www.gloriousplays.com Open in urlscan Pro
2606:4700:3030::ac43:930d Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s3-us-west-2.amazonaws.com/bvcdrdfdreamfs54sdgsg/miom.html#cl/8406_md/1/287/1298/329/12635
Effective URL:
https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
Submission: On December 05 via api (December 5th 2021, 12:29:33 am UTC) from BE — Scanned from US

Summary HTTP 31 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 9 domains to perform 31 HTTP transactions. The main IP is 2606:4700:3030::ac43:930d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.gloriousplays.com.
TLS certificate: Issued by R3 on October 15th 2021. Valid for: 3 months.

This is the only time www.gloriousplays.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	52.218.246.64 52.218.246.64	16509 (AMAZON-02) (AMAZON-02)
1 1	172.105.94.28 172.105.94.28	63949 (LINODE-AP...) (LINODE-AP Linode)
2 2	199.255.138.68 199.255.138.68	31863 (DACEN-2) (DACEN-2)
1 1	2606:4700:303... 2606:4700:3035::ac43:a67c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2606:4700:303... 2606:4700:3030::ac43:930d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3030::ac43:d052	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::6815:11ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:823::2003	15169 (GOOGLE) (GOOGLE)
31	6

1 52.218.246.64 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.94.28 (Frankfurt am Main, Germany) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: 172-105-94-28.ip.linodeusercontent.com

clientcenter.org.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.255.138.68 (Lenoir, United States) 2 redirects

ASN31863 (DACEN-2, US)
PTR: omnisivhyf.teslacars.sbs

www.myhomestrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:a67c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.crococourse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:3030::ac43:930d (United States)

ASN13335 (CLOUDFLARENET, US)

www.gloriousplays.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3030::ac43:d052 (United States)

ASN13335 (CLOUDFLARENET, US)

thunderbo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:11ad (United States)

ASN13335 (CLOUDFLARENET, US)

www.ziiwall.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	gloriousplays.com www.gloriousplays.com	963 KB
4	googleapis.com fonts.googleapis.com	3 KB
3	thunderbo.com thunderbo.com	114 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	myhomestrack.com 2 redirects www.myhomestrack.com	1 KB
1	ziiwall.eu www.ziiwall.eu	109 KB
1	crococourse.com 1 redirects www.crococourse.com	834 B
1	clientcenter.org.uk 1 redirects clientcenter.org.uk	369 B
1	amazonaws.com s3-us-west-2.amazonaws.com	461 B
31	9

	Domain	Requested by
20	www.gloriousplays.com	s3-us-west-2.amazonaws.com www.gloriousplays.com
4	fonts.googleapis.com	www.gloriousplays.com
3	thunderbo.com	www.gloriousplays.com thunderbo.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.myhomestrack.com	2 redirects
1	www.ziiwall.eu	www.gloriousplays.com
1	www.crococourse.com	1 redirects
1	clientcenter.org.uk	1 redirects
1	s3-us-west-2.amazonaws.com
31	9

This site contains no links.

Subject Issuer	Validity	Valid
*.s3-us-west-2.amazonaws.com Amazon	`2021-03-26` - `2022-03-05`	a year	crt.sh
*.gloriousplays.com R3	`2021-10-15` - `2022-01-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
Frame ID: CA32FE6E8A7A90769DF7FE4302E586FD
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

T&T

Page URL History Show full URLs

https://s3-us-west-2.amazonaws.com/bvcdrdfdreamfs54sdgsg/miom.html Page URL
http://clientcenter.org.uk/cl/8406_md/1/287/1298/329/12635 HTTP 302
https://www.myhomestrack.com/6B12BK3/R3MJTGH/?sub1=1&sub2=8406_1&sub3=329_12635_287_489184_md HTTP 302
https://www.myhomestrack.com/6B12BK3/R4DD4HL/?__rpt=0&__po=12474&__ptid=c503dbaaf50d4344942c7ff00a16f3ee&... HTTP 302
https://www.crococourse.com/cmp/2J7JPH/4TDPFD/?sub1=a30ed9a82adc4d3693d9c50b88bc899b&sub2=3282 HTTP 302
https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d Page URL

