2C400i%2C700%2C700i%7CAlegreya+Sans%3A400%2C400i%2C700%2C700i%7CAmatic+SC%3A400%2C400i%2C700%2C700i%7CAnonymous+Pro%3A400%2C400i%2C700%2C700i%7CArchitects+Daughter%3A400%2C400i%2C700%2C700i%7CArchivo%3A400%2C400i%2C700%2C700i%7CArchivo+Narrow%3A400%2C400i%2C700%2C700i%7CAsap%3A400%2C400i%2C700%2C700i%7CBarlow%3A400%2C400i%2C700%2C700i%7CBioRhyme%3A400%2C400i%2C700%2C700i%7CBonbon%3A400%2C400i%2C700%2C700i%7CCabin%3A400%2C400i%2C700%2C700i%7CCairo%3A400%2C400i%2C700%2C700i%7CCardo%3A400%2C400i%2C700%2C700i%7CChivo%3A400%2C400i%2C700%2C700i%7CConcert+One%3A400%2C400i%2C700%2C700i%7CCormorant%3A400%2C400i%2C700%2C700i%7CCrimson+Text%3A400%2C400i%2C700%2C700i%7CEczar%3A400%2C400i%2C700%2C700i%7CExo+2%3A400%2C400i%2C700%2C700i%7CFira+Sans%3A400%2C400i%2C700%2C700i%7CFjalla+One%3A400%2C400i%2C700%2C700i%7CFrank+Ruhl+Libre%3A400%2C400i%2C700%2C700i%7CGreat+Vibes%3A400%2C400i%2C700%2C700i%7CHeebo%3A400%2C400i%2C700%2C700i%7CIBM+Plex%3A400%2C400i%2C700%2C700i%7CInconsolata%3A400%2C400i%2C700%2C700i%7CIndie+Flower%3A400%2C400i%2C700%2C700i%7CInknut+Antiqua%3A400%2C400i%2C700%2C700i%7CInter%3A400%2C400i%2C700%2C700i%7CKarla%3A400%2C400i%2C700%2C700i%7CLibre+Baskerville%3A400%2C400i%2C700%2C700i%7CLibre+Franklin%3A400%2C400i%2C700%2C700i%7CMontserrat%3A400%2C400i%2C700%2C700i%7CNeuton%3A400%2C400i%2C700%2C700i%7CNotable%3A400%2C400i%2C700%2C700i%7CNothing+You+Could+Do%3A400%2C400i%2C700%2C700i%7CNoto+Sans%3A400%2C400i%2C700%2C700i%7CNunito%3A400%2C400i%2C700%2C700i%7COld+Standard+TT%3A400%2C400i%2C700%2C700i%7COxygen%3A400%2C400i%2C700%2C700i%7CPacifico%3A400%2C400i%2C700%2C700i%7CPoppins%3A400%2C400i%2C700%2C700i%7CProza+Libre%3A400%2C400i%2C700%2C700i%7CPT+Sans%3A400%2C400i%2C700%2C700i%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CRakkas%3A400%2C400i%2C700%2C700i%7CReenie+Beanie%3A400%2C400i%2C700%2C700i%7CRoboto+Slab%3A400%2C400i%2C700%2C700i%7CRopa+Sans%3A400%2C400i%2C700%2C700i%7CRubik%3A400%2C400i%2C700%2C700i%7CShadows+Into+Light%3A400%2C400i%2C700%2C700i%7CSpace+Mono%3A400%2C400i%2C700%2C700i%7CSpectral%3A400%2C400i%2C700%2C700i%7CSue+Ellen+Francisco%3A400%2C400i%2C700%2C700i%7CTitillium+Web%3A400%2C400i%2C700%2C700i%7CUbuntu%3A400%2C400i%2C700%2C700i%7CVarela%3A400%2C400i%2C700%2C700i%7CVollkorn%3A400%2C400i%2C700%2C700i%7CWork+Sans%3A400%2C400i%2C700%2C700i%7CYatra+One%3A400%2C400i%2C700%2C700i&ver=5.6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://work256.com
Referer: https://fonts.googleapis.com/css?family=Abril+FatFace%3A400%2C400i%2C700%2C700i%7CAlegreya%3A400%2C400i%2C700%2C700i%7CAlegreya+Sans%3A400%2C400i%2C700%2C700i%7CAmatic+SC%3A400%2C400i%2C700%2C700i%7CAnonymous+Pro%3A400%2C400i%2C700%2C700i%7CArchitects+Daughter%3A400%2C400i%2C700%2C700i%7CArchivo%3A400%2C400i%2C700%2C700i%7CArchivo+Narrow%3A400%2C400i%2C700%2C700i%7CAsap%3A400%2C400i%2C700%2C700i%7CBarlow%3A400%2C400i%2C700%2C700i%7CBioRhyme%3A400%2C400i%2C700%2C700i%7CBonbon%3A400%2C400i%2C700%2C700i%7CCabin%3A400%2C400i%2C700%2C700i%7CCairo%3A400%2C400i%2C700%2C700i%7CCardo%3A400%2C400i%2C700%2C700i%7CChivo%3A400%2C400i%2C700%2C700i%7CConcert+One%3A400%2C400i%2C700%2C700i%7CCormorant%3A400%2C400i%2C700%2C700i%7CCrimson+Text%3A400%2C400i%2C700%2C700i%7CEczar%3A400%2C400i%2C700%2C700i%7CExo+2%3A400%2C400i%2C700%2C700i%7CFira+Sans%3A400%2C400i%2C700%2C700i%7CFjalla+One%3A400%2C400i%2C700%2C700i%7CFrank+Ruhl+Libre%3A400%2C400i%2C700%2C700i%7CGreat+Vibes%3A400%2C400i%2C700%2C700i%7CHeebo%3A400%2C400i%2C700%2C700i%7CIBM+Plex%3A400%2C400i%2C700%2C700i%7CInconsolata%3A400%2C400i%2C700%2C700i%7CIndie+Flower%3A400%2C400i%2C700%2C700i%7CInknut+Antiqua%3A400%2C400i%2C700%2C700i%7CInter%3A400%2C400i%2C700%2C700i%7CKarla%3A400%2C400i%2C700%2C700i%7CLibre+Baskerville%3A400%2C400i%2C700%2C700i%7CLibre+Franklin%3A400%2C400i%2C700%2C700i%7CMontserrat%3A400%2C400i%2C700%2C700i%7CNeuton%3A400%2C400i%2C700%2C700i%7CNotable%3A400%2C400i%2C700%2C700i%7CNothing+You+Could+Do%3A400%2C400i%2C700%2C700i%7CNoto+Sans%3A400%2C400