urlscan.io logo urlscan.io
SecurityTrails logo

gloeak.layergreet.website Open in urlscan Pro
2606:4700:3031::6815:4e6b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kartersofa.com/0/0/0/d4b857b3b1d7f3c7f1a42b6d1f2e434d/35_1057776_2852282/2203_2973972_1i980td_8/455506331_185-2...
Effective URL: https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
Submission: On August 29 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3031::6815:4e6b, located in United States and belongs to CLOUDFLARENET, US. The main domain is gloeak.layergreet.website.
TLS certificate: Issued by WE1 on August 28th 2024. Valid for: 3 months.
This is the only time gloeak.layergreet.website was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 217.78.233.15 49392 (ASBAXETN)
1 5 2a06:98c1:312... 13335 (CLOUDFLAR...)
23 2606:4700:303... 13335 (CLOUDFLAR...)
28 3
Apex Domain
Subdomains		 Transfer
23 layergreet.website
gloeak.layergreet.website
728 KB
4 trk-elevostra.com
trk-elevostra.com — Cisco Umbrella Rank: 357103
event.trk-elevostra.com — Cisco Umbrella Rank: 369321
3 KB
1 serenebeach.sbs
serenebeach.sbs
665 B
1 kartersofa.com
kartersofa.com
421 B
28 4
Domain Requested by
23 gloeak.layergreet.website kartersofa.com
gloeak.layergreet.website
3 event.trk-elevostra.com trk-elevostra.com
1 trk-elevostra.com gloeak.layergreet.website
1 serenebeach.sbs 1 redirects
1 kartersofa.com
28 5

This site contains no links.

Subject Issuer Validity Valid
kartersofa.com
R10		 2024-07-26 -
2024-10-24		 3 months crt.sh
layergreet.website
WE1		 2024-08-28 -
2024-11-26		 3 months crt.sh
trk-elevostra.com
WE1		 2024-08-11 -
2024-11-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
Frame ID: D368B776901F720C99EE1D4A028F1366
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[1] Prämie ausstehend - Online Survey - Wir wollen Ihre Meinung!

Page URL History Show full URLs

  1. http://kartersofa.com/0/0/0/d4b857b3b1d7f3c7f1a42b6d1f2e434d/35_1057776_2852282/2203_2973972_1i980... HTTP 307
    https://kartersofa.com/0/0/0/d4b857b3b1d7f3c7f1a42b6d1f2e434d/35_1057776_2852282/2203_2973972_1i980... Page URL
  2. https://serenebeach.sbs/35052401/375704/122233487802/227503/95e8c4c8a3e0595446d50a7566a67c39x HTTP 302
    https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

5
Subdomains

3
IPs

2
Countries

732 kB
Transfer

1694 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kartersofa.com/0/0/0/d4b857b3b1d7f3c7f1a42b6d1f2e434d/35_1057776_2852282/2203_2973972_1i980td_8/455506331_185-230-11-165 HTTP 307
    https://kartersofa.com/0/0/0/d4b857b3b1d7f3c7f1a42b6d1f2e434d/35_1057776_2852282/2203_2973972_1i980td_8/455506331_185-230-11-165 Page URL
  2. https://serenebeach.sbs/35052401/375704/122233487802/227503/95e8c4c8a3e0595446d50a7566a67c39x HTTP 302
    https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://kartersofa.com/0/0/0/d4b857b3b1d7f3c7f1a42b6d1f2e434d/35_1057776_2852282/2203_2973972_1i980td_8/455506331_185-230-11-165 HTTP 307
  • https://kartersofa.com/0/0/0/d4b857b3b1d7f3c7f1a42b6d1f2e434d/35_1057776_2852282/2203_2973972_1i980td_8/455506331_185-230-11-165

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
455506331_185-230-11-165
kartersofa.com/0/0/0/d4b857b3b1d7f3c7f1a42b6d1f2e434d/35_1057776_2852282/2203_2973972_1i980td_8/
Redirect Chain
  • http://kartersofa.com/0/0/0/d4b857b3b1d7f3c7f1a42b6d1f2e434d/35_1057776_2852282/2203_2973972_1i980td_8/455506331_185-230-11-165
  • https://kartersofa.com/0/0/0/d4b857b3b1d7f3c7f1a42b6d1f2e434d/35_1057776_2852282/2203_2973972_1i980td_8/455506331_185-230-11-165
156 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://kartersofa.com/0/0/0/d4b857b3b1d7f3c7f1a42b6d1f2e434d/35_1057776_2852282/2203_2973972_1i980td_8/455506331_185-230-11-165
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.78.233.15 Yakutsk, Russian Federation, ASN49392 (ASBAXETN, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 29 Aug 2024 23:04:45 GMT
server
nginx/1.12.2
vary
Accept-Encoding