Page Statistics

31
Requests

100 %
HTTPS

67 %
IPv6

9
Domains

9
Subdomains

6
IPs

2
Countries

1220 kB
Transfer

1651 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s3-us-west-2.amazonaws.com/bvcdrdfdreamfs54sdgsg/miom.html Page URL
http://clientcenter.org.uk/cl/8406_md/1/287/1298/329/12635 HTTP 302
https://www.myhomestrack.com/6B12BK3/R3MJTGH/?sub1=1&sub2=8406_1&sub3=329_12635_287_489184_md HTTP 302
https://www.myhomestrack.com/6B12BK3/R4DD4HL/?__rpt=0&__po=12474&__ptid=c503dbaaf50d4344942c7ff00a16f3ee&__rpa=1&__rc=1&sub1=1&sub2=8406_1&sub3=329_12635_287_489184_md&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
https://www.crococourse.com/cmp/2J7JPH/4TDPFD/?sub1=a30ed9a82adc4d3693d9c50b88bc899b&sub2=3282 HTTP 302
https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK miom.html Show response
s3-us-west-2.amazonaws.com/bvcdrdfdreamfs54sdgsg/ 105 B
461 B 388ms
105ms Document
text/html 52.218.246.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/bvcdrdfdreamfs54sdgsg/miom.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.246.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: be74d8126523b9d8b5e00033cc06ca22ec954ea915eeda3c1c9d4186ad4a9f3f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9

Response headers

x-amz-id-2: SL5F31LUuixKK4KHElbhEnJ/vu/k4+b1nHdlDje5Eo06XpohxshOwLWCEJE+hHSyk//0BLOlzZY=
x-amz-request-id: 9D0HX1Q8QW9BX0D3
Date: Sun, 05 Dec 2021 00:29:24 GMT
Last-Modified: Sat, 04 Dec 2021 05:01:26 GMT
ETag: "8b327a852ff07b8a40e4bdc643b9ae48"
Accept-Ranges: bytes
Content-Type: text/html
Server: AmazonS3
Content-Length: 105

GET
H2

200

Primary Request nrp=be3e018f615343a28e5a0f42b2ffb28d Show response
www.gloriousplays.com/survey/33198/source=62-/subid=62/
Redirect Chain

http://clientcenter.org.uk/cl/8406_md/1/287/1298/329/12635
https://www.myhomestrack.com/6B12BK3/R3MJTGH/?sub1=1&sub2=8406_1&sub3=329_12635_287_489184_md
https://www.myhomestrack.com/6B12BK3/R4DD4HL/?__rpt=0&__po=12474&__ptid=c503dbaaf50d4344942c7ff00a16f3ee&__rpa=1&__rc=1&sub1=1&sub2=8406_1&sub3=329_12635_287_489184_md&sub4=&sub5=&source_id=&__pcd=9
https://www.crococourse.com/cmp/2J7JPH/4TDPFD/?sub1=a30ed9a82adc4d3693d9c50b88bc899b&sub2=3282
https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d

38 KB
11 KB

935ms
795ms

Document
text/html

2606:4700:3030::ac43:930d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
Requested by: Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/bvcdrdfdreamfs54sdgsg/miom.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:930d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df28475274fbc1201731dc862b8714515953b0680233e5b6a943298bbe54ce8f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://s3-us-west-2.amazonaws.com/bvcdrdfdreamfs54sdgsg/miom.html#cl/8406_md/1/287/1298/329/12635

Response headers

date: Sun, 05 Dec 2021 00:29:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SmCQVkXX71DSWND%2FgjEi92EnoGqeN8i8ziLgLhNJ01kmOpvZ%2BXdrcq5jaeeu%2BuhsB5iv4ffceZ%2B2cuvh3PME10tZKMSdFwG5Q575yQJbJSbXojDZB2j%2BuEx3VU2J0qbVzKWzmaDArZ%2F2VzeocjDDr%2B8trOQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b8928ff3d673173-LAX
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Sun, 05 Dec 2021 00:29:26 GMT
content-type: text/html; charset=utf-8
location: https://www.GloriousPlays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
vary: Origin
x-eflow-request-id: f22b5e83-465f-48c8-81c2-5f88206e8369
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bd6cpBCGuSRcV2tJFmmbhaqVp6nXXOC5ezfh%2BH3SZGmSECUpzEYXZqX75g2AAF1f3dx7ADmMjWTgEkDvMvWB458MN2rN4IYTAK2SjrfH%2B%2Fig364s9UQGJTDmiv8paPkV8QDa87aenVdNrO2%2Bpw2wgDOm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b8928fa3c557e32-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 webtoolkit.base64.js Show response
www.gloriousplays.com/js/plugins/base64decode/ 3 KB
1 KB 72ms
70ms Script
application/javascript 2606:4700:3030::ac43:930d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gloriousplays.com/js/plugins/base64decode/webtoolkit.base64.js
Requested by: Host: www.gloriousplays.com
URL: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:930d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf105e00754ed199cca74149ffcaae97684c72eee00602223f918efdd96cc45f

