urlscan.io logo urlscan.io
SecurityTrails logo

goldielocksrevenge.hearnow.com Open in urlscan Pro
104.18.30.79  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://goldielocksrevenge.hearnow.com/
Effective URL: https://goldielocksrevenge.hearnow.com/
Submission: On November 20 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 8 domains to perform 48 HTTP transactions. The main IP is 104.18.30.79, located in and belongs to CLOUDFLARENET, US. The main domain is goldielocksrevenge.hearnow.com.
TLS certificate: Issued by E5 on November 6th 2024. Valid for: 3 months.
This is the only time goldielocksrevenge.hearnow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 104.18.30.79 13335 (CLOUDFLAR...)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:2800:11f... 15133 (EDGECAST)
15 52.85.151.79 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 52.17.227.89 16509 (AMAZON-02)
1 54.229.214.125 16509 (AMAZON-02)
1 54.245.122.215 16509 (AMAZON-02)
3 54.149.222.114 16509 (AMAZON-02)
1 68.67.179.164 29990 (ASN-APPNEX)
1 2 68.67.181.211 29990 (ASN-APPNEX)
1 151.101.193.108 54113 (FASTLY)
48 13
11    104.18.30.79 (None, )

ASN13335 (CLOUDFLARENET, US)
goldielocksrevenge.hearnow.com
site-stats.hearnow.com
8    2606:4700:10::6816:3b5b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-cookieyes.com
2    2606:2800:11f:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
stckjs.stackify.com
15    52.85.151.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-79.iad89.r.cloudfront.net
static.production.hearnow-cdn.com
1    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    52.17.227.89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-227-89.eu-west-1.compute.amazonaws.com
log.cookieyes.com
1    54.229.214.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-214-125.eu-west-1.compute.amazonaws.com
directory.cookieyes.com
1    54.245.122.215 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-245-122-215.us-west-2.compute.amazonaws.com
found.ee
3    54.149.222.114 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-222-114.us-west-2.compute.amazonaws.com
api.found.ee
1    68.67.179.164 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    68.67.181.211 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
1    151.101.193.108 (San Francisco, United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
Apex Domain
Subdomains		 Transfer
15 hearnow-cdn.com
static.production.hearnow-cdn.com
423 KB
11 hearnow.com
goldielocksrevenge.hearnow.com
site-stats.hearnow.com
84 KB
8 cdn-cookieyes.com
cdn-cookieyes.com — Cisco Umbrella Rank: 6717
78 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 281
secure.adnxs.com — Cisco Umbrella Rank: 495
acdn.adnxs.com — Cisco Umbrella Rank: 643
12 KB
4 found.ee
found.ee — Cisco Umbrella Rank: 81503
api.found.ee — Cisco Umbrella Rank: 91358
6 KB
3 cookieyes.com
log.cookieyes.com — Cisco Umbrella Rank: 7310
directory.cookieyes.com — Cisco Umbrella Rank: 10619
775 B
2 stackify.com
stckjs.stackify.com — Cisco Umbrella Rank: 194232
128 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 617
7 KB
48 8
Domain Requested by
15 static.production.hearnow-cdn.com goldielocksrevenge.hearnow.com
static.production.hearnow-cdn.com
8 cdn-cookieyes.com goldielocksrevenge.hearnow.com
cdn-cookieyes.com
8 goldielocksrevenge.hearnow.com goldielocksrevenge.hearnow.com
static.cloudflareinsights.com
3 api.found.ee found.ee
3 site-stats.hearnow.com goldielocksrevenge.hearnow.com
2 secure.adnxs.com 1 redirects
2 log.cookieyes.com cdn-cookieyes.com
2 stckjs.stackify.com goldielocksrevenge.hearnow.com
cdn-cookieyes.com
1 acdn.adnxs.com found.ee
1 ib.adnxs.com found.ee
1 found.ee goldielocksrevenge.hearnow.com
1 directory.cookieyes.com cdn-cookieyes.com
1 static.cloudflareinsights.com goldielocksrevenge.hearnow.com
48 13

This site contains links to these domains. Also see Links.

Domain
hearnow.com
open.spotify.com
found.ee
cdbaby.com
Subject Issuer Validity Valid
hearnow.com
E5		 2024-11-06 -
2025-02-04		 3 months crt.sh
cdn-cookieyes.com
WE1		 2024-11-20 -
2025-02-18		 3 months crt.sh
sni202efgl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-01 -
2025-03-03		 a year crt.sh
*.production.hearnow-cdn.com
Amazon RSA 2048 M02		 2024-10-31 -
2025-11-28		 a year crt.sh
cloudflareinsights.com
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh
log.cookieyes.com
Amazon RSA 2048 M02		 2024-03-26 -
2025-04-25		 a year crt.sh
directory.cookieyes.com
Amazon RSA 2048 M03		 2024-02-02 -
2025-03-03		 a year crt.sh
found.ee
E6		 2024-10-22 -
2025-01-20		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2024-04-08 -
2025-05-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://goldielocksrevenge.hearnow.com/
Frame ID: D57DCA4C2150E0B03EC8610A0F3BCB99
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Goldielock's Revenge - Hacking the Akashic

Page URL History Show full URLs

  1. http://goldielocksrevenge.hearnow.com/ HTTP 307
    https://goldielocksrevenge.hearnow.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

48
Requests

96 %
HTTPS

25 %
IPv6

8
Domains

13
Subdomains

13
IPs

3
Countries

738 kB
Transfer

1551 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://goldielocksrevenge.hearnow.com/ HTTP 307
    https://goldielocksrevenge.hearnow.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://secure.adnxs.com/seg?add=16260054&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D16260054%26t%3D1

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
goldielocksrevenge.hearnow.com/
Redirect Chain
  • http://goldielocksrevenge.hearnow.com/
  • https://goldielocksrevenge.hearnow.com/
53 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://goldielocksrevenge.hearnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.30.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04d7b15a131e546825a927b05e7e065729a93f2530f425f76172dd36ec6cd5f9
Security Headers
Name Value
Content-Security-Policy base-uri 'self';connect-src 'self' https://*.hearnow-cdn.com site-stats.hearnow.com https://api.spotify.com https://api.found.ee https://api.recurly.com https://stckjs.stackify.com https://rum.stackify.com *.cookieyes.com cdn-cookieyes.com;default-src 'self' https://api.recurly.com;font-src 'self' https://*.hearnow-cdn.com fonts.gstatic.com;form-action 'self' https://auth.cdbaby.com;frame-src 'self' site-stats.hearnow.com mailto: https://open.spotify.com https://accounts.spotify.com https://api.recurly.com;img-src 'self' https://*.hearnow-cdn.com site-stats.hearnow.com data: https://open.scdn.co https://www.gstatic.com cdn-cookieyes.com;media-src 'self' content.cdbaby.com;object-src 'none';script-src 'self' 'nonce-XzNWq0j3vy4eULWAbkoJ44dn7xkFgTxO' https://*.hearnow-cdn.com site-stats.hearnow.com https://found.ee/dmp/pixel.js https://*.adnxs.com https://api.recurly.com https://js.recurly.com https://stckjs.stackify.com cdn-cookieyes.com;style-src 'self' 'unsafe-inline' https://*.hearnow-cdn.com https://api.recurly.com https://js.recurly.com fonts.googleapis.com
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=998, public
cf-cache-status
DYNAMIC
cf-ray
8e598e20b8b20992-MIA
content-encoding
br
content-security-policy
base-uri 'self';connect-src 'self' https://*.hearnow-cdn.com site-stats.hearnow.com https://api.spotify.com https://api.found.ee https://api.recurly.com https://stckjs.stackify.com https://rum.stackify.com *.cookieyes.com cdn-cookieyes.com;default-src 'self' https://api.recurly.com;font-src 'self' https://*.hearnow-cdn.com fonts.gstatic.com;form-action 'self' https://auth.cdbaby.com;frame-src 'self' site-stats.hearnow.com mailto: https://open.spotify.com https://accounts.spotify.com https://api.recurly.com;img-src 'self' https://*.hearnow-cdn.com site-stats.hearnow.com data: https://open.scdn.co https://www.gstatic.com cdn-cookieyes.com;media-src 'self' content.cdbaby.com;object-src 'none';script-src 'self' 'nonce-XzNWq0j3vy4eULWAbkoJ44dn7xkFgTxO' https://*.hearnow-cdn.com site-stats.hearnow.com https://found.ee/dmp/pixel.js https://*.adnxs.com https://api.recurly.com https://js.recurly.com https://stckjs.stackify.com cdn-cookieyes.com;style-src 'self' 'unsafe-inline' https://*.hearnow-cdn.com https://api.recurly.com https://js.recurly.com fonts.googleapis.com
content-type
text/html; charset=UTF-8
date
Wed, 20 Nov 2024 15:43:22 GMT
feature-policy
autoplay 'none'; document-domain 'none'; document-write 'none'; font-display-late-swap 'none'; layout-animations 'none'; legacy-image-formats 'none'; oversized-images 'none'; sync-script 'none'; unsized-media 'none'
referrer-policy
no-referrer-when-downgrade
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
x-stackifyid
V1|d15f54d2-70ae-4738-95af-a09673f55d25|C66774|CD199|
x-xss-protection
1; mode=block