i%2C700%2C700i%7CNunito%3A400%2C400i%2C700%2C700i%7COld+Standard+TT%3A400%2C400i%2C700%2C700i%7COxygen%3A400%2C400i%2C700%2C700i%7CPacifico%3A400%2C400i%2C700%2C700i%7CPoppins%3A400%2C400i%2C700%2C700i%7CProza+Libre%3A400%2C400i%2C700%2C700i%7CPT+Sans%3A400%2C400i%2C700%2C700i%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CRakkas%3A400%2C400i%2C700%2C700i%7CReenie+Beanie%3A400%2C400i%2C700%2C700i%7CRoboto+Slab%3A400%2C400i%2C700%2C700i%7CRopa+Sans%3A400%2C400i%2C700%2C700i%7CRubik%3A400%2C400i%2C700%2C700i%7CShadows+Into+Light%3A400%2C400i%2C700%2C700i%7CSpace+Mono%3A400%2C400i%2C700%2C700i%7CSpectral%3A400%2C400i%2C700%2C700i%7CSue+Ellen+Francisco%3A400%2C400i%2C700%2C700i%7CTitillium+Web%3A400%2C400i%2C700%2C700i%7CUbuntu%3A400%2C400i%2C700%2C700i%7CVarela%3A400%2C400i%2C700%2C700i%7CVollkorn%3A400%2C400i%2C700%2C700i%7CWork+Sans%3A400%2C400i%2C700%2C700i%7CYatra+One%3A400%2C400i%2C700%2C700i&ver=5.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Dec 2020 04:27:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 251334
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Sat, 18 Dec 2021 04:27:58 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 34ms
20ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://work256.com
Referer: https://fonts.googleapis.com/css?family=Abril+FatFace%3A400%2C400i%2C700%2C700i%7CAlegreya%3A400%2C400i%2C700%2C700i%7CAlegreya+Sans%3A400%2C400i%2C700%2C700i%7CAmatic+SC%3A400%2C400i%2C700%2C700i%7CAnonymous+Pro%3A400%2C400i%2C700%2C700i%7CArchitects+Daughter%3A400%2C400i%2C700%2C700i%7CArchivo%3A400%2C400i%2C700%2C700i%7CArchivo+Narrow%3A400%2C400i%2C700%2C700i%7CAsap%3A400%2C400i%2C700%2C700i%7CBarlow%3A400%2C400i%2C700%2C700i%7CBioRhyme%3A400%2C400i%2C700%2C700i%7CBonbon%3A400%2C400i%2C700%2C700i%7CCabin%3A400%2C400i%2C700%2C700i%7CCairo%3A400%2C400i%2C700%2C700i%7CCardo%3A400%2C400i%2C700%2C700i%7CChivo%3A400%2C400i%2C700%2C700i%7CConcert+One%3A400%2C400i%2C700%2C700i%7CCormorant%3A400%2C400i%2C700%2C700i%7CCrimson+Text%3A400%2C400i%2C700%2C700i%7CEczar%3A400%2C400i%2C700%2C700i%7CExo+2%3A400%2C400i%2C700%2C700i%7CFira+Sans%3A400%2C400i%2C700%2C700i%7CFjalla+One%3A400%2C400i%2C700%2C700i%7CFrank+Ruhl+Libre%3A400%2C400i%2C700%2C700i%7CGreat+Vibes%3A400%2C400i%2C700%2C700i%7CHeebo%3A400%2C400i%2C700%2C700i%7CIBM+Plex%3A400%2C400i%2C700%2C700i%7CInconsolata%3A400%2C400i%2C700%2C700i%7CIndie+Flower%3A400%2C400i%2C700%2C700i%7CInknut+Antiqua%3A400%2C400i%2C700%2C700i%7CInter%3A400%2C400i%2C700%2C700i%7CKarla%3A400%2C400i%2C700%2C700i%7CLibre+Baskerville%3A400%2C400i%2C700%2C700i%7CLibre+Franklin%3A400%2C400i%2C700%2C700i%7CMontserrat%3A400%2C400i%2C700%2C700i%7CNeuton%3A400%2C400i%2C700%2C700i%7CNotable%3A400%2C400i%2C700%2C700i%7CNothing+You+Could+Do%3A400%2C400i%2C700%2C700i%7CNoto+Sans%3A400%2C400i%2C700%2C700i%7CNunito%3A400%2C400i%2C700%2C700i%7COld+Standard+TT%3A400%2C400i%2C700%2C700i%7COxygen%3A400%2C400i%2C700%2C700i%7CPacifico%3A400%2C400i%2C700%2C700i%7CPoppins%3A400%2C400i%2C700%2C700i%7CProza+Libre%3A400%2C400i%2C700%2C700i%7CPT+Sans%3A400%2C400i%2C700%2C700i%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CRakkas%3A400%2C400i%2C700%2C700i%7CReenie+Beanie%3A400%2C400i%2C700%2C700i%7CRoboto+Slab%3A400%2C400i%2C700%2C700i%7CRopa+Sans%3A400%2C400i%2C700%2C700i%7CRubik%3A400%2C400i%2C700%2C700i%7CShadows+Into+Light%3A400%2C400i%2C700%2C700i%7CSpace+Mono%3A400%2C400i%2C700%2C700i%7CSpectral%3A400%2C400i%2C700%2C700i%7CSue+Ellen+Francisco%3A400%2C400i%2C700%2C700i%7CTitillium+Web%3A400%2C400i%2C700%2C700i%7CUbuntu%3A400%2C400i%2C700%2C700i%7CVarela%3A400%2C400i%2C700%2C700i%7CVollkorn%3A400%2C400i%2C700%2C700i%7CWork+Sans%3A400%2C400i%2C700%2C700i%7CYatra+One%3A400%2C400i%2C700%2C700i&ver=5.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 22:46:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:15 GMT
server: sffe
age: 531023
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
expires: Tue, 14 Dec 2021 22:46:29 GMT