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 00:29:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 Jun 2020 11:41:06 GMT
server: cloudflare
age: 2028
etag: W/"5eeca452-d67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UeCntVSKKRmH8%2FpEFvawybzglZeNjdR88qWE4Xi8AeTQpfVdVAe2hRCPo4plxsn13ybHT3SOmhvNe0HvBWaRkYaIw1%2Fl8q%2B0GyK3PO8llRdDFxVo3auRmw2rG4XLS%2BlskIWMo%2Fxj6%2FjdBS4jVixMgVxESak%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b8929045c0e3173-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 backend.css
www.gloriousplays.com/css/ 2 KB
989 B 73ms
71ms Stylesheet
text/css 2606:4700:3030::ac43:930d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gloriousplays.com/css/backend.css
Requested by: Host: www.gloriousplays.com
URL: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:930d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b24eb9638260837328cb57cc88a42c7472eebcef0d23ad953073901d3bf41c6d

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 00:29:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Jun 2017 10:13:06 GMT
server: cloudflare
age: 2449
etag: W/"59410c32-8ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NuRszoASJjlB5vCHEjPgC7lAdJk1OjoFB9P1BYvqlR9%2FnG2YvinAzFWC6036%2FftAcn%2BDw6bHnS%2Fs8fEzEROQis8qjkFx%2BXE535UCBava7oyA5TkhcVnYUISR38V38lJL6F0USV%2FPtNR4%2BVxpIBZhmbJshk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b8929045c103173-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 bootstrap.css
www.gloriousplays.com/css/ 144 KB
22 KB 413ms
411ms Stylesheet
text/css 2606:4700:3030::ac43:930d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gloriousplays.com/css/bootstrap.css
Requested by: Host: www.gloriousplays.com
URL: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:930d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef9c554bca3ce5b9f978b626ff8c3a441c0468af2599bdb4e9b6b32f6743f058

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 00:29:27 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 14 Jun 2017 10:14:22 GMT
server: cloudflare
etag: W/"59410c7e-23fe6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JUoxWL2dBKNOP%2FKPXP8CSkLePik3700ORk%2FGKlPB%2F91d2cMvOpJm%2FvghQbjSHabvAPzeMEpYIAFtqJ8KBiLRJdLZqZu%2BKkDYFS8XlvKqsXEmAFgdWj7svMF%2B28qWLNtz0VJmNsu24JJICBkSvfr5NRJnzUM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b8929045c153173-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 jquery.js Show response
www.gloriousplays.com/js/ 278 KB
85 KB 82ms
81ms Script
application/javascript 2606:4700:3030::ac43:930d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gloriousplays.com/js/jquery.js
Requested by: Host: www.gloriousplays.com
URL: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:930d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2065aecca0fb9b0567358d352ed5f1ab72fce139bf449b4d09805f5d9c3725ed

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 00:29:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Jun 2017 09:51:56 GMT
server: cloudflare
age: 314
etag: W/"5941073c-456ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhAZITrwEbPXVdA7Hvzw%2F6OYI9GTzCrE1OgG8gMZlM9eFATT6efOb9DrEgf3tlwMlxgkR1LuC76lHlv1OONRzZfTFxf8%2BOsux99f3K3SALq%2BVxVbyYTjaCAgeLRvd7xDIWGHwPSEuEbeSEtn3YU8b6CJXOQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b8929045c163173-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 bootstrap.js Show response
www.gloriousplays.com/js/ 67 KB
15 KB 384ms
382ms Script
application/javascript 2606:4700:3030::ac43:930d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gloriousplays.com/js/bootstrap.js
Requested by: Host: www.gloriousplays.com
URL: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:930d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 00:29:27 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 14 Jun 2017 09:51:58 GMT
server: cloudflare
etag: W/"5941073e-10d1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QleiQkWEB7dtpEFhM27NLtImi1MVvsvFPgdvbGn1ov5hnHL5x18bMBA2nkxDVeoin%2FtAGway18zMmOghJLXeCLa8ipIgL%2B9PDxdHCKoU47%2BPjWf3mMJbbelYOgX%2B%2B8SccNy5jBEihytna0WIiwdSPDKyrXI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b8929045c183173-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 jquery.cookie.js Show response
www.gloriousplays.com/js/plugins/jqueryCookie/ 3 KB
2 KB 79ms
77ms Script
application/javascript 2606:4700:3030::ac43:930d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gloriousplays.com/js/plugins/jqueryCookie/jquery.cookie.js
Requested by: Host: www.gloriousplays.com
URL: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:930d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 00:29:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Jun 2017 09:55:44 GMT
server: cloudflare
age: 2028
etag: W/"59410820-c31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2FZw01usZBBi93k6xUNYmqWmoVM3T%2B9SYmY7lV7af8erI97mgch%2FZNfdk48hmooXv85BPu7XLVqCUxBa%2FIYflsxfXAwFbC9AG6Wc%2BZFyIG9WDVOumDAxKwC6fKYmUa3%2Bo1Kg%2B0d7QIJID%2B9o3t6e%2FFR0jWk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b8929045c1a3173-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 simple_green4.css
www.gloriousplays.com/css/tpl_css/ 8 KB
2 KB 411ms
409ms Stylesheet
text/css 2606:4700:3030::ac43:930d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gloriousplays.com/css/tpl_css/simple_green4.css
Requested by: Host: www.gloriousplays.com
URL: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:930d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b336ee919770f24464a0092df7f6abc78383d7c7054174713908b4b079cdae2e