Redirect headers

Location
https://kartersofa.com/0/0/0/d4b857b3b1d7f3c7f1a42b6d1f2e434d/35_1057776_2852282/2203_2973972_1i980td_8/455506331_185-230-11-165
Non-Authoritative-Reason
HttpsUpgrades
Primary Request cmca
gloeak.layergreet.website/lsxd/mxut/lpxn/
Redirect Chain
  • https://serenebeach.sbs/35052401/375704/122233487802/227503/95e8c4c8a3e0595446d50a7566a67c39x
  • https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
55 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
Requested by
Host: kartersofa.com
URL: https://kartersofa.com/0/0/0/d4b857b3b1d7f3c7f1a42b6d1f2e434d/35_1057776_2852282/2203_2973972_1i980td_8/455506331_185-230-11-165
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccbbddbda78dc1ff984b040128c976d09370875f896a55d7626c760bd70da87a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kartersofa.com/0/0/0/d4b857b3b1d7f3c7f1a42b6d1f2e434d/35_1057776_2852282/2203_2973972_1i980td_8/455506331_185-230-11-165
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8bb02e9bcadb65cb-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 29 Aug 2024 23:04:47 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2F%2BVE2Z%2BXVDbnQa%2BHcEBLApLwD0YW02NCAV2xbTbCMt0%2B8qEqLwBHGGyyxYHxykts5YoBAlTf6ca2sZ%2F87KyNpYuQYGQVHziQQhZLT9YTNTROB0%2FC8JsK4Bk4xRiB407yJ2dfbcGo1qNtoLQ8EhfOPebC2Sv9A55"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8bb02e975987d22b-FRA
content-type
text/html; charset=UTF-8
date
Thu, 29 Aug 2024 23:04:46 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2mbotepooel0ooTJyAZ4CLexoLeq4PesGKprCgzvlT1vy6WRdI%2FLUXeekeIC7g3uWIZ5aqKbZQLZkLsfsrxV9aK3rDO3KzNg1SOckVTjGMCgDKbL82yf%2BqHn6BBz%2F3R63fYRFdwFS81ihoWWar0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
bootstrap.min.css
gloeak.layergreet.website/assets/vendors/bootstrap-4.5.3/css/ 		157 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gloeak.layergreet.website/assets/vendors/bootstrap-4.5.3/css/bootstrap.min.css
Requested by
Host: gloeak.layergreet.website
URL: https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:04:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13446
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9KlplZlF93m4hUqwyh9hvskytR81iwQJr0fJ%2BkaffCU8b5KM3pvO1hW5J8cOKAA%2B%2B8pJkEcJS6ExgIlxApiYYL1WJkHJc6JaDOMrW9EMvhvD%2BEFbbAU5%2FsvcufUxDAISkLAxElGFtZixUYUkU0T%2BIcTAbCEtFojT"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8bb02ea328cd65cb-FRA
expires
Thu, 05 Sep 2024 19:20:41 GMT
all.min.css
gloeak.layergreet.website/assets/vendors/fontawesome_pro/css/ 		496 KB
96 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gloeak.layergreet.website/assets/vendors/fontawesome_pro/css/all.min.css
Requested by
Host: gloeak.layergreet.website
URL: https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba166f4f23a50ed951d93710144182516832ab03c0f918436a1d084a83f69bfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:04:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13446
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 09 Nov 2023 20:05:24 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MHWO5E5S2gLp%2BCwzdSXpaJdV8f3opEPKjZ2PwJvVGPgRKkDhFJud7wI8nvycoYUzLY9db9pfcCecy1vU6LsdidJkeh5jbY%2BRXKA%2BZX5mMNEOnh4yXnwTbEPpRldR49oGTNTmuBBTzDQTh87M7z93FbL3UVFc6%2Bg1"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8bb02ea328ce65cb-FRA
expires
Thu, 05 Sep 2024 19:20:41 GMT
common.css
gloeak.layergreet.website/assets/css/dublin/ 		62 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gloeak.layergreet.website/assets/css/dublin/common.css?v=3c953f5cbd7cf630e91738717ed0758e
Requested by
Host: gloeak.layergreet.website
URL: https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd9d53e931cfffe8ebebcd6a43633d2c7d955ae4dd6548a7c3b0d4e8e724308c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:04:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 28 Aug 2024 15:58:08 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LwNnbIJCE9LeDWW2ciO5N%2Fn0VTzm%2B1Qrs5krid4hCJEBZf4c%2FRgYSIuefkabp0oWAHuZ%2FB07f3AHpDed6AELw89%2FLLl6RGe1bUzNa4yItFlh0DQfTLSDnUUMBjYYdEs1mw3tUzpOB4HOcp1trO1fJVNv4e8FHg5j"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8bb02ea328cf65cb-FRA
expires
Thu, 05 Sep 2024 23:04:48 GMT
msg.v3.js
gloeak.layergreet.website/inc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gloeak.layergreet.website/inc/msg.v3.js?66d0fe8f89cde