GET
H3-Q050 200 6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDJB9cme.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 12 KB
12 KB 34ms
21ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDJB9cme.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.0.0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cc2c8a7bd96173ee2a862c122630ab8d45ad0676ad2ad60fc55307763782230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://work256.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A400%2C300%2C300italic%2C400italic%2C600%2C700%2C900&subset=latin%2Clatin-ext&ver=3.0.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 16:51:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:03 GMT
server: sffe
age: 465939
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12656
x-xss-protection: 0
expires: Wed, 15 Dec 2021 16:51:13 GMT

GET
H2 200 8876507.js Show response
js.hs-analytics.net/analytics/1608516900000/ 60 KB
18 KB 165ms
148ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1608516900000/8876507.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8876507.js?integration=WordPress
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4146ddb6ee3cfda8c626a3084c7f352456cf1a09c9f6dd603059ea8ab5fbd2e

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 9105A43D90365DBB
x-amz-server-side-encryption: AES256
cf-ray: 604e1a80ec304a9e-FRA
x-amz-id-2: iu/F+EKm3FQsr2TDTw1xIc9U+QRRH7vVh08vIFWAXB/q/7g6b4JmhrmfJ9zt9ZE4IFFX+WQJMlY=
last-modified: Mon, 14 Dec 2020 22:59:29 GMT
server: cloudflare
etag: W/"4dfb567d26325aad5e52f1e69f5cd232"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-request-id: 0724aee49000004a9ee29c9000000001
content-type: text/javascript
expires: Mon, 21 Dec 2020 02:21:52 GMT

GET
H2 200 8876507.js Show response
js.hs-banner.com/ 51 KB
13 KB 64ms
47ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/8876507.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8876507.js?integration=WordPress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 086aadaddf085cecdf970a45f3779a278e39969ad9d27823aa91bf418a4e3cab

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=5Gh9Cg==, md5=v5RqRBCVIYWBNAW4I03LZQ==
date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABg5-Uwid42JJPsOVhTQapuRiiCLOJOojc9vZu6wtrS8eX4Tr8RLx5l6H6nDHtakYCL3NT_sc44qW5PgTo5FzTCH5WQRHDxmzw
x-goog-storage-class: STANDARD
access-control-max-age: 604800
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript; charset=UTF-8
cf-request-id: 0724aee49000003248b98ab000000001
timing-allow-origin: *
last-modified: Thu, 10 Dec 2020 01:22:24 GMT
server: cloudflare
etag: W/"bf946a4410952185813405b8234dcb65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation: 1607563344224807
access-control-allow-origin: https://work256.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
x-goog-stored-content-length: 52660
cf-ray: 604e1a80e9583248-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 21 Dec 2020 02:21:52 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 87 KB
25 KB 36ms
16ms Script
application/javascript 2606:4700::6811:80ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/8876507.js?integration=WordPress
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:80ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad9e4318a5ffb02d153a7275ddc2a55a896e412e4c95e0cb48365b4c99501413

Request headers

Origin: https://work256.com
Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
via: 1.1 7ba3a61255419c2e0d9e131796899e10.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 62046
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.206/bundles/project.js&cfRay=60482fb24efd05c8-IAD
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 0724aee49300002b4d52828000000001
cf-ray: 604e1a80efd12b4d-FRA
last-modified: Wed, 18 Nov 2020 03:17:23 UTC
server: cloudflare
etag: W/"8009c15ab0ddd537e87c8961e3793907"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: vK9VzhfTTqVFyznSA1saY0pwTd8plNRY
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-C3
content-type: application/javascript; charset=utf-8
x-amz-cf-id: Q3kIjbv66hP5A-4HgTzQwA8fW48LeAJAtW8Mb88UCrfoVInG-ObdrQ==

GET
H2 200 g.gif
pixel.wp.com/ 50 B
92 B 29ms
28ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.2.1&blog=182495716&post=3379&tz=-5&srv=work256.com&host=work256.com&ref=&fcp=4380&rand=0.6021512814909835
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 icons.29.svg.js Show response
static.addtoany.com/menu/svg/ 78 KB
33 KB 16ms
16ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.29.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3710976
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0724aee48200004a9edb1df000000001
last-modified: Mon, 31 Dec 2018 23:29:11 GMT
server: cloudflare
etag: W/"13937-57e59c7b88bd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=315360000, immutable
cf-ray: 604e1a80cc164a9e-FRA
cf-bgj: minify

GET
H/1.1 200
OK / Show response
gui.secureserver.net/pcjson/standardheaderfooter/ 399 B
1 KB 372ms
329ms Script
text/javascript 2a02:26f0:10e:28b::228b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://gui.secureserver.net/pcjson/standardheaderfooter/?plid=559319&callback=jQuery351048015800132362574_1608517012077&plid=559319&_=1608517012078
Requested by: Host: c0.wp.com
URL: https://c0.wp.com/c/5.6/wp-includes/js/jquery/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:10e:28b::228b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ARR/2.5
Resource Hash: c60f3fd6876821d7146ffaadb96789c3fe88c20d8fa4b56c622950841fa862d3

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 21 Dec 2020 02:16:52 GMT
X-AspNet-Version: 4.0.30319
X-Powered-By: ARR/2.5
P3P: policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR OUR IND", policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND"
Connection: keep-alive
Content-Length: 399
Pragma: no-cache
Server: Microsoft-IIS/8.5
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers: x-requested-with, content-type, accept, origin, authorization, x-csrftoken
Expires: -1

POST
H2 200 / Show response
work256.com/ 704 B
631 B 1316ms
1316ms XHR
application/json 192.185.139.175
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://work256.com/?wc-ajax=get_refreshed_fragments

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/c/5.6/wp-includes/js/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.139.175 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