Redirect headers

Location
https://goldielocksrevenge.hearnow.com/
Non-Authoritative-Reason
HttpsUpgrades
script.js
cdn-cookieyes.com/client_data/e2f2dc73a5eae8d1ccce8439/ 		96 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/e2f2dc73a5eae8d1ccce8439/script.js
Requested by
Host: goldielocksrevenge.hearnow.com
URL: https://goldielocksrevenge.hearnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e281fa651faa4fe6ce33e120fe2978a90c13f537cffbbbb4679672dfba71b1c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding
gzip
cf-cache-status
HIT
etag
"181b3-625d510d75910-gzip"
age
541387
access-control-allow-methods
GET, OPTIONS
cf-ray
8e598e2689979071-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
34213
date
Wed, 20 Nov 2024 15:43:22 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 07:41:41 GMT
vary
Accept-Encoding
server
cloudflare
stckjs.js
stckjs.stackify.com/ 		128 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stckjs.stackify.com/stckjs.js
Requested by
Host: goldielocksrevenge.hearnow.com
URL: https://goldielocksrevenge.hearnow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8733) /
Resource Hash
f2057dcdfebe4331166571b0ba67f241a2c96878d79b5ab4117470c702d0bb72

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

content-md5
hYrhQXqEty1B86uMIYdEDQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8D96336CDA951FD
age
518579
x-cache
HIT
date
Wed, 20 Nov 2024 15:43:22 GMT
content-type
text/javascript
last-modified
Thu, 19 Aug 2021 17:28:47 GMT
x-ms-request-id
8a4febc4-e01e-006f-64ab-365ad6000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
130600
x-ms-blob-type
BlockBlob
server
ECAcc (mid/8733)
main.css
static.production.hearnow-cdn.com/build/1730313606/css/sites/ 		59 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.production.hearnow-cdn.com/build/1730313606/css/sites/main.css
Requested by
Host: goldielocksrevenge.hearnow.com
URL: https://goldielocksrevenge.hearnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-79.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a436b218fef76e5ebb40d994ef0a0bac476bc250d88bc7f41e20fa7d3a8e10d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

x-amz-cf-pop
IAD89-C3
vary
accept-encoding
content-encoding
gzip
x-amz-version-id
xhtSJHUoJ6CLrNBx5mJ4aj3gUi40pWi4
etag
W/"ad24c07bfdf685b724a0dc16635ec98b"
age
25714
via
1.1 600860a2fda807ac628822c14b5de860.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
9Uk3hi7ek11E7K82fGKVtHbo5a0EKOiWUIN3MwazhtjBQXtSsO6gHA==
date
Wed, 20 Nov 2024 08:34:49 GMT
content-type
text/css
last-modified
Wed, 30 Oct 2024 18:40:58 GMT
x-amz-expiration
expiry-date="Sat, 31 Oct 2026 00:00:00 GMT", rule-id="all"
server
AmazonS3
x-amz-server-side-encryption
AES256
page_view_album.css
static.production.hearnow-cdn.com/build/1730313606/css/sites/ 		85 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.production.hearnow-cdn.com/build/1730313606/css/sites/page_view_album.css
Requested by
Host: goldielocksrevenge.hearnow.com
URL: https://goldielocksrevenge.hearnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-79.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa53ca9f515177b0b313379eae3788aa97546f98a04cd5fa715c98061bd30caa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

x-amz-cf-pop
IAD89-C3
vary
accept-encoding
content-encoding
gzip
x-amz-version-id
ewhD9SRnVKyi6F.SEMSUoMKAseBm07hX
etag
W/"0c73ffc5dce3ecc0c34f8bf3d2e1aa9b"
age
16367
via
1.1 600860a2fda807ac628822c14b5de860.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
qYByj2maN7BswfU8GPxVmZw8SS8JQE1PHVUMdzj-ZAS97Q20jj30Ww==
date
Wed, 20 Nov 2024 11:10:36 GMT
content-type
text/css
last-modified
Wed, 30 Oct 2024 18:40:58 GMT
x-amz-expiration
expiry-date="Sat, 31 Oct 2026 00:00:00 GMT", rule-id="all"
server
AmazonS3
x-amz-server-side-encryption
AES256
theme_darkvslight.css
static.production.hearnow-cdn.com/build/1730313606/css/sites/ 		3 KB
887 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.production.hearnow-cdn.com/build/1730313606/css/sites/theme_darkvslight.css
Requested by
Host: goldielocksrevenge.hearnow.com
URL: https://goldielocksrevenge.hearnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-79.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e2fb5fbe67ef1a51a135b2a4e073fe95514b863fc8a927f2c752e79d1df7ab5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

x-amz-cf-pop
IAD89-C3
vary
accept-encoding
content-encoding
gzip
x-amz-version-id
8Ir8aaxM083cD_8g1pt7g2Viruo1l.kd
etag
W/"4910502821588ef9fb043c5e562b2a85"
age
18576
via
1.1 600860a2fda807ac628822c14b5de860.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
NVB-TcThQP7PD8fCkFlyzlplEzdDcB75KjSI5H862xVXtwdktP63ig==
date
Wed, 20 Nov 2024 10:33:47 GMT
content-type
text/css
last-modified
Wed, 30 Oct 2024 18:40:58 GMT
x-amz-expiration
expiry-date="Sat, 31 Oct 2026 00:00:00 GMT", rule-id="all"
server
AmazonS3
x-amz-server-side-encryption
AES256
main.js
static.production.hearnow-cdn.com/build/1730313606/js/sites/ 		333 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.production.hearnow-cdn.com/build/1730313606/js/sites/main.js
Requested by
Host: goldielocksrevenge.hearnow.com
URL: https://goldielocksrevenge.hearnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-79.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee471e7ef20df5ebe7ea23edd8be42c5acbde648a5bec4533422258a64f7a56e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

x-amz-cf-pop
IAD89-C3
vary
accept-encoding
content-encoding
gzip
x-amz-version-id
rl3w_hTSlMpekjZABlqq8ZB83DRbmHAA
etag
W/"807d5d33e9ff0f7126d5af2d31f3d6d3"
age
20439
via
1.1 600860a2fda807ac628822c14b5de860.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
9Sb7MHCaEi2bJ9EUKRnf8yiZAH-RVYt7pcw_OBEUSbKewa9246H_1Q==
date
Wed, 20 Nov 2024 10:02:44 GMT
content-type
application/javascript
last-modified
Wed, 30 Oct 2024 18:40:59 GMT
x-amz-expiration
expiry-date="Sat, 31 Oct 2026 00:00:00 GMT", rule-id="all"
server
AmazonS3
x-amz-server-side-encryption
AES256
page_view_album.js
static.production.hearnow-cdn.com/build/1730313606/js/sites/ 		56 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.production.hearnow-cdn.com/build/1730313606/js/sites/page_view_album.js
Requested by
Host: goldielocksrevenge.hearnow.com
URL: https://goldielocksrevenge.hearnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-79.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b46f3940431743fd18860fb3bde018cfbddca88e7fa508801210340bdc635a7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

x-amz-cf-pop
IAD89-C3
vary
accept-encoding
content-encoding
gzip
x-amz-version-id
eK38juLHZq6fjOAcN0yYRReJD6_FLmm_
etag
W/"8f4773ffbe1e72b3aa7453b2d67550ec"
age
21751
via
1.1 600860a2fda807ac628822c14b5de860.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
vlFC9CsV9WICRWPJ0cvasNBYTh9t3b-PE4Uvw5JbJra7s7eqLthtEA==
date
Wed, 20 Nov 2024 09:40:52 GMT
content-type
application/javascript
last-modified
Wed, 30 Oct 2024 18:40:59 GMT
x-amz-expiration
expiry-date="Sat, 31 Oct 2026 00:00:00 GMT", rule-id="all"
server
AmazonS3
x-amz-server-side-encryption
AES256
multialbum.js
static.production.hearnow-cdn.com/build/1730313606/js/views/sites/ 		590 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.production.hearnow-cdn.com/build/1730313606/js/views/sites/multialbum.js
Requested by
Host: goldielocksrevenge.hearnow.com
URL: https://goldielocksrevenge.hearnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-79.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4f31e9f5152d602f99fa597cc88704023e244e5b38bf0ca1cbeec59fb4415d86