Requested by
Host: gloeak.layergreet.website
URL: https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd84ddc174018a30b8d82a449dc099af095997bc7f1ffc17a71043f48925e13a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:04:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 22 Aug 2024 18:25:20 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yu40zNSukORn2DwvE66PS8fHGNQF0wCXATnEX6cMkwrpCwebEFFbbcU2%2FnA4vBj%2FC%2BSGQVkMAueYTMqv%2FHGsmrZa2DsdoexRszvMtwfbAnnN8FoOo%2B50neHyHazvp%2Bqne0O96GRMKpB7P67ReXyqOnK9Fu5n8GPH"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8bb02ea328d065cb-FRA
expires
Thu, 05 Sep 2024 23:04:48 GMT
8466530083d8b5e72fad58d6328fd264.png
gloeak.layergreet.website/fim/4316-DE/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gloeak.layergreet.website/fim/4316-DE/8466530083d8b5e72fad58d6328fd264.png
Requested by
Host: gloeak.layergreet.website
URL: https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6659b4426a9dba95133c0e3b27b5d952d6cc1e574b88640a7e7bcec354d902c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:04:48 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
41556
x-xss-protection
1; mode=block
last-modified
Thu, 29 Aug 2024 23:04:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7M0ekYm8VdsHtVBCaygl0AKGm3C7q37uQBd5Tv%2F3%2BphWy7sjaJptusvgSR31F70EnjBFH5Mi2YR%2BQlXtbYrfPRFFARCj2QI45UKsQZibxUGKGN5NzVYR08bSk9HvCr7V88WOc4WslvFm4VpBhCdzEyKs9lJdbri0"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8bb02ea328d265cb-FRA
expires
Thu, 05 Sep 2024 23:04:48 GMT
7460ecbe2c6aa9f15cc21c3782a97fac.png
gloeak.layergreet.website/fim/4316-DE/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gloeak.layergreet.website/fim/4316-DE/7460ecbe2c6aa9f15cc21c3782a97fac.png
Requested by
Host: gloeak.layergreet.website
URL: https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7d826bf62262fb8d66325774d1cefd98501ab9e70d614f2c140e5762edcea08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:04:48 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1431
x-xss-protection
1; mode=block
last-modified
Thu, 29 Aug 2024 21:32:36 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SSS%2F80FJ%2BbHghsUttuh6dsuuxV0UQF4hN9q9IJPA8WJrFlBd2nmpu2O6F2C%2BNrax7jJchrDBFGYz0JXNCueuVFeFxL8oKCYTgY2adegFhDbLYY9FBfO5lrXO%2FozoTQxzxIBUdBbZTDRJgVWvypX4inTEPNWXhkpA"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8bb02ea328d365cb-FRA
expires
Thu, 05 Sep 2024 23:04:48 GMT
2c4ba7312864fdc1a7a551b55a5c3bf8.png
gloeak.layergreet.website/fim/4316-DE/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gloeak.layergreet.website/fim/4316-DE/2c4ba7312864fdc1a7a551b55a5c3bf8.png
Requested by
Host: gloeak.layergreet.website
URL: https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
021e62fc12d39ebcbd5469276bacc42d316df808b8b9623b329391f771f49343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:04:48 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
129897
x-xss-protection
1; mode=block
last-modified
Thu, 29 Aug 2024 22:17:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xyjJ7RTwnmJ6ghXCiOoQQwSmURCSLZfmuWnkU4UgcT4ihtP5QhLUAY64p6jL4uKHce48WFdeQ0d%2FRI5GwlaMbOdEMklB1h6STyGCG1HTy7T%2BD8cYn9I1AhDxRIXqoDX4OD0fJ92ZSbZpyApABEvDjthMV2Zisw70"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8bb02ea5aa5d65cb-FRA
expires
Thu, 05 Sep 2024 23:04:48 GMT
email-decode.min.js
gloeak.layergreet.website/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gloeak.layergreet.website/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: gloeak.layergreet.website
URL: https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:04:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Aug 2024 16:45:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66c8bc8d-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gsufhfldBT1qJchTIs0S1pz8ilLqZeAFvm3b6ExT88XvjA3pCmzS2hNFwzFC0gQGtb0kveNN96R5DqspQVm%2BIOUnrtns501HMB%2FuukP11zd6n901ymgOO%2Bbd7z6upklStk9v83%2FQdbTdw%2BIlKPU0Zah8GM2qC0WY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8bb02ea65abb65cb-FRA
expires
Sat, 31 Aug 2024 23:04:48 GMT
jquery-3.4.1.min.js
gloeak.layergreet.website/assets/vendors/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gloeak.layergreet.website/assets/vendors/jquery-3.4.1.min.js
Requested by
Host: gloeak.layergreet.website