192-185-139-175.unifiedlayer.com

Software

Apache /

Resource Hash

3363cf277c784a7f33863038a2a2479b24762a2f8ce61cd0b1618ba394678fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://work256.com/refund/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
p3p: CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM"
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://work256.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 326
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
384 B 45ms
13ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=2025456243&t=pageview&_s=1&dl=https%3A%2F%2Fwork256.com%2Frefund%2F&ul=en-us&de=UTF-8&dt=Tax%20Refund%20Direct%20Deposit%20-%20C%20%26%20J%20Tax%20Service%20-%20616-622-3537&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=715309693&gjid=74470317&cid=955654474.1608517013&tid=UA-177356856-1&_gid=1660563620.1608517013&_r=1&did=dZTNiMT&gtm=2oubu0&z=1060034477

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Dec 2020 02:16:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://work256.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 JTUQjIg1_i6t8kCHKm459WxRyS7m0dR9pA.woff2
fonts.gstatic.com/s/montserrat/v15/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUQjIg1_i6t8kCHKm459WxRyS7m0dR9pA.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff4eb7e4df6e09b7fba76e1957f3fc0f703496a13d23a5a245bb2709810b0c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://work256.com
Referer: https://fonts.googleapis.com/css?family=Abril+FatFace%3A400%2C400i%2C700%2C700i%7CAlegreya%3A400%2C400i%2C700%2C700i%7CAlegreya+Sans%3A400%2C400i%2C700%2C700i%7CAmatic+SC%3A400%2C400i%2C700%2C700i%7CAnonymous+Pro%3A400%2C400i%2C700%2C700i%7CArchitects+Daughter%3A400%2C400i%2C700%2C700i%7CArchivo%3A400%2C400i%2C700%2C700i%7CArchivo+Narrow%3A400%2C400i%2C700%2C700i%7CAsap%3A400%2C400i%2C700%2C700i%7CBarlow%3A400%2C400i%2C700%2C700i%7CBioRhyme%3A400%2C400i%2C700%2C700i%7CBonbon%3A400%2C400i%2C700%2C700i%7CCabin%3A400%2C400i%2C700%2C700i%7CCairo%3A400%2C400i%2C700%2C700i%7CCardo%3A400%2C400i%2C700%2C700i%7CChivo%3A400%2C400i%2C700%2C700i%7CConcert+One%3A400%2C400i%2C700%2C700i%7CCormorant%3A400%2C400i%2C700%2C700i%7CCrimson+Text%3A400%2C400i%2C700%2C700i%7CEczar%3A400%2C400i%2C700%2C700i%7CExo+2%3A400%2C400i%2C700%2C700i%7CFira+Sans%3A400%2C400i%2C700%2C700i%7CFjalla+One%3A400%2C400i%2C700%2C700i%7CFrank+Ruhl+Libre%3A400%2C400i%2C700%2C700i%7CGreat+Vibes%3A400%2C400i%2C700%2C700i%7CHeebo%3A400%2C400i%2C700%2C700i%7CIBM+Plex%3A400%2C400i%2C700%2C700i%7CInconsolata%3A400%2C400i%2C700%2C700i%7CIndie+Flower%3A400%2C400i%2C700%2C700i%7CInknut+Antiqua%3A400%2C400i%2C700%2C700i%7CInter%3A400%2C400i%2C700%2C700i%7CKarla%3A400%2C400i%2C700%2C700i%7CLibre+Baskerville%3A400%2C400i%2C700%2C700i%7CLibre+Franklin%3A400%2C400i%2C700%2C700i%7CMontserrat%3A400%2C400i%2C700%2C700i%7CNeuton%3A400%2C400i%2C700%2C700i%7CNotable%3A400%2C400i%2C700%2C700i%7CNothing+You+Could+Do%3A400%2C400i%2C700%2C700i%7CNoto+Sans%3A400%2C400i%2C700%2C700i%7CNunito%3A400%2C400i%2C700%2C700i%7COld+Standard+TT%3A400%2C400i%2C700%2C700i%7COxygen%3A400%2C400i%2C700%2C700i%7CPacifico%3A400%2C400i%2C700%2C700i%7CPoppins%3A400%2C400i%2C700%2C700i%7CProza+Libre%3A400%2C400i%2C700%2C700i%7CPT+Sans%3A400%2C400i%2C700%2C700i%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CRakkas%3A400%2C400i%2C700%2C700i%7CReenie+Beanie%3A400%2C400i%2C700%2C700i%7CRoboto+Slab%3A400%2C400i%2C700%2C700i%7CRopa+Sans%3A400%2C400i%2C700%2C700i%7CRubik%3A400%2C400i%2C700%2C700i%7CShadows+Into+Light%3A400%2C400i%2C700%2C700i%7CSpace+Mono%3A400%2C400i%2C700%2C700i%7CSpectral%3A400%2C400i%2C700%2C700i%7CSue+Ellen+Francisco%3A400%2C400i%2C700%2C700i%7CTitillium+Web%3A400%2C400i%2C700%2C700i%7CUbuntu%3A400%2C400i%2C700%2C700i%7CVarela%3A400%2C400i%2C700%2C700i%7CVollkorn%3A400%2C400i%2C700%2C700i%7CWork+Sans%3A400%2C400i%2C700%2C700i%7CYatra+One%3A400%2C400i%2C700%2C700i&ver=5.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Dec 2020 04:33:33 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:11 GMT
server: sffe
age: 250999
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14024
x-xss-protection: 0
expires: Sat, 18 Dec 2021 04:33:33 GMT