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 00:29:27 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 13 Mar 2018 09:55:48 GMT
server: cloudflare
etag: W/"5aa7a024-1e64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIoyqPO%2FGlj6ZjkTadttuOsJCrATsJj7KpXJY2XmygOy4Qi2GY6WfvWYBFBtQVlayy45P5JoF3%2FwcTcYyZQolnE%2Fy1%2Fx8J5AT%2FdLhzmlERehZEYI1sS6letxWFRjJbbNE9anmHRYq6vAA4lNGXGSMuQUkcg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b8929045c1b3173-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 currency_cnd2.js Show response
www.gloriousplays.com/custom_js/ 1 KB
762 B 78ms
77ms Script
application/javascript 2606:4700:3030::ac43:930d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gloriousplays.com/custom_js/currency_cnd2.js
Requested by: Host: www.gloriousplays.com
URL: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:930d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7793635b3a67ad46bb0f738f17326d1d4de4ef3e9a2a2ee4ac4e318a77dabd0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 00:29:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 14 Jun 2017 10:12:22 GMT
server: cloudflare
age: 2028
etag: W/"59410c06-5f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7I3d9AUWg0QGdxDH8A683TBX9ihrfQNNzY%2F5CgJunhyULXumfGECGqZ151QeKmNdyv6ZFq9cLHyoMEsLd0kc9OF%2BrPk32SYx%2FEU%2Fn2erKEmxW6afAbrdBN%2F8IqmF6kEP4ZZhu6BR4WehlRzVB4ftOrWBiB8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b8929045c1c3173-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 3 KB
554 B 431ms
151ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Signika+Negative:400,600,700&subset=latin-ext

Requested by

Host: www.gloriousplays.com
URL: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f2aff5b51b35d628f161cc7e99d60fd7a751bfec71c59e56c258da0ed04a8395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.gloriousplays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 00:29:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Dec 2021 00:29:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Dec 2021 00:29:27 GMT

GET
H2 200 blue_notys3.css
www.gloriousplays.com/css/ 9 KB
2 KB 73ms
73ms Stylesheet
text/css 2606:4700:3030::ac43:930d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gloriousplays.com/css/blue_notys3.css
Requested by: Host: www.gloriousplays.com
URL: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:930d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae88db06df66fada6bd19661950611c6a69796df07f7a97991ec8db92c124af7

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 00:29:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Nov 2017 11:25:47 GMT
server: cloudflare
age: 1372
etag: W/"5a0c243b-2381"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lASeWXED7Ev%2Bfg6IdcwZUw81JL5w4wGjIpEoO96qqYvrGsv6O08ys2lUNWPCC22bJxVNF3W0e8bCKayuy7uELeZ1M9QRFFIaUXJpToZ0avVjqN3EzWN%2FOYQ%2FhnfzG9AZ32b8ublEZCOtQmgKmd7x6jr1sVw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b8929045c1d3173-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 embed.js Show response
thunderbo.com/ 22 KB
8 KB 211ms
74ms Script
application/javascript 2606:4700:3030::ac43:d052
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thunderbo.com/embed.js
Requested by: Host: www.gloriousplays.com
URL: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d052 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d108998402f1d542c0d6ac92c19ea4818554e1093fb96b1bd589ebb5a4f533a8

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.gloriousplays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 00:29:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 21 Oct 2021 08:30:40 GMT
server: cloudflare
age: 6959
etag: W/"61712530-563e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zwW%2FA1D9Y9RGkFcrDxFG9sTrNO7SEtn%2BaoyjA9PMFdkRQjpiX%2BdoY64nEJ%2FswPsWpOLQPOUzc0HfiJUMCHEH8DbRDPSP9kNhpxo1vIcmr%2Be5zWb0ZXYa3WJgVCuTgJOlD0Rz8gq5yNngSKAR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b892907ffb7313a-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 prof_pic.png
www.gloriousplays.com/img/ 3 KB
3 KB 72ms
71ms Image
image/png 2606:4700:3030::ac43:930d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gloriousplays.com/img/prof_pic.png
Requested by: Host: www.gloriousplays.com
URL: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:930d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de8025dffc57069d02c00a3640796dec23114f51af54c209b8fee272d8d0ecd6