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

x-amz-version-id
TKm7pGoHOYPHru6ic3Sxvy5ZYLnI6bKo
etag
"cacedc37493a2ca22a929e500b661f91"
age
11172
x-cache
Hit from cloudfront
x-amz-cf-id
ZPdqh41bRWQxJTMqGVqGm9D4_egZSdnNQJTXN5fjQVl9vBbf3_-63A==
date
Wed, 20 Nov 2024 12:38:36 GMT
content-type
application/javascript
vary
accept-encoding
x-amz-expiration
expiry-date="Sat, 31 Oct 2026 00:00:00 GMT", rule-id="all"
last-modified
Wed, 30 Oct 2024 18:40:59 GMT
via
1.1 600860a2fda807ac628822c14b5de860.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
590
x-amz-cf-pop
IAD89-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
page_view_album-spotify.js
static.production.hearnow-cdn.com/build/1730313606/js/sites/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.production.hearnow-cdn.com/build/1730313606/js/sites/page_view_album-spotify.js
Requested by
Host: goldielocksrevenge.hearnow.com
URL: https://goldielocksrevenge.hearnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-79.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
649ab03343a1081f81ee8e5f260c1c05a9145f394dc85baadeef2767f2298b9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

x-amz-cf-pop
IAD89-C3
vary
accept-encoding
content-encoding
gzip
x-amz-version-id
pmLYWwGNpsV9zX1bpfNuyZjEhThpTzEA
etag
W/"1cc04a0ea8714054379e68d2e5ee6246"
age
13991
via
1.1 600860a2fda807ac628822c14b5de860.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
TC5PfH9oUV4F7UbTwlhy_eDzPtBUJtDrhU3B7PNYrXqdqSZUCPwgQw==
date
Wed, 20 Nov 2024 11:50:11 GMT
content-type
application/javascript
last-modified
Wed, 30 Oct 2024 18:40:59 GMT
x-amz-expiration
expiry-date="Sat, 31 Oct 2026 00:00:00 GMT", rule-id="all"
server
AmazonS3
x-amz-server-side-encryption
AES256
play_button_overlay.png
static.production.hearnow-cdn.com/build/1730313606/img/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.production.hearnow-cdn.com/build/1730313606/img/play_button_overlay.png
Requested by
Host: goldielocksrevenge.hearnow.com
URL: https://goldielocksrevenge.hearnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-79.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
efa4fb83ed341ef1c4fe261288a41b4438e271bd7607dbcbc50a48de84fb39c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

x-amz-version-id
74lw6OYEiTWYDMxUTyvr5zsXX_SMTREm
etag
"684eb496f269d5a97c75093bba38e092"
age
19100
x-cache
Hit from cloudfront
x-amz-cf-id
sBp9Ml3iwvFsBJOf5o7CkaKEq2HwsZbkNT2QYzDclUz1IFj1GtOaUw==
date
Wed, 20 Nov 2024 10:25:03 GMT
content-type
image/png
vary
accept-encoding
x-amz-expiration
expiry-date="Sat, 31 Oct 2026 00:00:00 GMT", rule-id="all"
last-modified
Wed, 30 Oct 2024 18:41:06 GMT
via
1.1 600860a2fda807ac628822c14b5de860.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
57203
x-amz-cf-pop
IAD89-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
pause_button_overlay.png
static.production.hearnow-cdn.com/build/1730313606/img/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.production.hearnow-cdn.com/build/1730313606/img/pause_button_overlay.png
Requested by
Host: goldielocksrevenge.hearnow.com
URL: https://goldielocksrevenge.hearnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-79.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0316561914aef02f6623547cc1455a1ceda616fa2e1a3149eb413c3bcfda3f15

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

x-amz-version-id
B6DQ9.WgnpJUO4FYBvd1t9tgxvPlry_H
etag
"22cd7d9952e301efbb77340b29886efc"
age
14285
x-cache
Hit from cloudfront
x-amz-cf-id
Zayx836kaOZyMSBCd2jI0DbIr2WX2HtBp4Opc6VQPIxT4vYWXOwmUg==
date
Wed, 20 Nov 2024 11:45:17 GMT
content-type
image/png
vary
accept-encoding
x-amz-expiration
expiry-date="Sat, 31 Oct 2026 00:00:00 GMT", rule-id="all"
last-modified
Wed, 30 Oct 2024 18:41:06 GMT
via
1.1 600860a2fda807ac628822c14b5de860.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
56761
x-amz-cf-pop
IAD89-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
large.jpg
goldielocksrevenge.hearnow.com/dynamic/images/fsalb03668150/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://goldielocksrevenge.hearnow.com/dynamic/images/fsalb03668150/large.jpg
Requested by
Host: goldielocksrevenge.hearnow.com
URL: https://goldielocksrevenge.hearnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.30.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3189c82877cb204eba224a6b9033509f47eb2eb184989cc7bf83d05eacd514b
Security Headers
Name Value
Content-Security-Policy base-uri 'self';connect-src 'self' https://*.hearnow-cdn.com site-stats.hearnow.com https://api.spotify.com https://api.found.ee https://api.recurly.com https://stckjs.stackify.com https://rum.stackify.com *.cookieyes.com cdn-cookieyes.com;default-src 'self' https://api.recurly.com;font-src 'self' https://*.hearnow-cdn.com fonts.gstatic.com;form-action 'self' https://auth.cdbaby.com;frame-src 'self' site-stats.hearnow.com mailto: https://open.spotify.com https://accounts.spotify.com https://api.recurly.com;img-src 'self' https://*.hearnow-cdn.com site-stats.hearnow.com data: https://open.scdn.co https://www.gstatic.com cdn-cookieyes.com;media-src 'self' content.cdbaby.com;object-src 'none';script-src 'self' 'nonce-ZfJ4qhqczBZHGumio1M1MmBtgPKmvwjb' https://*.hearnow-cdn.com site-stats.hearnow.com https://found.ee/dmp/pixel.js https://*.adnxs.com https://api.recurly.com https://js.recurly.com https://stckjs.stackify.com cdn-cookieyes.com;style-src 'self' 'unsafe-inline' https://*.hearnow-cdn.com https://api.recurly.com https://js.recurly.com fonts.googleapis.com
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

cf-cache-status
MISS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 15:43:23 GMT
content-type
image/jpg
feature-policy
autoplay 'none'; document-domain 'none'; document-write 'none'; font-display-late-swap 'none'; layout-animations 'none'; legacy-image-formats 'none'; oversized-images 'none'; sync-script 'none'; unsized-media 'none'
vary
Accept-Encoding
last-modified
Wed, 20 Nov 2024 15:43:23 GMT
strict-transport-security
max-age=2592000
content-security-policy
base-uri 'self';connect-src 'self' https://*.hearnow-cdn.com site-stats.hearnow.com https://api.spotify.com https://api.found.ee https://api.recurly.com https://stckjs.stackify.com https://rum.stackify.com *.cookieyes.com cdn-cookieyes.com;default-src 'self' https://api.recurly.com;font-src 'self' https://*.hearnow-cdn.com fonts.gstatic.com;form-action 'self' https://auth.cdbaby.com;frame-src 'self' site-stats.hearnow.com mailto: https://open.spotify.com https://accounts.spotify.com https://api.recurly.com;img-src 'self' https://*.hearnow-cdn.com site-stats.hearnow.com data: https://open.scdn.co https://www.gstatic.com cdn-cookieyes.com;media-src 'self' content.cdbaby.com;object-src 'none';script-src 'self' 'nonce-ZfJ4qhqczBZHGumio1M1MmBtgPKmvwjb' https://*.hearnow-cdn.com site-stats.hearnow.com https://found.ee/dmp/pixel.js https://*.adnxs.com https://api.recurly.com https://js.recurly.com https://stckjs.stackify.com cdn-cookieyes.com;style-src 'self' 'unsafe-inline' https://*.hearnow-cdn.com https://api.recurly.com https://js.recurly.com fonts.googleapis.com
cache-control
no-cache, private
referrer-policy
no-referrer-when-downgrade
cf-ray
8e598e2888950992-MIA
x-stackifyid
V1|76ce391b-76bd-4b79-8bab-8ac987fca9a0|C66774|CD198|
x-xss-protection
1; mode=block
server
cloudflare
tracks_partial.js
static.production.hearnow-cdn.com/build/1730313606/js/views/sites/ 		371 B
841 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.production.hearnow-cdn.com/build/1730313606/js/views/sites/tracks_partial.js
Requested by
Host: goldielocksrevenge.hearnow.com
URL: https://goldielocksrevenge.hearnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-79.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0099c3f7af52e8ad09529a0013033857f85d69ccb2f05693f35de94ca6cc4750

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

x-amz-version-id
BMGeFobbguV0Kij5Jtyxi3Zw03R14KS.
etag
"dd4327e85ced6217e626c01163b2de8b"
age
4448
x-cache
Hit from cloudfront
x-amz-cf-id
IGBKiZD69TUb7XBx3ilU5dzv9mpwizRPJvZ6co-YfbPAX-IfPRgk5w==
date
Wed, 20 Nov 2024 14:30:24 GMT
content-type
application/javascript
vary
accept-encoding
x-amz-expiration
expiry-date="Sat, 31 Oct 2026 00:00:00 GMT", rule-id="all"
last-modified
Wed, 30 Oct 2024 18:40:59 GMT
via
1.1 600860a2fda807ac628822c14b5de860.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
371
x-amz-cf-pop
IAD89-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
medium.jpg
goldielocksrevenge.hearnow.com/dynamic/images/t9alb03469342/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://goldielocksrevenge.hearnow.com/dynamic/images/t9alb03469342/medium.jpg
Requested by
Host: goldielocksrevenge.hearnow.com
URL: https://goldielocksrevenge.hearnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.30.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20bff17b0339665a4917cd387579419a71900afcc6df80b3cddf96c7ad63e701
Security Headers
Name Value
Content-Security-Policy base-uri 'self';connect-src 'self' https://*.hearnow-cdn.com site-stats.hearnow.com https://api.spotify.com https://api.found.ee https://api.recurly.com https://stckjs.stackify.com https://rum.stackify.com *.cookieyes.com cdn-cookieyes.com;default-src 'self' https://api.recurly.com;font-src 'self' https://*.hearnow-cdn.com fonts.gstatic.com;form-action 'self' https://auth.cdbaby.com;frame-src 'self' site-stats.hearnow.com mailto: https://open.spotify.com https://accounts.spotify.com https://api.recurly.com;img-src 'self' https://*.hearnow-cdn.com site-stats.hearnow.com data: https://open.scdn.co https://www.gstatic.com cdn-cookieyes.com;media-src 'self' content.cdbaby.com;object-src 'none';script-src 'self' 'nonce-xOrBcXPPwt1RhLAiF6zG0xNndP0VrYzR' https://*.hearnow-cdn.com site-stats.hearnow.com https://found.ee/dmp/pixel.js https://*.adnxs.com https://api.recurly.com https://js.recurly.com https://stckjs.stackify.com cdn-cookieyes.com;style-src 'self' 'unsafe-inline' https://*.hearnow-cdn.com https://api.recurly.com https://js.recurly.com fonts.googleapis.com
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