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 66 KB
18 KB 102ms
39ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=work256.com&t=xo&v=5.0.187&source=payments_sdk&client_id=AQbghYd-7mRPyimEriYScIgTnYUsLnr5wVnPnmfPaSzwKrUe3qNzfEc5hXr9Ucf_JG_HFAZpJMJYXMuk&comp=buttons,funding-eligibility,messages&vault=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

c9dc1e8b49eb87c548ec7d2cac255a9500e596cd06735084e70b7c74d87f1bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Oct 2020 22:15:18 GMT
etag: "5f7654f6-10830"
vary: Accept-Encoding
content-type: application/javascript
paypal-debug-id: 93e84017eab97
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=31536000
accept-ranges: bytes
dc: ccg11-origin-www-2.paypal.com
content-length: 17728
expires: Mon, 21 Dec 2020 02:16:52 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
681 B 224ms
179ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AK8SKZ36LQBWXJ-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AK8SKZ36LQBWXJ-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=57130996-b207-4f78-b523-7f745cf439ff&fltp=analytics&mrid=K8SKZ36LQBWXJ&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Tax%20Refund%20Direct%20Deposit%20-%20C%20%26%20J%20Tax%20Service%20-%20616-622-3537&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1608517012680&g=-60&completeurl=https%3A%2F%2Fwork256.com%2Frefund%2F
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Dec 2020 02:16:52 GMT
via: 1.1 varnish, 1.1 varnish
server: akka-http/10.1.11
x-timer: S1608517013.735604,VS0,VE161
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
expires: Mon, 21 Dec 2020 02:16:52 GMT
cache-control: no-cache, no-store, max-age=0, no-transform
x-cache-hits: 0, 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-lhr7382-LHR, cache-cph20635-CPH

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
708 B 133ms
117ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=8876507&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

beae7e1b1039d55005740894dccb11f37f912f6bd29081b11ef3cd74d73223a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0724aee4ff00002c4e9ea00000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://work256.com
access-control-allow-credentials: false
cf-ray: 604e1a819de52c4e-FRA
access-control-allow-headers: *

GET
H2 200 index.html
www.paypalobjects.com/muse/analytics/ Frame 63CA 0
0 33ms
33ms Document
text/html 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html?frameId=d2f5832b-9f95-47a4-a178-d8643a1e9300&propertyId=K8SKZ36LQBWXJ-1&flow=visitor-info&variant=analytics&mrid=K8SKZ36LQBWXJ&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.paypalobjects.com
:scheme: https
:path: /muse/analytics/index.html?frameId=d2f5832b-9f95-47a4-a178-d8643a1e9300&propertyId=K8SKZ36LQBWXJ-1&flow=visitor-info&variant=analytics&mrid=K8SKZ36LQBWXJ&isMobileEnabled=true&isDesktopEnabled=true&shouldCheckCountry=true&mobileVariant=analytics&mobileFlow=visitor-info
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://work256.com/refund/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://work256.com/refund/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "5f7654f5-474a4"
last-modified: Thu, 01 Oct 2020 22:15:17 GMT
paypal-debug-id: 3006e15f8e6c3
dc: ccg11-origin-www-2.paypal.com
content-encoding: gzip
content-length: 89663
expires: Mon, 21 Dec 2020 02:16:52 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 21 Dec 2020 02:16:52 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
588 B 120ms
104ms Image
image/gif 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=4

Requested by

Host: work256.com
URL: https://work256.com/refund/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:52 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-trace: 2B01923B2AC8CB5552DB42EB6BD8C018579DAB3B5F000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 604e1a827e672bc2-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
cf-request-id: 0724aee58700002bc2ae3a8000000001

GET
H2 200 ts
t.paypal.com/ 42 B
501 B 184ms
184ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AK8SKZ36LQBWXJ-1&page=muse%3Aoffer%3A%3A%3AK8SKZ36LQBWXJ-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=57130996-b207-4f78-b523-7f745cf439ff&es=visitorInfoFlowStarted&mrid=K8SKZ36LQBWXJ&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Tax%20Refund%20Direct%20Deposit%20-%20C%20%26%20J%20Tax%20Service%20-%20616-622-3537&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1608517013013&g=-60&completeurl=https%3A%2F%2Fwork256.com%2Frefund%2F
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Dec 2020 02:16:53 GMT
via: 1.1 varnish, 1.1 varnish
server: akka-http/10.1.11
x-timer: S1608517013.025048,VS0,VE161
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
http_x_pp_az_locator: slca.slc
expires: Mon, 21 Dec 2020 02:16:53 GMT
cache-control: no-cache, no-store, max-age=0, no-transform
x-cache-hits: 0, 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-lhr7337-LHR, cache-cph20635-CPH

GET
H2 200 ts
t.paypal.com/ 42 B
135 B 179ms
179ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AK8SKZ36LQBWXJ-1&page=muse%3Aoffer%3A%3A%3AK8SKZ36LQBWXJ-1%3A%3AvisitorInfo%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=57130996-b207-4f78-b523-7f745cf439ff&es=visitorInfo&mrid=K8SKZ36LQBWXJ&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Tax%20Refund%20Direct%20Deposit%20-%20C%20%26%20J%20Tax%20Service%20-%20616-622-3537&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1608517013593&g=-60&completeurl=https%3A%2F%2Fwork256.com%2Frefund%2F
Requested by: Host: work256.com
URL: https://work256.com/refund/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Dec 2020 02:16:53 GMT
via: 1.1 varnish, 1.1 varnish
server: akka-http/10.1.11
x-timer: S1608517014.606594,VS0,VE158
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
expires: Mon, 21 Dec 2020 02:16:53 GMT
cache-control: no-cache, no-store, max-age=0, no-transform
x-cache-hits: 0, 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-lhr7321-LHR, cache-cph20635-CPH

GET
H2 200 1HItfXX7clh3KNs2cVqX42CNZVaRhn0QPwDWkuafQhTkUGekGbF5BYZFxpkCkoAf1
webforms.pipedrive.com/f/ Frame 6232 0
0 347ms
347ms Document
text/html 2606:4700::6812:bce4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://webforms.pipedrive.com/f/1HItfXX7clh3KNs2cVqX42CNZVaRhn0QPwDWkuafQhTkUGekGbF5BYZFxpkCkoAf1?embeded=1&uuid=id1g7hg

Requested by

Host: webforms.pipedrive.com
URL: https://webforms.pipedrive.com/f/loader

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bce4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:method: GET
:authority: webforms.pipedrive.com
:scheme: https
:path: /f/1HItfXX7clh3KNs2cVqX42CNZVaRhn0QPwDWkuafQhTkUGekGbF5BYZFxpkCkoAf1?embeded=1&uuid=id1g7hg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://work256.com/refund/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://work256.com/refund/