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 00:29:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97493
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2828
last-modified: Wed, 14 Jun 2017 09:51:47 GMT
server: cloudflare
etag: "59410733-b0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVyFc%2F086BVLJfktEViveo%2FBkYFObpCdgQMfIRcZj6wI2%2BiXkA6j%2F8O%2Bu7dOAPDzHGd6HyaTiEZsHG%2F%2B6wt1WzomVrqHHZ9cUy4U%2FZMQVwZ7g5hfthqFngjcQJWjtBzLK3tDER3kswDL5XZtxginb75%2BtZo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6b89290739af7eb7-LAX
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 public.png
www.gloriousplays.com/img/ 1 KB
2 KB 136ms
135ms Image
image/png 2606:4700:3030::ac43:930d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gloriousplays.com/img/public.png
Requested by: Host: www.gloriousplays.com
URL: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:930d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2897f490eaee6fd3c20a755839a30d051c2b4423a9cbc1af2a6d8a05c15e9154

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 00:29:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97493
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1303
last-modified: Wed, 14 Jun 2017 09:49:18 GMT
server: cloudflare
etag: "5941069e-517"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2BIeQJSYHOSCSraVOXbEKYnEkvt2uxWow1HrqTDrunuQvqjgyxC5huW6mnbNOJIVPeZZ7ZmqDeKflTg39GEoScvI9DZFEZcVuOT3aQtRefwxfOhK9%2Bi84bhSRvUhZoVHUJvr7doLb0xXMHKvpcdZ7xCiuXA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6b89290739b17eb7-LAX
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20210607103103_pngboxplaceholderppbb2020.png
www.ziiwall.eu/uploads/ 108 KB
109 KB 239ms
78ms Image
image/png 2606:4700:3037::6815:11ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ziiwall.eu/uploads/20210607103103_pngboxplaceholderppbb2020.png
Requested by: Host: www.gloriousplays.com
URL: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:11ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0684deac069a4d66038585685fc54afcae4462e4a3254fe70d05030341f23707

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.gloriousplays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 00:29:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 445707
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 110966
last-modified: Mon, 07 Jun 2021 08:31:03 GMT
server: cloudflare
etag: "60bdd947-1b176"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJrxC4bAV4oJMHVzZ4mLBxJyx%2BRJaRisazI%2F1YKLwUrccqyWwNJ4vKMBXCUKW%2Fxhrv7unOcyaiJrCKgrCv8namALYXDsMrr9Yh7p48IjwvlFw7fht%2FvV1BSoCuFcYt83NvQApA4bFUstNtnaLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6b8929083f9a7b11-LAX
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 20211117133136_checkipad.png
www.gloriousplays.com/uploads/products/ 14 KB
14 KB 72ms
72ms Image
image/png 2606:4700:3030::ac43:930d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gloriousplays.com/uploads/products/20211117133136_checkipad.png
Requested by: Host: www.gloriousplays.com
URL: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:930d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0317fe71db7d036cfc37efa11a2ceb800d2793d66d8f4ff2d17bce680c4ac8f3

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 00:29:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97993
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13930
last-modified: Wed, 17 Nov 2021 12:31:36 GMT
server: cloudflare
etag: "6194f628-366a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngschiIGKbgWh%2BV5sngHTt0U6zf5e5XlJz%2FP7miVjSxrSqgPrk7ewkj8sAEqYnaPiMdaQw%2Ff%2Bl4%2FAypWd5Z2UqLo6ojOTmf1ljvbMjHx8%2FxpIDzVqJ8xMDiY29eLaiQvwTb1q3OFAoqVSu8690b4m4kAPs4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6b89290739b27eb7-LAX
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 css2
fonts.googleapis.com/ 4 KB
634 B 290ms
150ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: www.gloriousplays.com
URL: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.gloriousplays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 04 Dec 2021 23:41:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Dec 2021 00:29:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Dec 2021 00:29:27 GMT

GET
H3 200 20170517113334_check.png
www.gloriousplays.com/uploads/ 1 KB
2 KB 159ms
159ms Image
image/png 2606:4700:3030::ac43:930d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gloriousplays.com/uploads/20170517113334_check.png
Requested by: Host: www.gloriousplays.com
URL: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:930d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54685db07aca72f8729aafc7d545ad6cd2804361d9d1960a48c20a5bc02967f9

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 00:29:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97493
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1477
last-modified: Wed, 17 May 2017 09:33:34 GMT
server: cloudflare
etag: "591c18ee-5c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2l2h2VZCgsvZOjMl2gpSK9XhPztvxHR3Cuit5DzYaBwuQFQQVGTdkSXbN4anFjCtBefvhyo3hSzmFwwzgcbB8DbLAkIoaUEbmeE4SH94GPMsvY%2BU979MCn8JPtNPeSkN4hg5%2BH1DEM6LLLvXNg8JvOPYmo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6b89290739b37eb7-LAX
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 672 B
862 B 355ms
149ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:700

Requested by

Host: www.gloriousplays.com
URL: https://www.gloriousplays.com/css/backend.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1cc0774214dac222775959901e04247c1a39d5a6dc4f7d6e37fda6e1b65ec00b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.gloriousplays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 04 Dec 2021 23:53:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Dec 2021 00:29:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Dec 2021 00:29:27 GMT