cf-cache-status
MISS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 15:43:23 GMT
content-type
image/jpg
feature-policy
autoplay 'none'; document-domain 'none'; document-write 'none'; font-display-late-swap 'none'; layout-animations 'none'; legacy-image-formats 'none'; oversized-images 'none'; sync-script 'none'; unsized-media 'none'
vary
Accept-Encoding
last-modified
Wed, 20 Nov 2024 15:43:23 GMT
strict-transport-security
max-age=2592000
content-security-policy
base-uri 'self';connect-src 'self' https://*.hearnow-cdn.com site-stats.hearnow.com https://api.spotify.com https://api.found.ee https://api.recurly.com https://stckjs.stackify.com https://rum.stackify.com *.cookieyes.com cdn-cookieyes.com;default-src 'self' https://api.recurly.com;font-src 'self' https://*.hearnow-cdn.com fonts.gstatic.com;form-action 'self' https://auth.cdbaby.com;frame-src 'self' site-stats.hearnow.com mailto: https://open.spotify.com https://accounts.spotify.com https://api.recurly.com;img-src 'self' https://*.hearnow-cdn.com site-stats.hearnow.com data: https://open.scdn.co https://www.gstatic.com cdn-cookieyes.com;media-src 'self' content.cdbaby.com;object-src 'none';script-src 'self' 'nonce-xOrBcXPPwt1RhLAiF6zG0xNndP0VrYzR' https://*.hearnow-cdn.com site-stats.hearnow.com https://found.ee/dmp/pixel.js https://*.adnxs.com https://api.recurly.com https://js.recurly.com https://stckjs.stackify.com cdn-cookieyes.com;style-src 'self' 'unsafe-inline' https://*.hearnow-cdn.com https://api.recurly.com https://js.recurly.com fonts.googleapis.com
cache-control
no-cache, private
referrer-policy
no-referrer-when-downgrade
cf-ray
8e598e2898a80992-MIA
x-stackifyid
V1|c7441f53-ebbf-45f6-9770-bbb978b1f8d0|C66774|CD198|
x-xss-protection
1; mode=block
server
cloudflare
hearnow_logo.min.svg
goldielocksrevenge.hearnow.com/build/min/svg/site_logos/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://goldielocksrevenge.hearnow.com/build/min/svg/site_logos/hearnow_logo.min.svg
Requested by
Host: goldielocksrevenge.hearnow.com
URL: https://goldielocksrevenge.hearnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.30.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3fdcea101232877ed46b400fb139836ab45e094ad561c926dd96ccb69f53ad0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
MISS
etag
W/"67227dac-12a2"
cf-ray
8e598e2898a90992-MIA
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 15:43:23 GMT
content-type
image/svg+xml
last-modified
Wed, 30 Oct 2024 18:40:44 GMT
vary
Accept-Encoding
server
cloudflare
cdbaby_logo.min.svg
goldielocksrevenge.hearnow.com/build/min/svg/site_logos/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://goldielocksrevenge.hearnow.com/build/min/svg/site_logos/cdbaby_logo.min.svg
Requested by
Host: goldielocksrevenge.hearnow.com
URL: https://goldielocksrevenge.hearnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.30.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25ef9ef4bf4e1e990aa99baeb40abb607d1aecca16e4db8ec0a4fdc377772755
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
MISS
etag
W/"67227dac-b5a"
cf-ray
8e598e2898aa0992-MIA
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 15:43:23 GMT
content-type
image/svg+xml
last-modified
Wed, 30 Oct 2024 18:40:44 GMT
vary
Accept-Encoding
server
cloudflare
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: goldielocksrevenge.hearnow.com
URL: https://goldielocksrevenge.hearnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://goldielocksrevenge.hearnow.com
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8e598e2909b7da53-MIA
access-control-allow-origin
*
date
Wed, 20 Nov 2024 15:43:23 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
log
log.cookieyes.com/api/v1/ 		2 B
219 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.cookieyes.com/api/v1/log
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/e2f2dc73a5eae8d1ccce8439/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.227.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-227-89.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryBWMNAiOWCSjNlY3e
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

x-robots-tag
noindex, nofollow
link
<https://www.cookieyes.com>; rel="canonical"
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-origin
*
content-length
2
date
Wed, 20 Nov 2024 15:43:23 GMT
content-type
text/plain; charset=utf-8
x-powered-by
Express
banner.js
cdn-cookieyes.com/client_data/e2f2dc73a5eae8d1ccce8439/ 		102 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/e2f2dc73a5eae8d1ccce8439/banner.js
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/e2f2dc73a5eae8d1ccce8439/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1d9e22750e604423e6816f37927437771e6788ec285b8fb397db8778eed3841

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding
gzip
cf-cache-status
HIT
etag
"196cd-625d510d75910-gzip"
age
460038
access-control-allow-methods
GET, OPTIONS
cf-ray
8e598e2898869071-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
33975
date
Wed, 20 Nov 2024 15:43:22 GMT
content-type
application/javascript
last-modified
Fri, 01 Nov 2024 07:41:41 GMT
vary
Accept-Encoding
server
cloudflare
/
site-stats.hearnow.com/js/ 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site-stats.hearnow.com/js/
Requested by
Host: goldielocksrevenge.hearnow.com
URL: https://goldielocksrevenge.hearnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.30.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0995371a359a4a701d66f8b183de6144de9a042e5bac84b6f920968f51567742
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

server
cloudflare
strict-transport-security
max-age=2592000
cache-control
public, must-revalidate
content-encoding
gzip
cf-cache-status
DYNAMIC
cf-ray
8e598e2989810992-MIA
expires
Sat, 30 Nov 2024 15:43:23 GMT
alt-svc
h3=":443"; ma=86400
content-length
23672
date
Wed, 20 Nov 2024 15:43:23 GMT
last-modified
Thu, 10 Sep 2020 22:55:10 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
inline; filename=matomo.js
marvel-v7-latin-700.woff2
static.production.hearnow-cdn.com/build/1730313606/fonts/marvel/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.production.hearnow-cdn.com/build/1730313606/fonts/marvel/marvel-v7-latin-700.woff2
Requested by
Host: static.production.hearnow-cdn.com
URL: https://static.production.hearnow-cdn.com/build/1730313606/css/sites/theme_darkvslight.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-79.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a77fb64df1103aefa118cbe2595949af995a567fcd3e144a4d27ee21d5497f58

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://goldielocksrevenge.hearnow.com
Referer
https://static.production.hearnow-cdn.com/build/1730313606/css/sites/theme_darkvslight.css

Response headers

access-control-max-age
0
etag
"5a650ef5bc596b4d22b55b7e95481ba6"
x-amz-version-id
3369K7BY9vTD.Z4afE3nJIX656BNvpoA
access-control-allow-methods
GET
x-cache
Miss from cloudfront
x-amz-cf-id
umnipoj2y50ZVVcfr1yh7D14FrBioIFtAacftjJQkmx8-sEkFNYvkw==
date
Wed, 20 Nov 2024 15:43:24 GMT
content-type
binary/octet-stream
vary
Origin
x-amz-expiration
expiry-date="Sat, 31 Oct 2026 00:00:00 GMT", rule-id="all"
last-modified
Wed, 30 Oct 2024 18:41:03 GMT
access-control-allow-credentials
true
via
1.1 de2ed3c94563fee614f35f9bc3f52d1c.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
https://goldielocksrevenge.hearnow.com
content-length
11320
x-amz-cf-pop
IAD89-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
marvel-v7-latin-regular.woff2
static.production.hearnow-cdn.com/build/1730313606/fonts/marvel/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.production.hearnow-cdn.com/build/1730313606/fonts/marvel/marvel-v7-latin-regular.woff2
Requested by
Host: static.production.hearnow-cdn.com
URL: https://static.production.hearnow-cdn.com/build/1730313606/css/sites/theme_darkvslight.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-79.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54c8bae13ae5966808ffc88999e11535ff51dfd2f99fdec8e8be201784494bf9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://goldielocksrevenge.hearnow.com
Referer
https://static.production.hearnow-cdn.com/build/1730313606/css/sites/theme_darkvslight.css

Response headers

access-control-max-age
0
etag
"b616727f9e53bb4f7f217f005e45ef50"
x-amz-version-id
JH4YAHRWWmkOHMsMnUY7alAuPDlDthMT
access-control-allow-methods
GET
x-cache
Miss from cloudfront
x-amz-cf-id
QToH8q8dJaTdBIvvhGbhYlZERpxad6ONyGaCNq3ejnG0kWpRiyLuPw==
date
Wed, 20 Nov 2024 15:43:24 GMT
content-type
binary/octet-stream
vary
Origin
x-amz-expiration
expiry-date="Sat, 31 Oct 2026 00:00:00 GMT", rule-id="all"
last-modified
Wed, 30 Oct 2024 18:41:03 GMT
access-control-allow-credentials
true
via
1.1 de2ed3c94563fee614f35f9bc3f52d1c.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
https://goldielocksrevenge.hearnow.com
content-length
11080
x-amz-cf-pop
IAD89-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
marvel-v7-latin-italic.woff2
static.production.hearnow-cdn.com/build/1730313606/fonts/marvel/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.production.hearnow-cdn.com/build/1730313606/fonts/marvel/marvel-v7-latin-italic.woff2
Requested by
Host: static.production.hearnow-cdn.com
URL: https://static.production.hearnow-cdn.com/build/1730313606/css/sites/theme_darkvslight.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-79.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3fb72de205f464740e31a5512c88c9e60f6600a04fe9f1bceda274508540167