URL: https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:04:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13447
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6YU482ybjs8X7SL0yTzY%2FCWngSFjibsiYdivgvevBRHiPd5kTXERiBGjFL0in8KmEdMPLv3rVAYKCgLiosUusjgE6kdRY%2FRoa5t2hxy4A%2BEypK66GSapTTOp8zPsTWwXYwiXTzesQRo4vEGaxfp7iA90mPr7%2FJrn"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8bb02ea65abc65cb-FRA
expires
Thu, 05 Sep 2024 19:20:41 GMT
bootstrap.min.js
gloeak.layergreet.website/assets/vendors/bootstrap-4.5.3/js/ 		62 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gloeak.layergreet.website/assets/vendors/bootstrap-4.5.3/js/bootstrap.min.js
Requested by
Host: gloeak.layergreet.website
URL: https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:04:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13447
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 20 Aug 2021 13:04:53 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X3GAtL1Pdm3z%2BT%2F%2B3yyq55gqSU9Q35BWztMIjBserSEcfQzS%2B1gmJ7pa493GdMIv%2BiPL4eoqJvY%2Br381%2BnwND%2BcW28D7QLEB%2FtQ3hSMQlmGYo%2BhQW%2B7I%2BBtdZJ4G1%2FYUtw4fh9q0CdbpZnl6LwuxZvShlfuw0FSE"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8bb02ea65abd65cb-FRA
expires
Thu, 05 Sep 2024 19:20:41 GMT
functions.js
gloeak.layergreet.website/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gloeak.layergreet.website/assets/js/functions.js?v=3c953f5cbd7cf630e91738717ed0758e
Requested by
Host: gloeak.layergreet.website
URL: https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4921e86e1c949a33cc2b898550944940b1c1a63d84eb852af1fa71dd33d49b1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:04:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 21 Jun 2024 19:17:35 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0FDZzQw6Omw7QuNTeB3ziajTpcbQNSm4wNXqlr%2BqCuAs3X6fxj2UDs0f12tyLpcuOtyxpcYUS8gbj90iNnwcpa0zO%2B%2FsTFeIzj8%2Fl4i0A5AlhHWuFmJtU665lrM7KDdhyElzo9NLF2hleJ7zSXzGJSQeabX1gTDI"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8bb02ea65abe65cb-FRA
expires
Thu, 05 Sep 2024 23:04:48 GMT
gbvar.js
gloeak.layergreet.website/assets/js/ 		41 B
558 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gloeak.layergreet.website/assets/js/gbvar.js?v=72
Requested by
Host: gloeak.layergreet.website
URL: https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fa2bbb4c27f55e1d9ef824fdfcb1459b34974b50426301fac1b5f8d8f8790b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:04:48 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
41
x-xss-protection
1; mode=block
last-modified
Wed, 21 Feb 2024 21:29:05 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wn2lw1iIUq3De6C8cKtAOEGc69eSqZ%2FkKriRIvN6kSvktoBjsKNQrHlL3qNPOS6EnAdYolBZ3Ob5jr4kTIH4lI3iOtCBY9VdwwwqbkgoHUzoFkQ9OjV6gZOHIc5bFubIH8ZmguqfyA7wOWYHnyReZBZ2tUnwmpyh"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8bb02ea65abf65cb-FRA
expires
Thu, 05 Sep 2024 23:04:48 GMT
intl_functions.js
gloeak.layergreet.website/assets/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gloeak.layergreet.website/assets/js/intl_functions.js?v=3c953f5cbd7cf630e91738717ed0758e
Requested by
Host: gloeak.layergreet.website
URL: https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
415fcc5436be9039699e31bc9cbd8e6d8b23410581b0a72dac505d9fad85c691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:04:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 22 Jul 2024 19:31:48 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BAO4K7YLqZioV3l8zyPHsNZK8YaakBz88cDRjrFAzQlz13G9mDi0BJCiHtcX1NLKKEmHPHKt4rsUiVHOTchvpbqx94i71QrxDwHAwm5ndDxA7LpXwNbjDnlWhTk%2B3nyu97n7Saxj08R5DD3KvPkc5fJiqJ5B89B%2F"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8bb02ea65ac065cb-FRA
expires
Thu, 05 Sep 2024 23:04:48 GMT
common.js
gloeak.layergreet.website/assets/js/dublin/ 		76 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gloeak.layergreet.website/assets/js/dublin/common.js?v=3c953f5cbd7cf630e91738717ed0758e
Requested by
Host: gloeak.layergreet.website
URL: https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad574243304d6734c8fa72069794110fedd45767460ad6e8289b2c8a26599712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:04:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 27 Aug 2024 18:33:46 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2SGcsTwyUlnldoxTLJZ%2BE%2FNppSGyoreZjV2G8oE6c3Cwh%2BEsjumNzpFj%2BeM7ZwHEg3Ldyz%2BxyAqZRbFQ7RgeG%2BwfSD%2FjKaZEMuYRnOqjzD70WV5uwQPyzYfJf51zeukEVs2BiKGVYqBrDyrSVAv9%2Fv80CsX9%2F%2BsY"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8bb02ea65ac165cb-FRA