Response headers

date: Mon, 21 Dec 2020 02:16:54 GMT
content-type: text/html
set-cookie: __cfduid=d8743371a2718a57b4a1da815f3604fda1608517014; expires=Wed, 20-Jan-21 02:16:54 GMT; path=/; domain=.pipedrive.com; HttpOnly; SameSite=Lax
cf-ray: 604e1a8b7b3d05ed-FRA
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
cf-cache-status: DYNAMIC
access-control-expose-headers: X-RateLimit-Remaining, X-RateLimit-Limit, X-RateLimit-Reset
badi: Routing: eu-central-1=>us-east-1; Version: a2cc; Host: bari;
cf-request-id: 0724aeeb2e000005eda221b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pdtrusted-wgw-real-user-ip: 2a01:4f8:192:5414::2
x-content-type-options: nosniff
x-correlation-id: f8282c8a-53b4-44b6-ade1-0267def79898
x-dns-prefetch-control: off
x-download-options: noopen
x-xss-protection: 1; mode=block 1; mode=block
server: cloudflare
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

render.5256de5ea994e67b7927.js Show response
widget-v4.tidiochat.com/1_47_0/static/js/
Redirect Chain

https://code.tidio.co/wluppbtzurz5cbru77skdxnwa4ue2s6l.js
https://widget-v4.tidiochat.com/1_47_0/static/js/render.5256de5ea994e67b7927.js

15 KB
6 KB

36ms
13ms

Script
application/javascript

2606:4700:20::681a:88b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com/1_47_0/static/js/render.5256de5ea994e67b7927.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:88b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54022ac2abddfb22a409afd804c6dde6df23a9bd8d63b1dee68b2a7a189ba568

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Dec 2020 11:15:41 GMT
server: cloudflare
age: 3488
etag: W/"5fdb3ddd-3cd5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YRaL22UfV9Yv7rFOwuFj0DDrHi4na75DGlkBsgDT0oCLLEN7nAzO2bJbjqGBmlayrpBUPk%2F6jXMNoiSjHl2p22HhxpWuUnePZ3PiM2cQh0P%2BCDJ9Se4kmbqh6mB1IMgrOxsw7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 604e1a8ceb25175e-FRA
cf-request-id: 0724aeec120000175ebb987000000001

Redirect headers

date: Mon, 21 Dec 2020 02:16:54 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f4iAsIIdrrYWykjnt0p7ytEt2y6qQMhnkl9X%2BRtTAFy3mhW7QPCsuAarme6I11tC%2FoE8A%2FGerWLTh%2FPK%2FeIvWHJctwxHr%2Bu9cARg8CCq"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://widget-v4.tidiochat.com/1_47_0/static/js/render.5256de5ea994e67b7927.js
cache-control: private, no-cache, no-store, must-revalidate
cf-ray: 604e1a8bc9977367-CPH
cf-request-id: 0724aeeb610000736701b86000000001

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
593 B 40ms
25ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=8876507&ct=standard-page&rcu=https%3A%2F%2Fwork256.com%2Frefund%2F&pu=https%3A%2F%2Fwork256.com%2Frefund%2F&t=Tax+Refund+Direct+Deposit+-+C+%26+J+Tax+Service+-+616-622-3537&cts=1608517014324&vi=39c5fdc50753843835f59a97c59867ac&nc=true&u=171133311.39c5fdc50753843835f59a97c59867ac.1608517014321.1608517014321.1608517014321.1&b=171133311.1.1608517014321

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 604e1a8ba80ed6e5-FRA
date: Mon, 21 Dec 2020 02:16:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 0724aeeb460000d6e534900000000001
x-robots-tag: none

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 2 B
538 B 204ms
204ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://work256.com/refund/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

date: Mon, 21 Dec 2020 02:16:54 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-powered-by: Express
x-cache: MISS, MISS
paypal-debug-id: b4b36e8352101
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-lhr7328-LHR, cache-cph20639-CPH
x-timer: S1608517015.562421,VS0,VE185
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://work256.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 182ms
182ms Other
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://work256.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://work256.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json; charset=utf-8
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
paypal-debug-id: c15615a9dd7b9
x-content-type-options: nosniff
x-powered-by: Express
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
date: Mon, 21 Dec 2020 02:16:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-lhr7338-LHR, cache-cph20639-CPH
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1608517014.378885,VS0,VE164
vary: Accept-Encoding
content-encoding: br

GET
H2 200 widget.5256de5ea994e67b7927.js Show response
widget-v4.tidiochat.com//1_47_0/static/js/ Frame 2AEE 815 KB
222 KB 46ms
46ms Script
application/javascript 2606:4700:20::681a:88b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com//1_47_0/static/js/widget.5256de5ea994e67b7927.js
Requested by: Host: code.tidio.co
URL: https://code.tidio.co/wluppbtzurz5cbru77skdxnwa4ue2s6l.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:88b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4d5d27e8776d411272cbb98ec08867fd0466c8f0dd8e4520748a812dabaf187

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 02:16:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Dec 2020 11:16:32 GMT
server: cloudflare
age: 3487
etag: W/"5fdb3e10-cbbe0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uQmlEH%2Fa%2BSo0VBwkWAj%2B3aeMrDzy0OFe%2FAIH8PMOHVTfBBA5M9D%2BVE8VCyxGxTjrKFLmgG1hIGwondZIX1MNo23YaHvvCkzPQ7uxR4e112VevduwtGg%2BNepMF%2FhYF8S1bG92NA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 604e1a8d0b39175e-FRA
cf-request-id: 0724aeec270000175ed2b0b000000001