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://goldielocksrevenge.hearnow.com
Referer
https://static.production.hearnow-cdn.com/build/1730313606/css/sites/theme_darkvslight.css

Response headers

access-control-max-age
0
etag
"6cf95b862a9df7866af74372fa8b84d8"
x-amz-version-id
a4bSIlkZqImDiJJfAsgA3Jhr8QFf85s9
access-control-allow-methods
GET
x-cache
Miss from cloudfront
x-amz-cf-id
gSSoNKoXMnHouSvPKLEWQNiFOn-k0cjRANtm90QpeEf0W1jAEeJa5A==
date
Wed, 20 Nov 2024 15:43:24 GMT
content-type
binary/octet-stream
vary
Origin
x-amz-expiration
expiry-date="Sat, 31 Oct 2026 00:00:00 GMT", rule-id="all"
last-modified
Wed, 30 Oct 2024 18:41:03 GMT
access-control-allow-credentials
true
via
1.1 de2ed3c94563fee614f35f9bc3f52d1c.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
https://goldielocksrevenge.hearnow.com
content-length
11960
x-amz-cf-pop
IAD89-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
fa-solid-900.woff2
static.production.hearnow-cdn.com/build/1730313606/css/libs/font-awesome/webfonts/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.production.hearnow-cdn.com/build/1730313606/css/libs/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: static.production.hearnow-cdn.com
URL: https://static.production.hearnow-cdn.com/build/1730313606/css/sites/page_view_album.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-79.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://goldielocksrevenge.hearnow.com
Referer
https://static.production.hearnow-cdn.com/build/1730313606/css/sites/page_view_album.css

Response headers

access-control-max-age
0
etag
"44d537ab79f921fde5a28b2c1636f397"
x-amz-version-id
qmTKdFXir1v6HA2Jx425y8vcB_xZeU3J
access-control-allow-methods
GET
x-cache
Miss from cloudfront
x-amz-cf-id
KHNYJEM4vgvMsQw3o6tjku8e-n77OeoaQFnpeOnk76oPUCSIJIpByg==
date
Wed, 20 Nov 2024 15:43:24 GMT
content-type
binary/octet-stream
vary
Origin
x-amz-expiration
expiry-date="Sat, 31 Oct 2026 00:00:00 GMT", rule-id="all"
last-modified
Wed, 30 Oct 2024 18:40:58 GMT
access-control-allow-credentials
true
via
1.1 de2ed3c94563fee614f35f9bc3f52d1c.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
https://goldielocksrevenge.hearnow.com
content-length
75728
x-amz-cf-pop
IAD89-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
large_blur.jpg
goldielocksrevenge.hearnow.com/dynamic/images/fsalb03668150/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://goldielocksrevenge.hearnow.com/dynamic/images/fsalb03668150/large_blur.jpg
Requested by
Host: goldielocksrevenge.hearnow.com
URL: https://goldielocksrevenge.hearnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.30.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c96c5cf63ec1e8004d3a0c21e0f4db9667bd00a8b8da259056dea66a74e7279d
Security Headers
Name Value
Content-Security-Policy base-uri 'self';connect-src 'self' https://*.hearnow-cdn.com site-stats.hearnow.com https://api.spotify.com https://api.found.ee https://api.recurly.com https://stckjs.stackify.com https://rum.stackify.com *.cookieyes.com cdn-cookieyes.com;default-src 'self' https://api.recurly.com;font-src 'self' https://*.hearnow-cdn.com fonts.gstatic.com;form-action 'self' https://auth.cdbaby.com;frame-src 'self' site-stats.hearnow.com mailto: https://open.spotify.com https://accounts.spotify.com https://api.recurly.com;img-src 'self' https://*.hearnow-cdn.com site-stats.hearnow.com data: https://open.scdn.co https://www.gstatic.com cdn-cookieyes.com;media-src 'self' content.cdbaby.com;object-src 'none';script-src 'self' 'nonce-ZUpo5t8sV4ZAaXaOH73ao3YjnTzNvyPF' https://*.hearnow-cdn.com site-stats.hearnow.com https://found.ee/dmp/pixel.js https://*.adnxs.com https://api.recurly.com https://js.recurly.com https://stckjs.stackify.com cdn-cookieyes.com;style-src 'self' 'unsafe-inline' https://*.hearnow-cdn.com https://api.recurly.com https://js.recurly.com fonts.googleapis.com
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

cf-cache-status
MISS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 15:43:23 GMT
content-type
image/jpg
feature-policy
autoplay 'none'; document-domain 'none'; document-write 'none'; font-display-late-swap 'none'; layout-animations 'none'; legacy-image-formats 'none'; oversized-images 'none'; sync-script 'none'; unsized-media 'none'
vary
Accept-Encoding
last-modified
Wed, 20 Nov 2024 15:43:23 GMT
strict-transport-security
max-age=2592000
content-security-policy
base-uri 'self';connect-src 'self' https://*.hearnow-cdn.com site-stats.hearnow.com https://api.spotify.com https://api.found.ee https://api.recurly.com https://stckjs.stackify.com https://rum.stackify.com *.cookieyes.com cdn-cookieyes.com;default-src 'self' https://api.recurly.com;font-src 'self' https://*.hearnow-cdn.com fonts.gstatic.com;form-action 'self' https://auth.cdbaby.com;frame-src 'self' site-stats.hearnow.com mailto: https://open.spotify.com https://accounts.spotify.com https://api.recurly.com;img-src 'self' https://*.hearnow-cdn.com site-stats.hearnow.com data: https://open.scdn.co https://www.gstatic.com cdn-cookieyes.com;media-src 'self' content.cdbaby.com;object-src 'none';script-src 'self' 'nonce-ZUpo5t8sV4ZAaXaOH73ao3YjnTzNvyPF' https://*.hearnow-cdn.com site-stats.hearnow.com https://found.ee/dmp/pixel.js https://*.adnxs.com https://api.recurly.com https://js.recurly.com https://stckjs.stackify.com cdn-cookieyes.com;style-src 'self' 'unsafe-inline' https://*.hearnow-cdn.com https://api.recurly.com https://js.recurly.com fonts.googleapis.com
cache-control
no-cache, private
referrer-policy
no-referrer-when-downgrade
cf-ray
8e598e29695c0992-MIA
x-stackifyid
V1|681d95df-402b-48f6-8ca9-445f82eee28d|C66774|CD199|
x-xss-protection
1; mode=block
server
cloudflare
share_icon.png
static.production.hearnow-cdn.com/build/1730313606/img/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.production.hearnow-cdn.com/build/1730313606/img/share_icon.png
Requested by
Host: static.production.hearnow-cdn.com
URL: https://static.production.hearnow-cdn.com/build/1730313606/css/sites/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-79.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94ce66da838f76195eb6ae9dd463777978fac243b1e1382aa4c85bcd49f276d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://static.production.hearnow-cdn.com/build/1730313606/css/sites/main.css

Response headers

x-amz-version-id
dRcENTedUaNfWLjgL2o3sMraYxOG1w65
etag
"9823d8ffdf019b174c2fadac999514e4"
age
4420
x-cache
Hit from cloudfront
x-amz-cf-id
2BQYz8JP-JnKgYMFmT6nwttiysdjlWYLk-sGvNAyYVi1EkP92b3O5g==
date
Wed, 20 Nov 2024 14:29:44 GMT
content-type
image/png
vary
accept-encoding
x-amz-expiration
expiry-date="Sat, 31 Oct 2026 00:00:00 GMT", rule-id="all"
last-modified
Wed, 30 Oct 2024 18:41:06 GMT
via
1.1 600860a2fda807ac628822c14b5de860.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
48251
x-amz-cf-pop
IAD89-C3
server
AmazonS3
x-amz-server-side-encryption
AES256
s.php
site-stats.hearnow.com/ 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site-stats.hearnow.com/s.php?action_name=Goldielock%27s%20Revenge%20-%20Hacking%20the%20Akashic&idsite=212205&rec=1&r=931888&h=5&m=43&s=23&url=https%3A%2F%2Fgoldielocksrevenge.hearnow.com%2F&_id=&_idts=1732117403&_idvc=1&_idn=1&_refts=0&_viewts=1732117403&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=870&pv_id=iZSIne
Requested by
Host: goldielocksrevenge.hearnow.com
URL: https://goldielocksrevenge.hearnow.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.30.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