expires
Thu, 05 Sep 2024 23:04:48 GMT
v9e118mez8
trk-elevostra.com/scripts/push/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-elevostra.com/scripts/push/v9e118mez8
Requested by
Host: gloeak.layergreet.website
URL: https://gloeak.layergreet.website/inc/msg.v3.js?66d0fe8f89cde
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0023a8f8391b10006ee27598323de8d0e3d019755e8f7a16e88464b1aef00b39
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gloeak.layergreet.website/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:04:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6638
alt-svc
h3=":443"; ma=86400
content-length
2519
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 29 Aug 2024 21:14:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mN98icDw4UvuIFtSvOqK%2BuzB6pieftlvn1%2FieC0DqQXU0dhur6SayVpdNg01kffP1dP%2F%2Fdu2HVkrRVntsR66PpT%2FxMNXceGYek1OohOFc4wZDq3wgL5aqb6x0LRZanA3xOTm8a%2Bpy0NvEwFQ01UNHw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
accept-ranges
bytes
cf-ray
8bb02ea69fe89bd6-FRA
expires
0
2c4ba7312864fdc1a7a551b55a5c3bf8.png
gloeak.layergreet.website/fim/4316-DE/ 		127 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gloeak.layergreet.website/fim/4316-DE/2c4ba7312864fdc1a7a551b55a5c3bf8.png
Requested by
Host: gloeak.layergreet.website
URL: https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
021e62fc12d39ebcbd5469276bacc42d316df808b8b9623b329391f771f49343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:04:48 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
129897
x-xss-protection
1; mode=block
last-modified
Thu, 29 Aug 2024 22:17:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xyjJ7RTwnmJ6ghXCiOoQQwSmURCSLZfmuWnkU4UgcT4ihtP5QhLUAY64p6jL4uKHce48WFdeQ0d%2FRI5GwlaMbOdEMklB1h6STyGCG1HTy7T%2BD8cYn9I1AhDxRIXqoDX4OD0fJ92ZSbZpyApABEvDjthMV2Zisw70"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8bb02ea5aa5d65cb-FRA
expires
Thu, 05 Sep 2024 23:04:48 GMT
fa-solid-900.woff2
gloeak.layergreet.website/assets/vendors/fontawesome_pro/webfonts/ 		320 KB
321 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gloeak.layergreet.website/assets/vendors/fontawesome_pro/webfonts/fa-solid-900.woff2
Requested by
Host: gloeak.layergreet.website
URL: https://gloeak.layergreet.website/assets/vendors/fontawesome_pro/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdb9ca4674e16a180ad38ba1b55ea1224a38677e604f5c5e560b85194970b85a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gloeak.layergreet.website/assets/vendors/fontawesome_pro/css/all.min.css
Origin
https://gloeak.layergreet.website
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:04:49 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
327824
x-xss-protection
1; mode=block
last-modified
Thu, 09 Nov 2023 20:05:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gvJuW7xZ09wLBriRTRQBo55giR%2F6KcxHNzmXmbh7QmpmGpF%2BAjWlzUhhF6Gi0P7wqp1lmjPiBKxezqMg0IaLTSPO8qJh2OTneMDiFmUEB6fn4zklhQfzBPlo2DR4y5LStOcBcgspiTrQujJxg7d6JCfIK%2BlSbJlK"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8bb02ea66acb65cb-FRA
expires
Thu, 05 Sep 2024 23:04:48 GMT
v9e118mez8
event.trk-elevostra.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-elevostra.com/register/event_log/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gloeak.layergreet.website
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8bb02ea8098b2ba9-FRA
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Thu, 29 Aug 2024 23:04:49 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2Fpmo%2BMisb8mXsIekNowozASP8UzZnyVVwubZEMj5q%2B%2BaQa7E9kJxq0JvGCmhViP18oK3ZAi7MgdKZQrSgOVtZQgwqYImI7xHEhQSZuDNhuGUciEzH0cefMlG48K%2Boe8aOgdkvoNwcVLAc5UwblQocZnYgr%2Blw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
v9e118mez8
event.trk-elevostra.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-elevostra.com/register/event_log/v9e118mez8
Requested by
Host: trk-elevostra.com
URL: https://trk-elevostra.com/scripts/push/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gloeak.layergreet.website/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type
application/json