GET
H2 206 tururu.mp3
widget-v4.tidiochat.com// Frame 2AEE 7 KB
7 KB 12ms
12ms Media
audio/mpeg 2606:4700:20::681a:88b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com//tururu.mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:88b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 21 Dec 2020 02:16:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1630011
Content-Range: bytes 0-7223/7224
Content-Length: 7224
cf-request-id: 0724aeec9c0000175eb3970000000001
pragma: public
last-modified: Sun, 15 Nov 2020 10:07:03 GMT
server: cloudflare
etag: "5fb0fdc7-1c38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3ekQhiMhRHW5zP41lAWrvXyVriteCovH1AVH4GkqgwBx0h%2Fmu%2ByORwaM0TIcKi6EITTF7IFFiZmVVcWwF%2BQ8aLwCqnanEupipvOgdN5ybtMiIGoa6oFf5jZLuSWWzZtCBWy7MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: public, max-age=31536000
cf-ray: 604e1a8dcbaf175e-FRA
expires: Wed, 16 Dec 2020 05:30:03 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.1040.com
URL: https://www.1040.com/assets/affiliates/images/SquareBanner.jpg

Verdicts & Comments Add Verdict or Comment

212 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.work256.com/	1970-01-19 14:48:38	Name: __hssc Value: 171133311.1.1608517014321
.work256.com/	1970-01-20 00:10:13	Name: __hstc Value: 171133311.39c5fdc50753843835f59a97c59867ac.1608517014321.1608517014321.1608517014321.1
.work256.com/	1970-01-19 14:48:37	Name: _gat_gtag_UA_177356856_1 Value: 1
.work256.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
work256.com/	1970-01-19 15:28:56	Name: mailchimp_landing_site Value: https%3A%2F%2Fwork256.com%2F%3Fwc-ajax%3Dget_refreshed_fragments
.work256.com/	1970-01-20 00:10:13	Name: hubspotutk Value: 39c5fdc50753843835f59a97c59867ac
work256.com/	1970-01-19 14:51:29	Name: wp_woocommerce_session_aa7d1f5eba683155796d4c3941c31e63 Value: f772960121cf7c0e245e659b9d5b35c6%7C%7C1608689809%7C%7C1608686209%7C%7C488637e79ae5722a72b71c588df3d2b6
.work256.com/	1970-01-20 08:19:49	Name: _ga Value: GA1.2.955654474.1608517013
.work256.com/	1970-01-19 23:34:13	Name: tk_lr Value: %22%22
.work256.com/	1970-01-19 14:52:56	Name: tk_r3d Value: %22%22
.work256.com/	1970-01-19 14:50:03	Name: _gid Value: GA1.2.1660563620.1608517013
.work256.com/	1970-01-21 10:36:37	Name: tk_or Value: %22%22