strict-transport-security
max-age=2592000
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
8e598e2b1af90992-MIA
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 15:43:24 GMT
content-type
image/gif
server
cloudflare
8_j5-UXD.json
cdn-cookieyes.com/client_data/e2f2dc73a5eae8d1ccce8439/ 		16 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/e2f2dc73a5eae8d1ccce8439/8_j5-UXD.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/e2f2dc73a5eae8d1ccce8439/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
867a77cee7590f84a8d5dda78ad73f399ef3350956f4bd0dbdb69aa7a1caa5a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding
gzip
cf-cache-status
MISS
etag
W/"40c6-625d510d74970"
access-control-allow-methods
GET, OPTIONS
cf-ray
8e598e30ed82e9f5-MIA
access-control-allow-origin
*
date
Wed, 20 Nov 2024 15:43:24 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
last-modified
Fri, 01 Nov 2024 07:41:41 GMT
rum
goldielocksrevenge.hearnow.com/cdn-cgi/ 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://goldielocksrevenge.hearnow.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.30.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8e598e3098e60992-MIA
access-control-allow-origin
https://goldielocksrevenge.hearnow.com
date
Wed, 20 Nov 2024 15:43:24 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
favicon_32.png
goldielocksrevenge.hearnow.com/dynamic/images/fsalb03668150/favicon/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://goldielocksrevenge.hearnow.com/dynamic/images/fsalb03668150/favicon/favicon_32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.30.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
825f9195ba9b60c823823cd5cb71acaabba683577f78cfecc52deee5faf7c47d
Security Headers
Name Value
Content-Security-Policy base-uri 'self';connect-src 'self' https://*.hearnow-cdn.com site-stats.hearnow.com https://api.spotify.com https://api.found.ee https://api.recurly.com https://stckjs.stackify.com https://rum.stackify.com *.cookieyes.com cdn-cookieyes.com;default-src 'self' https://api.recurly.com;font-src 'self' https://*.hearnow-cdn.com fonts.gstatic.com;form-action 'self' https://auth.cdbaby.com;frame-src 'self' site-stats.hearnow.com mailto: https://open.spotify.com https://accounts.spotify.com https://api.recurly.com;img-src 'self' https://*.hearnow-cdn.com site-stats.hearnow.com data: https://open.scdn.co https://www.gstatic.com cdn-cookieyes.com;media-src 'self' content.cdbaby.com;object-src 'none';script-src 'self' 'nonce-928l3QcAwdcL9v4ZC1djXhyTghdKDf8B' https://*.hearnow-cdn.com site-stats.hearnow.com https://found.ee/dmp/pixel.js https://*.adnxs.com https://api.recurly.com https://js.recurly.com https://stckjs.stackify.com cdn-cookieyes.com;style-src 'self' 'unsafe-inline' https://*.hearnow-cdn.com https://api.recurly.com https://js.recurly.com fonts.googleapis.com
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

cf-cache-status
MISS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 15:43:24 GMT
content-type
image/png
feature-policy
autoplay 'none'; document-domain 'none'; document-write 'none'; font-display-late-swap 'none'; layout-animations 'none'; legacy-image-formats 'none'; oversized-images 'none'; sync-script 'none'; unsized-media 'none'
vary
Accept-Encoding
last-modified
Wed, 20 Nov 2024 15:43:24 GMT
x-frame-options
DENY
strict-transport-security
max-age=2592000
content-security-policy
base-uri 'self';connect-src 'self' https://*.hearnow-cdn.com site-stats.hearnow.com https://api.spotify.com https://api.found.ee https://api.recurly.com https://stckjs.stackify.com https://rum.stackify.com *.cookieyes.com cdn-cookieyes.com;default-src 'self' https://api.recurly.com;font-src 'self' https://*.hearnow-cdn.com fonts.gstatic.com;form-action 'self' https://auth.cdbaby.com;frame-src 'self' site-stats.hearnow.com mailto: https://open.spotify.com https://accounts.spotify.com https://api.recurly.com;img-src 'self' https://*.hearnow-cdn.com site-stats.hearnow.com data: https://open.scdn.co https://www.gstatic.com cdn-cookieyes.com;media-src 'self' content.cdbaby.com;object-src 'none';script-src 'self' 'nonce-928l3QcAwdcL9v4ZC1djXhyTghdKDf8B' https://*.hearnow-cdn.com site-stats.hearnow.com https://found.ee/dmp/pixel.js https://*.adnxs.com https://api.recurly.com https://js.recurly.com https://stckjs.stackify.com cdn-cookieyes.com;style-src 'self' 'unsafe-inline' https://*.hearnow-cdn.com https://api.recurly.com https://js.recurly.com fonts.googleapis.com
cache-control
no-cache, private
referrer-policy
no-referrer-when-downgrade
cf-ray
8e598e3098e70992-MIA
x-stackifyid
V1|e9bb55b8-0d17-48f3-bf8d-59ac3ab5d095|C66774|CD199|
x-xss-protection
1; mode=block
server
cloudflare
ip
directory.cookieyes.com/api/v1/ 		118 B
338 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://directory.cookieyes.com/api/v1/ip
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/e2f2dc73a5eae8d1ccce8439/banner.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.214.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-214-125.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
c0460cf65701e0755768166b2c2442107b057fca82245056c471b1e7e5ab75c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

x-robots-tag
noindex, nofollow
link
<https://www.cookieyes.com>; rel="canonical"
etag
W/"76-gxMl+RepZv4oNB+XFEKuia4u1X0"
access-control-allow-origin
*
content-length
118
date
Wed, 20 Nov 2024 15:43:25 GMT
content-type
text/html; charset=utf-8
x-powered-by
Express
p_uKts2H.json
cdn-cookieyes.com/client_data/e2f2dc73a5eae8d1ccce8439/config/ 		27 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/e2f2dc73a5eae8d1ccce8439/config/p_uKts2H.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/e2f2dc73a5eae8d1ccce8439/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e9539a8da8dc04fa844486ccc8df1dfff1589c1a404a9dbf565614e4aebcfad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding
gzip
cf-cache-status
MISS
etag
W/"6c2e-625d510d75910"
access-control-allow-methods
GET, OPTIONS
cf-ray
8e598e36a87ce9f5-MIA
access-control-allow-origin
*
date
Wed, 20 Nov 2024 15:43:25 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
last-modified
Fri, 01 Nov 2024 07:41:41 GMT
5wBnBwy3.json
cdn-cookieyes.com/client_data/e2f2dc73a5eae8d1ccce8439/translations/ 		2 KB
887 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/e2f2dc73a5eae8d1ccce8439/translations/5wBnBwy3.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/e2f2dc73a5eae8d1ccce8439/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b405742f66d0f98ca6633b16ad3ebacc122b2bd063f08afde7bc320c6557e1c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding
gzip
cf-cache-status
MISS
etag
W/"77b-625d510d75910"
access-control-allow-methods
GET, OPTIONS
cf-ray
8e598e37dc76e9f5-MIA
access-control-allow-origin
*
date
Wed, 20 Nov 2024 15:43:25 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
last-modified
Fri, 01 Nov 2024 07:41:41 GMT
oaqTCiED.json
cdn-cookieyes.com/client_data/e2f2dc73a5eae8d1ccce8439/audit-table/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/e2f2dc73a5eae8d1ccce8439/audit-table/oaqTCiED.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/e2f2dc73a5eae8d1ccce8439/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cafe2e4d7dba423e821460cd9522c9acc7156626580248d764713c509022f43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
content-encoding
gzip
cf-cache-status
MISS
etag
W/"fde-625d510d74970"
access-control-allow-methods
GET, OPTIONS
cf-ray
8e598e394939e9f5-MIA
access-control-allow-origin
*
date
Wed, 20 Nov 2024 15:43:25 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
last-modified
Fri, 01 Nov 2024 07:41:41 GMT
stckjs.js
stckjs.stackify.com/ 		128 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://stckjs.stackify.com/stckjs.js
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/e2f2dc73a5eae8d1ccce8439/banner.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8733) /
Resource Hash
f2057dcdfebe4331166571b0ba67f241a2c96878d79b5ab4117470c702d0bb72

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

content-md5
hYrhQXqEty1B86uMIYdEDQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8D96336CDA951FD
age
518579
x-cache
HIT
date
Wed, 20 Nov 2024 15:43:22 GMT
content-type
text/javascript
last-modified
Thu, 19 Aug 2021 17:28:47 GMT
x-ms-request-id
8a4febc4-e01e-006f-64ab-365ad6000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
130600
x-ms-blob-type
BlockBlob
server
ECAcc (mid/8733)
pixel.js
found.ee/dmp/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://found.ee/dmp/pixel.js?t=1732147200000
Requested by
Host: goldielocksrevenge.hearnow.com
URL: https://goldielocksrevenge.hearnow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.245.122.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-245-122-215.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
10d39387980cf724e46e7904bc060ad6f0e7ec36059d84d226a7b28d131c419c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
etag
W/"72889427d75a75e4b417feb1c9c13dd7"
date
Wed, 20 Nov 2024 15:43:26 GMT
content-type
application/javascript
last-modified
Wed, 23 Oct 2024 09:17:03 GMT
server
nginx/1.18.0 (Ubuntu)
x-amz-server-side-encryption
AES256
revisit.svg
cdn-cookieyes.com/assets/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-cookieyes.com/assets/images/revisit.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed7c487f915432d9464e2af0a83002ee93596e86e076f3c917e439e5b844d08b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

cache-control
max-age=0, s-maxage=604800, proxy-revalidate
content-encoding
gzip
cf-cache-status
HIT
etag
W/"923-5da3a668dacc0"
age
100561
cf-ray
8e598e3a8a739071-MIA
access-control-allow-origin
*
date
Wed, 20 Nov 2024 15:43:25 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
cloudflare
last-modified
Tue, 15 Mar 2022 04:40:47 GMT
close.svg
cdn-cookieyes.com/assets/images/ 		1 KB
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-cookieyes.com/assets/images/close.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3b5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