Response headers

x-pushplatformapp-params
date
Thu, 29 Aug 2024 23:04:49 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lbsEqG%2FPX1UbQ57FREI60oyVv%2B%2BtNSxSU9BPBedL%2FNDtvUTXgFrVk5BvW8B7Oblt%2FI4jnSC4HRFeEQbi%2BryndaezPOsWF3FsiJT1S%2F1tHZZysgWi28jE%2B0ANpLN6ra2XZ6VnZ8Ceg7CZfqdD7pUEGCJlaFaQ1g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
8bb02eaa7b002ba9-FRA
expires
0
/
gloeak.layergreet.website/ 		41 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gloeak.layergreet.website/
Requested by
Host: gloeak.layergreet.website
URL: https://gloeak.layergreet.website/assets/vendors/jquery-3.4.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa5bb2d12a790b8d33ddafb4960e1cd572a94948a0e240bfeb3dfc9d7d83b784
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 29 Aug 2024 23:04:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iOd%2BbLUxtv7ZGsUlpmE9MWLz6loL3Nh2KuAWZvFhnufyxeychu6RCciVpzUBQieh4DGG%2BIkHxkTFX0AE6nJvnT%2FmExQzU8Im647xUJbxqNSvO5pQNfxKuZoFKPmt4Ih9vNAOR4A1Kw7IKdB2O0i2QPnTGPH73tn3"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
8bb02ea8ecd065cb-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
066f3baf287cd24ccb78b9280b1cb990.jpg
gloeak.layergreet.website/fim/4316-DE/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gloeak.layergreet.website/fim/4316-DE/066f3baf287cd24ccb78b9280b1cb990.jpg
Requested by
Host: gloeak.layergreet.website
URL: https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab01e78f9a01b905e2df63b9509738a116ac5ad60aabc8876ce241b91733dd03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:04:49 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1941
x-xss-protection
1; mode=block
last-modified
Thu, 29 Aug 2024 21:43:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RSWogAQEvqv7g5swGqml4KDZlN2Uw1r2PQlqCaNuxE2WnHzQhK9HjmaIHfdxsDYfYiCM1cjqx9zv9qyAstK8a7rwLimvX5k%2BaQ4xG0OVXJRyGdtAK2jYNzsIX2E9nzEFC6Fq8RHPkglYIqo6m0k9VLKnOx52Kh00"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8bb02ea99d6565cb-FRA
expires
Thu, 05 Sep 2024 23:04:49 GMT
0eb071153e9a9fbd81d423733f7737f2.jpg
gloeak.layergreet.website/fim/4316-DE/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gloeak.layergreet.website/fim/4316-DE/0eb071153e9a9fbd81d423733f7737f2.jpg
Requested by
Host: gloeak.layergreet.website
URL: https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81da4be8f6d3795c8133be93885824a6ef422b4636b35f320105737acc03bb29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:04:49 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3587
x-xss-protection
1; mode=block
last-modified
Thu, 29 Aug 2024 21:45:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lk%2Bx%2FpzD4C2IKjwbC7QhLOsmoRFMAPYBAbA5%2BHl01z4MhPfVxU8xcGccnyWKCl7d2KQb7hTs7v%2FFMWbhLEWN2MoxkLBL1MUrKmyfdX3a2FeBr%2B4LwJHjObJuz6%2FXQDbhtWNUiTvC%2BuDh3p0dNEIBIP1wwP%2F%2FvlD%2B"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8bb02ea99d6765cb-FRA
expires
Thu, 05 Sep 2024 23:04:49 GMT
83cabf7e465fe1dfed1d0bc7657ccbba.jpg
gloeak.layergreet.website/fim/4316-DE/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gloeak.layergreet.website/fim/4316-DE/83cabf7e465fe1dfed1d0bc7657ccbba.jpg