GET
H3 200 css
fonts.googleapis.com/ 8 KB
704 B 255ms
148ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Host: www.gloriousplays.com
URL: https://www.gloriousplays.com/css/blue_notys3.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bda2c84e2934508dd2b995f28876c68e3f0cf0955173bcf040b76ecc63e03786

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.gloriousplays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 04 Dec 2021 23:36:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 05 Dec 2021 00:29:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Dec 2021 00:29:27 GMT

GET
H3 200 20210607103045_bgbiiipz459894953845.png
www.gloriousplays.com/uploads/ 667 KB
668 KB 206ms
206ms Image
image/png 2606:4700:3030::ac43:930d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gloriousplays.com/uploads/20210607103045_bgbiiipz459894953845.png
Requested by: Host: www.gloriousplays.com
URL: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:930d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb01ad270272a02e43cd31bd67e12b04f4aef501a6aafc4505c9a3d3965c04e0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 00:29:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97255
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 682789
last-modified: Mon, 07 Jun 2021 08:30:45 GMT
server: cloudflare
etag: "60bdd935-a6b25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ps%2Ffj1hLxxliA0QK%2FIgHnEtIc%2BX48BH33niXxOzFzMEh4UmTEcFA9uSPEJ23VWBOlhaLbvQnrbauaj0N59cqisYpECnM6IHmEBiYVBjlRqbmZoPZIYaN5HCgXNf9HFTYvnxkxD%2F%2B%2F5sw2uk7LXRn2BoXE6E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6b892908dba07eb7-LAX
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 20210607103032_top2020ttppbb.png
www.gloriousplays.com/uploads/ 4 KB
5 KB 70ms
69ms Image
image/png 2606:4700:3030::ac43:930d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gloriousplays.com/uploads/20210607103032_top2020ttppbb.png
Requested by: Host: www.gloriousplays.com
URL: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:930d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 398f7b679bb4207ae199d3972439cc60ec60411dace8c9b12b82eab724afdd87

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 00:29:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97492
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4197
last-modified: Mon, 07 Jun 2021 08:30:32 GMT
server: cloudflare
etag: "60bdd928-1065"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4f%2B9LnbitKbiANRhDLKsacmZgMgIOO0bh3h%2BNxgmB9WRHkoVrbpGAnOrL59zsKaKN7hp5%2FAMh9B1TzeaMk%2FwLt9JcxTOOw4w9GKJdsSP01EkgZi7BTbcqNkdCAKucG2uY%2BC5LdXknDdGnNMUB%2BigHKcmEo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6b892908ebbe7eb7-LAX
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 20210607103020_bgtt2020ppbb.jpg
www.gloriousplays.com/uploads/ 118 KB
119 KB 70ms
70ms Image
image/jpeg 2606:4700:3030::ac43:930d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gloriousplays.com/uploads/20210607103020_bgtt2020ppbb.jpg
Requested by: Host: www.gloriousplays.com
URL: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:930d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05697eab392b9fce22fda32c7fc054e9c01b04af8b6b7eb439be058707a60e83

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 00:29:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97492
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 120775
last-modified: Mon, 07 Jun 2021 08:30:20 GMT
server: cloudflare
etag: "60bdd91c-1d7c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lysQvYVFeI5lYvR4zdKa3fVz3sYVWvX%2FDXyhjMqXKfusu8OcPLbk%2Fmiwanvd9fDR%2FOznz%2F87NwhKiEl3xsLjzIb%2BHworuvJcuiKguFrWx%2F0FQrxoyVQGI0ryrGYgs6Mf8uL04%2FxtDsOoega7BOSQeWqoYIE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6b892908ebbf7eb7-LAX
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 20210607103009_7338844256788765_step1_yellow_tt.png
www.gloriousplays.com/uploads/ 4 KB
4 KB 459ms
459ms Image
image/png 2606:4700:3030::ac43:930d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gloriousplays.com/uploads/20210607103009_7338844256788765_step1_yellow_tt.png
Requested by: Host: www.gloriousplays.com
URL: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:930d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5406295dbe83b43365abc4a649288b62d4f0512158cc7ccde7ab0c680b1e932

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 00:29:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97492
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3683
last-modified: Mon, 07 Jun 2021 08:30:09 GMT
server: cloudflare
etag: "60bdd911-e63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQxoiimnsRl5Di4WAtxXwBfJVLTyBe8eir5ajbVfc5IkzoO3N0%2F2HV5W0wqYB5%2B%2Ft1YDZnto%2BHdFu6vz3cAT6pIK88xEaemhSaEDCGO6NSidR1vs9kyEE%2BcoLpE9z02MLtGYqb7Q7EMGLyK46JPq%2BID4nOU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6b892908ebc17eb7-LAX
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 413ms
133ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gloriousplays.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 01:28:42 GMT
x-content-type-options: nosniff
age: 169246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 03 Dec 2022 01:28:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 490ms
210ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gloriousplays.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:23:56 GMT
x-content-type-options: nosniff
age: 374732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 16:23:56 GMT