cache-control
max-age=0, s-maxage=604800, proxy-revalidate
content-encoding
gzip
cf-cache-status
HIT
etag
W/"541-5da3a66c769d4"
age
443275
cf-ray
8e598e3a8a769071-MIA
access-control-allow-origin
*
date
Wed, 20 Nov 2024 15:43:25 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
cloudflare
last-modified
Tue, 15 Mar 2022 04:40:50 GMT
s.php
site-stats.hearnow.com/ 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site-stats.hearnow.com/s.php?ping=1&idsite=212205&rec=1&r=499230&h=5&m=43&s=25&url=https%3A%2F%2Fgoldielocksrevenge.hearnow.com%2F&_id=994020e135af4ade&_idts=1732117406&_idvc=1&_idn=0&_refts=0&_viewts=1732117406&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=870&pv_id=iZSIne
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.30.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

strict-transport-security
max-age=2592000
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
8e598e3a8a5c0992-MIA
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 15:43:26 GMT
content-type
image/gif
server
cloudflare
log
log.cookieyes.com/api/v1/ 		2 B
218 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.cookieyes.com/api/v1/log
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/e2f2dc73a5eae8d1ccce8439/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.227.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-227-89.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary8xPdpogCCP5jAR6c
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

x-robots-tag
noindex, nofollow
link
<https://www.cookieyes.com>; rel="canonical"
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-origin
*
content-length
2
date
Wed, 20 Nov 2024 15:43:25 GMT
content-type
text/plain; charset=utf-8
x-powered-by
Express
630fd20a-130f-4d6a-a441-fe94a640f93a
api.found.ee/universal/ 		47 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.found.ee/universal/630fd20a-130f-4d6a-a441-fe94a640f93a
Requested by
Host: found.ee
URL: https://found.ee/dmp/pixel.js?t=1732147200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.149.222.114 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-222-114.us-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
ef250bde01e23b4087ad18747062fff2490e54727d526381385430fc57941fe6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
Content-Disposition
content-encoding
gzip
access-control-allow-origin
*
date
Wed, 20 Nov 2024 15:43:26 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server
openresty
getuidp
ib.adnxs.com/ 		27 B
704 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidp?callback=onAppNexusLoad
Requested by
Host: found.ee
URL: https://found.ee/dmp/pixel.js?t=1732147200000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
d76079f310e96aca2adb6fc6d024c33abc9d319a732eb6530b8b18d6fb5d1290
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
38.132.118.70; 38.132.118.70; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
e9a9a5d1-0a1a-4d2b-b030-1a47572f3066
content-length
27
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Wed, 20 Nov 2024 15:43:26 GMT
x-xss-protection
0
content-type
application/javascript; charset=utf-8
server
nginx/1.23.4
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=16260054&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D16260054%26t%3D1
0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D16260054%26t%3D1
Protocol
H2
Server
68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
38.132.118.70; 38.132.118.70; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
5d2f9de0-6961-45b1-9ec5-db33556e9ee3
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Wed, 20 Nov 2024 15:43:26 GMT
x-xss-protection
0
content-type
application/javascript; charset=utf-8
server
nginx/1.23.4

Redirect headers

cache-control
no-store, no-cache, private
location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D16260054%26t%3D1
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
38.132.118.70; 38.132.118.70; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
56e25f1e-0576-466f-b3ff-51185e9775d5
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Wed, 20 Nov 2024 15:43:26 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
630fd20a-130f-4d6a-a441-fe94a640f93a
api.found.ee/dmp/fire/ 		0
232 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.found.ee/dmp/fire/630fd20a-130f-4d6a-a441-fe94a640f93a?mode=c&fnd_creative=&cpg_id=&uid=88405939-9d2c-456e-8013-92920377ad08&ne=true&ca=Y&au=0&de=&dl=https%3A%2F%2Fgoldielocksrevenge.hearnow.com%2F&rl=&dt=Goldielock%27s%20Revenge%20-%20Hacking%20the%20Akashic&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F130.0.0.0%20Safari%2F537.36&lng=en-US&lngs=en-US%2Cen&tz=Pacific%2FHonolulu&tzo=600&scr=1600x1200x24&scrExt=0&scrO=0&scrO2=&oscpu=&os=&platform=Linux%20x86_64&mtp=0&ots=0&mob=0&cpu=&hc=16&ram=8&ce=1&dnt=&bot=0&saios=&sa=0&vendor=Google%20Inc.&plugins=PDF%20Viewer%2CChrome%20PDF%20Viewer%2CChromium%20PDF%20Viewer%2CMicrosoft%20Edge%20PDF%20Viewer%2CWebKit%20built-in%20PDF&wgl=Intel%20Inc.~Intel%20Iris%20OpenGL%20Engine&src=p
Requested by
Host: found.ee
URL: https://found.ee/dmp/pixel.js?t=1732147200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.149.222.114 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-222-114.us-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-origin
*
access-control-expose-headers
Content-Disposition
content-length
0
date
Wed, 20 Nov 2024 15:43:26 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server
openresty
630fd20a-130f-4d6a-a441-fe94a640f93a
api.found.ee/modal/ 		2 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.found.ee/modal/630fd20a-130f-4d6a-a441-fe94a640f93a
Requested by
Host: found.ee
URL: https://found.ee/dmp/pixel.js?t=1732147200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.149.222.114 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-222-114.us-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-expose-headers
Content-Disposition
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
0
access-control-allow-origin
https://goldielocksrevenge.hearnow.com
date
Wed, 20 Nov 2024 15:43:26 GMT
x-xss-protection
1; mode=block
content-type
application/json
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server
openresty
x-frame-options
DENY
pixie.js
acdn.adnxs.com/dmp/up/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: found.ee
URL: https://found.ee/dmp/pixel.js?t=1732147200000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2dde2110b2815bd940b5d681c6bc59f8f65bc1a57049fab33748967266d79f65

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://goldielocksrevenge.hearnow.com/

Response headers

Content-Encoding
gzip
ETag
W/"670fef03-6401"
Age
27936
Expires
Thu, 07 Nov 2024 07:57:25 GMT
X-Cache
HIT, HIT
Date
Wed, 20 Nov 2024 15:43:26 GMT
Content-Type
application/javascript
Last-Modified
Wed, 16 Oct 2024 16:51:15 GMT
X-Served-By
cache-lga21930-LGA, cache-mia-kmia1760060-MIA
X-Cache-Hits
179145, 5325
Vary
Accept-Encoding
Cache-Control
max-age=86402
X-Timer
S1732117407.772112,VS0,VE0
Connection
keep-alive
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
8745
Server
nginx/1.18.0 (Ubuntu)
pixie
ib.adnxs.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ib.adnxs.com
URL
https://ib.adnxs.com/pixie?e=PageView&pi=e91ec610-89ed-4b81-88b4-31f6679f0acb&it=1732117407156&v=0.0.43&u=https%3A%2F%2Fgoldielocksrevenge.hearnow.com%2F&st=1732117406791&et=1732117407157&if=0&uetmsmid=422b218c-75c6-484e-b5bc-795ce21ee219&asce=0&ascc=0&tcfhl=0&tcfe=0&tcfgdpr=0&tcfc=0

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| cookieyes function| $ function| jQuery function| getCkyCookie number| waitForTrackerCount function| matomoWaitForTracker function| consentSet object| _paq string| ckyCook function| foundee_pixel object| PAGE_VIEW_ALBUM object| Modernizr object| core function| ShareButton object| MULTIALBUM function| SpotifyWebApi object| regeneratorRuntime function| revisitCkyConsent function| performBannerAction function| getCkyConsent object| views object| __cfBeacon object| JSON_PIWIK object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log function| foundee object| _perfRefForUserTimingPolyfill function| _ boolean| isStackifyRumScriptLoaded object| FoundeePublicUtils function| onAppNexusLoad function| pixie