Requested by
Host: gloeak.layergreet.website
URL: https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba0aa61c37a83de08ff92eb9e961ded155f7bfd9b73962f2cc5efd26d5a9cefc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:04:49 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3913
x-xss-protection
1; mode=block
last-modified
Thu, 29 Aug 2024 22:05:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xM9pW2hxp%2BbxlRHEDRxoHcU4QLGsiQYuaEWKcwt7CXCwN8CV%2F4hDJTm%2FNOzMIpkVu%2BUVN%2FJiEZZB%2Fnfj8RM34ql0AVEwrHrhJ4FlByNdz3FeccS5Epxu8q1fLZdhiSO3WsCZHjwxehj%2BG4mFlCYfjOF38oUFbEiG"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8bb02ea99d6865cb-FRA
expires
Thu, 05 Sep 2024 23:04:49 GMT
8466530083d8b5e72fad58d6328fd264.png
gloeak.layergreet.website/fim/4316-DE/ 		41 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gloeak.layergreet.website/fim/4316-DE/8466530083d8b5e72fad58d6328fd264.png
Requested by
Host: gloeak.layergreet.website
URL: https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6659b4426a9dba95133c0e3b27b5d952d6cc1e574b88640a7e7bcec354d902c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:04:48 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
41556
x-xss-protection
1; mode=block
last-modified
Thu, 29 Aug 2024 23:04:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7M0ekYm8VdsHtVBCaygl0AKGm3C7q37uQBd5Tv%2F3%2BphWy7sjaJptusvgSR31F70EnjBFH5Mi2YR%2BQlXtbYrfPRFFARCj2QI45UKsQZibxUGKGN5NzVYR08bSk9HvCr7V88WOc4WslvFm4VpBhCdzEyKs9lJdbri0"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8bb02ea328d265cb-FRA
expires
Thu, 05 Sep 2024 23:04:48 GMT
favicon.ico
gloeak.layergreet.website/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://gloeak.layergreet.website/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
703063f5cfebf76bd6190dd87052d6664d3a0fcf474d837d89f6b7fae7a8f3b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 23:04:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 29 Sep 2022 23:17:43 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/x-icon
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sUG3tj3N3b%2BggXMi5qMkPDoiWUThrcNalHvLlCNI602DKBOudT95%2B1dh6gYFo%2BmAxb0D0g2Smi2DgndU5wCIWELcJpDN4S8EIWcM96EeesV8ECVw1WW8wSe9EsCdxYNeIfvK01hT8gj%2B8N6yec8%2BYKW%2BouTliGKt"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8bb02eacbf9c65cb-FRA
expires
Thu, 05 Sep 2024 23:04:49 GMT
v9e118mez8
event.trk-elevostra.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-elevostra.com/register/event_log/v9e118mez8
Requested by
Host: trk-elevostra.com
URL: https://trk-elevostra.com/scripts/push/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gloeak.layergreet.website/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type
application/json

Response headers

x-pushplatformapp-params
date
Thu, 29 Aug 2024 23:04:50 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1SrLDlYL4mj%2FsJY5unjtol4ydbaUFOteFRwGt4aTtAQYquKx9kCRa755ppOdy0d%2BfW1XU%2B%2BSXQuHSnW6odonBruWUB3i2xXGq0WOxwcjVpz%2FP9krg8iGfbVbgxkGzDmDTRrzr%2FIzr5D4V1vKJiIto8RE9V79MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
8bb02eaffe242ba9-FRA
expires
0