POST
H3 200 survey Show response
www.gloriousplays.com/survey/ 70 B
944 B 440ms
440ms XHR
text/html 2606:4700:3030::ac43:930d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gloriousplays.com/survey/survey
Requested by: Host: www.gloriousplays.com
URL: https://www.gloriousplays.com/js/jquery.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:930d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4a578da8b8720f85f3b245a540f7b823f4f778621b8fe000963b293ba696511

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
X-Requested-With: XMLHttpRequest
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 05 Dec 2021 00:29:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LuLEcFTjaY7Kb5suk6IPXIudIUwG%2BiiUtEUIH4FrRs93W83hgtW2YsC2WFgzWWVskoXeaeANIOo%2BSRbDI0UtGpszfElIvHdrARAU9A%2FvTHYBNQ2cUModg6a%2FFCx8PXjlo5dyTDDy64dVHWxoQZeP6Pv1nQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.gloriousplays.com
cache-control: no-cache
cf-ray: 6b8929090bee7eb7-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 20210607102928_searchicon2499104.png
www.gloriousplays.com/uploads/ 2 KB
3 KB 77ms
76ms Image
image/png 2606:4700:3030::ac43:930d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gloriousplays.com/uploads/20210607102928_searchicon2499104.png
Requested by: Host: www.gloriousplays.com
URL: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:930d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca49e0106da7498498202c0b5f2009c48cf356928c28bf97dca2dea92b3e2140

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.gloriousplays.com/survey/33198/source=62-/subid=62/nrp=be3e018f615343a28e5a0f42b2ffb28d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 00:29:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97493
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2011
last-modified: Mon, 07 Jun 2021 08:29:28 GMT
server: cloudflare
etag: "60bdd8e8-7db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ptxYRStmH%2BWYR10eNmIYDLbvxJ%2FfbDaRvEVxhpYf8M%2Be36rr8rUrSWhC%2F%2B0v6hdvP36SBywjOKcw44R6NYIoW0Nh11ceNOS4chV4lmL0Oqwm2Qds07%2F0ijMZfZ7F8Wb29M0RchS11kZburLUYyib0YkqL4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6b89290befb17eb7-LAX
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 / Show response
thunderbo.com/pull/ 4 KB
2 KB 711ms
640ms Fetch
application/json 2606:4700:3030::ac43:d052
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thunderbo.com/pull/?notifications=yes&campaign:id=ODkxMzM%3D&country:locale=US

Requested by

Host: thunderbo.com
URL: https://thunderbo.com/embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:d052 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d56add942e1a5fe8ba67ab2d4918cf815d806fcf1147ae53bdf61fb859b7aa9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.gloriousplays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 00:29:30 GMT
content-encoding: br
vary: Origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, HEAD, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKVnWNZJ3MarkzGRE7cu%2FIHaTHZAiJcP1I69EeVNgI9x3NXpU6m6O241ziKcOtZK1OuZDpyFn4%2FxtqBFcXYdToeboiswUHcrsFmMz3jCwWLN19DCBV4IBayfSKdQkhuJzZYrdDHhKsY6TCrg"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 6b892915d9ea7c1b-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 81a2fb65-a74c-41b6-bb74-52e81878472d.png
thunderbo.com/media/ 103 KB
104 KB 140ms
72ms Image
image/png 2606:4700:3030::ac43:d052
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thunderbo.com/media/81a2fb65-a74c-41b6-bb74-52e81878472d.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d052 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4101b06c4f057e319ae6b4343f4a2870d2ac42b57f2c2871c1dd63b1d0c8f1c

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.gloriousplays.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 00:29:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2133
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 105563
last-modified: Wed, 16 Jun 2021 07:30:37 GMT
server: cloudflare
etag: "60c9a89d-19c5b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AOGKKotQy04f7kPcM2Cwyy9e9dzQmrLJyVzFoQ60AVfSRtxQKDcV62xo5f2grwdMnJdy9yNnGlNmO%2BKys8EOAPJ6mtUcbJNNvSHgTBW8ChW8k1DOdIVjNl0UaSATPajlI%2BpnJetDvoe0Zkp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b89291a4b7b7dc4-LAX