12 Cookies

Domain/Path Name / Value
.hearnow.com/ Name: XSRF-TOKEN
Value: eyJpdiI6Im9NUlVraDFmaGF0QlZseXRXTkhTUVE9PSIsInZhbHVlIjoiS1B1ZUkrdThFODJWcVRwcHpiWGIrMFJRWnBSTm9HZmJ0L0gvckt2Sk5hblYyQUc4ZzA0U2hEck1zVldaUG96cXU0T2FTRTJuZGZieDhhRmNENHVPdVVGQTBoYmRPVEJwVVYrbEpWNUhNOXlETitkSkw3blBma0gzTEpGRFBib0giLCJtYWMiOiJjODM3NTdmYjQ1ZDI5YWM2OGY4ODY2MmU1M2RjZWY3NjVhZTVkNDdhNDM5NjNlNmIyODg2MzI0NTYxNzdmN2Y0IiwidGFnIjoiIn0%3D
.hearnow.com/ Name: laravel_session
Value: eyJpdiI6InJPSHJVSVpaeCt2cjA2MlJvMVpJQVE9PSIsInZhbHVlIjoiSmRFSnVuNk5VclZpUmRpK1JlSjJtV0NBRFZ6MTJMV2tXSnBUeEhoZktvRWJibXpyOERtV0ZJRU4vZjNHQ1VQa3VuMW9tRTEwUTMvY0J0ek1qcmxGazZiTWwzTlRmUXBxUFRJVm54RFF1ZGNMTHMzTGNVWlpQR1RrWjNQUG1jcWoiLCJtYWMiOiIzZTQwMGI2YTBhYWU1MWJhNWU2OTBjZDVmODdlMzQxZDM2OTI4OGM1Y2E5MWRmN2E1M2UyODJkZWRmODdjM2VjIiwidGFnIjoiIn0%3D
.hearnow.com/ Name: __cf_bm
Value: KVUZAQ2rFujDJsmGbFyXEeiL3Dzqly3okIa78y9.S70-1732117402-1.0.1.1-HD5cZGoIpJuZ6x4ZXj5rbX06eZgmoI_xPdg4YTuMsAB3hUPj8nY0vRxNVbfwKBWS3VCuJ0OlL3WgMkNSKe3SEg
.hearnow.com/ Name: cookieyes-consent
Value: consentid:VTN4d09yV3pydW5STENlSVF6azZreGljaUpkc1VSWTU,consent:no,action:,necessary:yes,functional:yes,analytics:yes,performance:yes,advertisement:yes,other:yes
goldielocksrevenge.hearnow.com/ Name: hnid.212205.8b38
Value: 994020e135af4ade.1732117406.1.1732117406.1732117406.
goldielocksrevenge.hearnow.com/ Name: hnses.212205.8b38
Value: 1
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: XANDR_PANID
Value: Ad6aLa6nVtiQgzrvJ_M8cNWTDIHtWdDp6S2hLiG5lIKultq1BwTXZRB72oek8pmAajilYygiMVfQ1F-bUTelN1itWZ7oYmi53ondCVk3qpQ.
.adnxs.com/ Name: uuid2
Value: 7466915592517408230
goldielocksrevenge.hearnow.com/ Name: uid
Value: 88405939-9d2c-456e-8013-92920377ad08
goldielocksrevenge.hearnow.com/ Name: cookieAcceptance
Value: Y
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2GUds((h_!@wnf-Te9(>wL5L!!'du$uOCP

12 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'document-write'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'font-display-late-swap'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'layout-animations'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'legacy-image-formats'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'oversized-images'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'sync-script'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'unsized-media'.
rendering warning URL: https://goldielocksrevenge.hearnow.com/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0301D00B4210000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
security error URL: https://acdn.adnxs.com/dmp/up/pixie.js
Message:
Refused to connect to 'https://ib.adnxs.com/pixie/up?pi=e91ec610-89ed-4b81-88b4-31f6679f0acb' because it violates the following Content Security Policy directive: "connect-src 'self' https://*.hearnow-cdn.com site-stats.hearnow.com https://api.spotify.com https://api.found.ee https://api.recurly.com https://stckjs.stackify.com https://rum.stackify.com *.cookieyes.com cdn-cookieyes.com".
javascript error URL: https://acdn.adnxs.com/dmp/up/pixie.js
Message:
Refused to connect to 'https://ib.adnxs.com/pixie/up?pi=e91ec610-89ed-4b81-88b4-31f6679f0acb' because it violates the document's Content Security Policy.
security error URL: https://goldielocksrevenge.hearnow.com/
Message:
Refused to load the image 'https://ib.adnxs.com/pixie?e=PageView&pi=e91ec610-89ed-4b81-88b4-31f6679f0acb&it=1732117407156&v=0.0.43&u=https%3A%2F%2Fgoldielocksrevenge.hearnow.com%2F&st=1732117406791&et=1732117407157&if=0&uetmsmid=422b218c-75c6-484e-b5bc-795ce21ee219&asce=0&ascc=0&tcfhl=0&tcfe=0&tcfgdpr=0&tcfc=0' because it violates the following Content Security Policy directive: "img-src 'self' https://*.hearnow-cdn.com site-stats.hearnow.com data: https://open.scdn.co https://www.gstatic.com cdn-cookieyes.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self';connect-src 'self' https://*.hearnow-cdn.com site-stats.hearnow.com https://api.spotify.com https://api.found.ee https://api.recurly.com https://stckjs.stackify.com https://rum.stackify.com *.cookieyes.com cdn-cookieyes.com;default-src 'self' https://api.recurly.com;font-src 'self' https://*.hearnow-cdn.com fonts.gstatic.com;form-action 'self' https://auth.cdbaby.com;frame-src 'self' site-stats.hearnow.com mailto: https://open.spotify.com https://accounts.spotify.com https://api.recurly.com;img-src 'self' https://*.hearnow-cdn.com site-stats.hearnow.com data: https://open.scdn.co https://www.gstatic.com cdn-cookieyes.com;media-src 'self' content.cdbaby.com;object-src 'none';script-src 'self' 'nonce-XzNWq0j3vy4eULWAbkoJ44dn7xkFgTxO' https://*.hearnow-cdn.com site-stats.hearnow.com https://found.ee/dmp/pixel.js https://*.adnxs.com https://api.recurly.com https://js.recurly.com https://stckjs.stackify.com cdn-cookieyes.com;style-src 'self' 'unsafe-inline' https://*.hearnow-cdn.com https://api.recurly.com https://js.recurly.com fonts.googleapis.com
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
api.found.ee
cdn-cookieyes.com
directory.cookieyes.com
found.ee
goldielocksrevenge.hearnow.com
ib.adnxs.com
log.cookieyes.com
secure.adnxs.com
site-stats.hearnow.com
static.cloudflareinsights.com
static.production.hearnow-cdn.com
stckjs.stackify.com
ib.adnxs.com
104.18.30.79
151.101.193.108
2606:2800:11f:1cb7:261b:1f9c:2074:3c
2606:4700:10::6816:3b5b
2606:4700::6810:4f49
52.17.227.89
52.85.151.79
54.149.222.114
54.229.214.125
54.245.122.215
68.67.179.164
68.67.181.211
0099c3f7af52e8ad09529a0013033857f85d69ccb2f05693f35de94ca6cc4750
0316561914aef02f6623547cc1455a1ceda616fa2e1a3149eb413c3bcfda3f15
04d7b15a131e546825a927b05e7e065729a93f2530f425f76172dd36ec6cd5f9
0995371a359a4a701d66f8b183de6144de9a042e5bac84b6f920968f51567742
0a436b218fef76e5ebb40d994ef0a0bac476bc250d88bc7f41e20fa7d3a8e10d
10d39387980cf724e46e7904bc060ad6f0e7ec36059d84d226a7b28d131c419c
20bff17b0339665a4917cd387579419a71900afcc6df80b3cddf96c7ad63e701
25ef9ef4bf4e1e990aa99baeb40abb607d1aecca16e4db8ec0a4fdc377772755
2dde2110b2815bd940b5d681c6bc59f8f65bc1a57049fab33748967266d79f65
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
4f31e9f5152d602f99fa597cc88704023e244e5b38bf0ca1cbeec59fb4415d86
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c8bae13ae5966808ffc88999e11535ff51dfd2f99fdec8e8be201784494bf9
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5e281fa651faa4fe6ce33e120fe2978a90c13f537cffbbbb4679672dfba71b1c
5e2fb5fbe67ef1a51a135b2a4e073fe95514b863fc8a927f2c752e79d1df7ab5
649ab03343a1081f81ee8e5f260c1c05a9145f394dc85baadeef2767f2298b9b
6cafe2e4d7dba423e821460cd9522c9acc7156626580248d764713c509022f43
825f9195ba9b60c823823cd5cb71acaabba683577f78cfecc52deee5faf7c47d
867a77cee7590f84a8d5dda78ad73f399ef3350956f4bd0dbdb69aa7a1caa5a6
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
94ce66da838f76195eb6ae9dd463777978fac243b1e1382aa4c85bcd49f276d9
9b46f3940431743fd18860fb3bde018cfbddca88e7fa508801210340bdc635a7
9e9539a8da8dc04fa844486ccc8df1dfff1589c1a404a9dbf565614e4aebcfad
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b
a77fb64df1103aefa118cbe2595949af995a567fcd3e144a4d27ee21d5497f58
aa53ca9f515177b0b313379eae3788aa97546f98a04cd5fa715c98061bd30caa
b3fdcea101232877ed46b400fb139836ab45e094ad561c926dd96ccb69f53ad0
b405742f66d0f98ca6633b16ad3ebacc122b2bd063f08afde7bc320c6557e1c3
c0460cf65701e0755768166b2c2442107b057fca82245056c471b1e7e5ab75c3
c96c5cf63ec1e8004d3a0c21e0f4db9667bd00a8b8da259056dea66a74e7279d
d3189c82877cb204eba224a6b9033509f47eb2eb184989cc7bf83d05eacd514b
d76079f310e96aca2adb6fc6d024c33abc9d319a732eb6530b8b18d6fb5d1290
e1d9e22750e604423e6816f37927437771e6788ec285b8fb397db8778eed3841
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fb72de205f464740e31a5512c88c9e60f6600a04fe9f1bceda274508540167
ed7c487f915432d9464e2af0a83002ee93596e86e076f3c917e439e5b844d08b
ee471e7ef20df5ebe7ea23edd8be42c5acbde648a5bec4533422258a64f7a56e
ef250bde01e23b4087ad18747062fff2490e54727d526381385430fc57941fe6
efa4fb83ed341ef1c4fe261288a41b4438e271bd7607dbcbc50a48de84fb39c9
f2057dcdfebe4331166571b0ba67f241a2c96878d79b5ab4117470c702d0bb72