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| pushCount object| MYCALL string| s1 string| s2 string| fp string| esource string| pshpub string| pshdomain string| pshfingerprint function| $ function| jQuery object| bootstrap function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore function| setAttributes function| datehax function| startTimer number| duration string| popUrl function| getPopUrl string| rightnow object| currentdate object| months function| startINTSurvey function| startQuestion function| startSurveyDub function| showSurveyDub function| callPushNotify string| LNG string| CMP string| CNT string| BID string| PDN string| FNP string| attrChoices string| domain string| pipeline object| states function| birthdayFill function| beforeShowQuestion function| showOfferWall function| createQuestion function| processQuestion function| nextQuestion function| replaceUrlParam number| time_popup function| startTimerPopup function| showModalPopup function| popunder function| startsurvey number| box_trying boolean| oneclick function| formatPhoneNumber function| switchTypeQuestions function| validatePhone function| validateEmail function| validateZip function| sendZipIp function| validateHeightF function| validateHeightI function| validateWeight function| validateAll function| validateName function| validateLName function| validateBirthday function| days function| daysInMonth function| dashedNumber function| alpha function| validateKeyStrokes function| showStreetState function| leadgenForm function| emailPixel function| overflowP function| showDisclaimer function| preventS function| comment function| like function| startSurveyU function| createQuestionU function| switchTypeQuestionsU function| nextQuestionU function| validateData function| showStreetStateU function| showModal function| showOfferWallU function| count_p function| _saveProduct function| mfq_tags function| fadeInImgModal function| lazyLoad function| lazyLoadStartSurvey string| aff_id string| click_id string| Brand string| lpid string| lpow object| prepop string| languageCode string| countryCode string| questiontx string| of string| prod_var string| pname_modal function| cheers

3 Cookies

Domain/Path Name / Value
kartersofa.com/ Name: uid2275
Value: 1222334878-20240829190445-f70b78f1499b6958c87bd4b873f4f067-3757
serenebeach.sbs/ Name: PHPSESSID
Value: c467f04de4cfe961b7b6496f8eb1d59b
gloeak.layergreet.website/ Name: PHPSESSID
Value: f16b5edd0dee30315ddc1e43340364b3

1 Console Messages

Source Level URL
Text
other error URL: https://gloeak.layergreet.website/lsxd/mxut/lpxn/cmca?23a0f2f87eb5809c43bac0f6d4514664
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

event.trk-elevostra.com
gloeak.layergreet.website
kartersofa.com
serenebeach.sbs
trk-elevostra.com
217.78.233.15
2606:4700:3031::6815:4e6b
2a06:98c1:3120::3
0023a8f8391b10006ee27598323de8d0e3d019755e8f7a16e88464b1aef00b39
021e62fc12d39ebcbd5469276bacc42d316df808b8b9623b329391f771f49343
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
415fcc5436be9039699e31bc9cbd8e6d8b23410581b0a72dac505d9fad85c691
4921e86e1c949a33cc2b898550944940b1c1a63d84eb852af1fa71dd33d49b1a
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
6659b4426a9dba95133c0e3b27b5d952d6cc1e574b88640a7e7bcec354d902c1
703063f5cfebf76bd6190dd87052d6664d3a0fcf474d837d89f6b7fae7a8f3b5
81da4be8f6d3795c8133be93885824a6ef422b4636b35f320105737acc03bb29
9fa2bbb4c27f55e1d9ef824fdfcb1459b34974b50426301fac1b5f8d8f8790b1
ab01e78f9a01b905e2df63b9509738a116ac5ad60aabc8876ce241b91733dd03
ad574243304d6734c8fa72069794110fedd45767460ad6e8289b2c8a26599712
b7d826bf62262fb8d66325774d1cefd98501ab9e70d614f2c140e5762edcea08
ba0aa61c37a83de08ff92eb9e961ded155f7bfd9b73962f2cc5efd26d5a9cefc
ba166f4f23a50ed951d93710144182516832ab03c0f918436a1d084a83f69bfe
bd84ddc174018a30b8d82a449dc099af095997bc7f1ffc17a71043f48925e13a
bdb9ca4674e16a180ad38ba1b55ea1224a38677e604f5c5e560b85194970b85a
ccbbddbda78dc1ff984b040128c976d09370875f896a55d7626c760bd70da87a
cd9d53e931cfffe8ebebcd6a43633d2c7d955ae4dd6548a7c3b0d4e8e724308c
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
fa5bb2d12a790b8d33ddafb4960e1cd572a94948a0e240bfeb3dfc9d7d83b784