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://c0.wp.com/c/5.6/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c0.wp.com
cdn.eu-central-1.pipedriveassets.com
chimpstatic.com
code.tidio.co
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
gui.secureserver.net
i0.wp.com
i1.wp.com
i2.wp.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
opsecurity.sharefile.com
pixel.wp.com
ps.w.org
s.w.org
static.addtoany.com
stats.wp.com
t.paypal.com
taxrefunddd.com
track.hubspot.com
webforms.pipedrive.com
widget-v4.tidiochat.com
work256.com
www.1040.com
www.google-analytics.com
www.googletagmanager.com
www.gotomeet.me
www.paypal.com
www.paypalobjects.com
www.1040.com
104.111.228.123
104.111.245.190
104.26.9.183
151.101.1.35
151.101.65.21
184.168.131.241
192.0.76.3
192.0.77.2
192.0.77.37
192.0.77.48
192.185.139.175
2606:4700:10::ac43:2794
2606:4700:20::681a:88b
2606:4700::6810:5505
2606:4700::6810:7e10
2606:4700::6811:47b0
2606:4700::6811:80ab
2606:4700::6811:d3cc
2606:4700::6812:15bf
2606:4700::6812:bce4
2606:4700::6813:9b53
2a00:1450:4001:808::2008
2a00:1450:4001:809::200e
2a00:1450:4001:81c::200a
2a00:1450:4001:825::2003
2a02:26f0:10e:28b::228b
52.22.72.157
65.9.68.25
00a390bc76c4ac07d5f6520c4bb2133bb493108ead46dff42286d7bd2af96ffb
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0747447844f68f1a4a8be812ba74a8627e66164aa23572b4d9cf42003486edd3
086aadaddf085cecdf970a45f3779a278e39969ad9d27823aa91bf418a4e3cab
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0cfd4521bfc7feb0c6b7dac1ccdd4c6f370432be61ddd0a53aa15f9e9db65f21
0d3295ce01d228de6f1f8d97dcfc7a5b4ba3550985f62ffd21bad2c9b1f67eca
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
1081cb728f0c8510b0cf73bf9135269e48f354b303d1acc0bfafbdf1ffb8b006
120aaf6681ca6d34a40c559779f0a0038582a79fce1b868ff901c94d27c89c72
12ae0b344c428f27cba554aa0554ba1e72cee317fc50c406965ffa7439b8cd3c
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
1c8231e24838de4ad2d966d5cb48563a2a6e540a15848d337fa3c466d0730775
1cec602b4a6c5b65bf7951b61b97a00dc2fb654e31144002e91f66d2004f9086
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1ecf7307b0ad6bb24d5500935b2de837b170b02b326cd06fcc8b1b977408b9c2
20a84f304abfaf56bb829a84199344bca40bf7d4dba451e109a840cbdf728436
21b1c346a04696c68f33050088b8bbda850a1d9c015bd70df23d7bb34f6d0e1c
24948233f47412d33ef98861271079f4401081ec1d3dad21474a14830a2465a9
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
2875bdd16c004407f9f3190e3983384de61a9f37bf360600c963853a1595d56a
28f9893fe7545d88fb4df65466abc22c0414efdc45581acd799a8ced6b87b0e2
298deb58ba18876cc734ca2ab7a03665fd8f2080d2606759a9e174ea6a27e9a7
30a9e12d6d2864ecdb1f308cbbd4a63f38247ef88216697e38105c5995cbfc43
3111667f131fe35172925ebef7026e7ce805f590d0998d027133523d7d1176d1
335250340a375c4edb7dac3dfb9a5cc42df33c0aa30a561a84b1dbb25d9773b8
3363cf277c784a7f33863038a2a2479b24762a2f8ce61cd0b1618ba394678fb5
3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4
3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2
43c164fa291cf51838ce3dbe62dfbc32fd8c803bd5603a24e09401ca62ac6455
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
54022ac2abddfb22a409afd804c6dde6df23a9bd8d63b1dee68b2a7a189ba568
55b76eec653cf1d5863170c5b6e7f48a69132990adb3f32a102cc04ba56b6ebc
59829fd13cfdf01257b1db5d723cbd25e0a5ca539df711f0222480a7facd55fb
5a9073fcb3fb7afb0d28fbf4f6edab054145fad44c81e12c1e864ecb963b85c9
5be58297f88740ded3e7d6143cd3f8a55a91194972dca105338188eed3022421
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981
5f988e7dc18e61145c363b18496f07749ec9226f0d946f2e7469e3dec8b6bbc1
601a4e5e4b8d63e67b80e7f905a50dc1abafb3a99ad9d4d0ef930d5f5a7ab98d
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
60c041607295b3bf909c52838b3266d58a5c8bd33a2876dc978a9506c8859b95
65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
7772a9cc35fc902c0cccb8871670ec3e45e4695e1bc6941aee1c24db3de8c544
78153bce2b9e4b55412e45ddca07bdd1ddb65aa84a1c78a921f1e446cc533ad9
7c489dd2e13acb8940f20b68b9ae2225c53d71643b08609834043c174c4cedaa
7cc2c8a7bd96173ee2a862c122630ab8d45ad0676ad2ad60fc55307763782230
7ec7f22119da3493aedefd66ffd30f0aaf4cf4aee42d8254638bcca5971c3568
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
8273f0538929ede9599e3cfea8142a252a7d0cb6dbacb230bf188490dde79d4b
83596846d160e44c98d8674d1f4b35be40646ec5ea30d9df136012028d354aa6
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8
8a1468a198f22ea86634a22c3962668b4a7d3d305e277a0383e594ad9f582bbd
8ee5cc5d135a3c7f563d2752347400e122d13f2e2a6ad300d171d9dbbce69762
93bc776744e62a4ad1590b6171a80bdbb7b550fa550bd9015b6ab94db5173ce3
946e3771efeabcf9a23d88089ce6ef6cb94531e36775004483fd8e237275dc29
9bbd49454237351594bd41e1a6194677be17eccc8ebce4eb60045e7d51ebcabc
9c7c023f91428234ca0ea4df1199758686f4dcd04da96ba63571788fb3389c0b
9d7fa20785fb8f6ccc3c7796c13287ca13df78cd93b832b245337f9001a841bb
a2e099c196ad7e3994f510a5f0a3ae4ac5491c6f338d39e929fb837cc68f7df1
a34e058248857d5f73437d8641981180a47d0e42b57655bbded89f8f55e33e7e
a4d5d27e8776d411272cbb98ec08867fd0466c8f0dd8e4520748a812dabaf187
aca3591e0e9d51a14fabb21aedaac7ccffc2ca824d62850ae6fafc21d53a2461
ad48937f49a6720466de15b4b0889bee88681f6aae2b4a3c0cfdc560687bd975
ad9e4318a5ffb02d153a7275ddc2a55a896e412e4c95e0cb48365b4c99501413
b0fadb949b500febb9674eb031eeacf9fa08a3e8e0583cdadcc55f6054dce99b
b74b12af9b42ee0eb8bb4afa63fccf016a7cadb62f62aedd440712c7e8557fb4
bc71c403dc6113c8597e111a99d6a6a197dd2f2355402f8392ca4812dca57d3d
beae7e1b1039d55005740894dccb11f37f912f6bd29081b11ef3cd74d73223a7
bfaab501be685332f20e1341156c5da89958599f8c7d15f22b5f24a62fef156f
c1c4b40dfd6eac3531dfdb23d4a77b057a3878a195917fb3a80ea8d79c4ea939
c60f3fd6876821d7146ffaadb96789c3fe88c20d8fa4b56c622950841fa862d3
c84e1ed197438fffecc2c6fbe3e7e4fd8f060af2236f3a50e2e16c891c82cf16
c9dc1e8b49eb87c548ec7d2cac255a9500e596cd06735084e70b7c74d87f1bcc
cab75276e4727e916c815562fda60534585e15f7d43c460f6b3bc26ce5573581
cdfa29aeb006e5008bc0466123b0d6628a915986956317637749841771e5f64d
d6c1958dcfcd24dabf04651be98106e1539086cb041d1a5338c32f1e81641b66
d952e41a5ec72320f1e8660af9dc65a2a043467bc5a8d57b69422e740cc0b8b9
da7103236e3745597f1329ea19158d51ff3b1a02a1a8224e6f94c99c5f53818f
dbe19688be3e5dd357362a92f3a74202624a385dd0c842452103005c53edb91d
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
df7b38a698cd0873a344c9f8a3b635d3967e6eb5179b1caa553d54cded28a2c5
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e30ba0dcd75f0c43de9d0d9e90c22a7f2f89d264908895fdf87e1c54ae96999c
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e4146ddb6ee3cfda8c626a3084c7f352456cf1a09c9f6dd603059ea8ab5fbd2e
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ec6b17986e18647f04e79a1d11342d7f471787911936053bee50c8f18c99869e
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4307bd5002862ce8cc72ddb109919427d9cd07cb817b7f23686d47429ffdbd5
f539fecdc3c34c7562a9117ac135ef6151b2a4f295365039ebe3aa52f083b8c4
f5b5756b4849e5c425daded52eb1178e1fada5c1a653342099bd9a12bb116673
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f
fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8
ff413137600f38d84cba2a19da1bb22ec53e468f050bba2da6827e2e67478042
ff4eb7e4df6e09b7fba76e1957f3fc0f703496a13d23a5a245bb2709810b0c43

work256.com Open in urlscan Pro 192.185.139.175 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

106 Requests

99 %HTTPS

54 %IPv6

26 Domains

34 Subdomains

27 IPs

4 Countries

1421 kBTransfer

4189 kBSize

12 Cookies

8 Outgoing links

Page URL History

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

work256.com Open in urlscan Pro
192.185.139.175 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

99 %
HTTPS

54 %
IPv6

26
Domains

34
Subdomains

27
IPs

4
Countries

1421 kB
Transfer

4189 kB
Size

12
Cookies

106 HTTP transactions
5 data transactions