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.crococourse.com/	1970-01-19 23:12:30	Name: uniqueClick_4TDPFD Value: eb531a0d-f15d-4bbc-9600-2d66b256078c:1638664165
www.crococourse.com/	1970-01-20 01:20:40	Name: transaction_id Value: be3e018f615343a28e5a0f42b2ffb28d
www.gloriousplays.com/	1970-01-19 23:21:08	Name: b2ZmZXJXYWxs Value: %7B%22campaign%22%3A%22ODkxMzM%3D%22%2C%22survey%22%3A%2237922%22%2C%22source%22%3A%2262-%22%2C%22subid%22%3A%22subid%3D62%22%2C%22firstSession%22%3A%22SHfx7uBgdM5qkE3lRE42L0p1BEElyhaEzfcKORbP_ODkxMzM%3D%22%7D
www.gloriousplays.com/	1970-01-19 23:21:08	Name: survey_id_37922 Value: true
www.gloriousplays.com/	1970-01-19 23:21:04	Name: laravel_session Value: eyJpdiI6IllTUitiMTA0T0JnaWR0bmxnTVcrZHc9PSIsInZhbHVlIjoiWTNDU2hhT1B3NHlMOGpudjJoeDNQR25KcUdvNDNmOGNkeHFIWFNJMWVPRytRXC9UZCtlb2VJdUVYektUN05MbU90d3Q5Um5VSkNyMnorcW16THUwZWJ3PT0iLCJtYWMiOiIwNmJkZDQyOWM5NmEwNjQ5N2ExYjc0M2YyNTI3N2NjMTMxYmI4YWE2OWZmM2QwOWJlMjY0YWI2NTdmZDYyY2IwIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clientcenter.org.uk
fonts.googleapis.com
fonts.gstatic.com
s3-us-west-2.amazonaws.com
thunderbo.com
www.crococourse.com
www.gloriousplays.com
www.myhomestrack.com
www.ziiwall.eu
172.105.94.28
199.255.138.68
2606:4700:3030::ac43:930d
2606:4700:3030::ac43:d052
2606:4700:3035::ac43:a67c
2606:4700:3037::6815:11ad
2607:f8b0:4006:81d::200a
2607:f8b0:4006:823::2003
52.218.246.64
0317fe71db7d036cfc37efa11a2ceb800d2793d66d8f4ff2d17bce680c4ac8f3
05697eab392b9fce22fda32c7fc054e9c01b04af8b6b7eb439be058707a60e83
0684deac069a4d66038585685fc54afcae4462e4a3254fe70d05030341f23707
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1cc0774214dac222775959901e04247c1a39d5a6dc4f7d6e37fda6e1b65ec00b
2065aecca0fb9b0567358d352ed5f1ab72fce139bf449b4d09805f5d9c3725ed
2897f490eaee6fd3c20a755839a30d051c2b4423a9cbc1af2a6d8a05c15e9154
398f7b679bb4207ae199d3972439cc60ec60411dace8c9b12b82eab724afdd87
54685db07aca72f8729aafc7d545ad6cd2804361d9d1960a48c20a5bc02967f9
5d56add942e1a5fe8ba67ab2d4918cf815d806fcf1147ae53bdf61fb859b7aa9
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ae88db06df66fada6bd19661950611c6a69796df07f7a97991ec8db92c124af7
b24eb9638260837328cb57cc88a42c7472eebcef0d23ad953073901d3bf41c6d
b336ee919770f24464a0092df7f6abc78383d7c7054174713908b4b079cdae2e
b4a578da8b8720f85f3b245a540f7b823f4f778621b8fe000963b293ba696511
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
bda2c84e2934508dd2b995f28876c68e3f0cf0955173bcf040b76ecc63e03786
be74d8126523b9d8b5e00033cc06ca22ec954ea915eeda3c1c9d4186ad4a9f3f
bf105e00754ed199cca74149ffcaae97684c72eee00602223f918efdd96cc45f
c4101b06c4f057e319ae6b4343f4a2870d2ac42b57f2c2871c1dd63b1d0c8f1c
ca49e0106da7498498202c0b5f2009c48cf356928c28bf97dca2dea92b3e2140
cb01ad270272a02e43cd31bd67e12b04f4aef501a6aafc4505c9a3d3965c04e0
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d108998402f1d542c0d6ac92c19ea4818554e1093fb96b1bd589ebb5a4f533a8
d7793635b3a67ad46bb0f738f17326d1d4de4ef3e9a2a2ee4ac4e318a77dabd0
de8025dffc57069d02c00a3640796dec23114f51af54c209b8fee272d8d0ecd6
df28475274fbc1201731dc862b8714515953b0680233e5b6a943298bbe54ce8f
e5406295dbe83b43365abc4a649288b62d4f0512158cc7ccde7ab0c680b1e932
ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4
ef9c554bca3ce5b9f978b626ff8c3a441c0468af2599bdb4e9b6b32f6743f058
f2aff5b51b35d628f161cc7e99d60fd7a751bfec71c59e56c258da0ed04a8395

www.gloriousplays.com Open in urlscan Pro 2606:4700:3030::ac43:930d Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

31 Requests

100 %HTTPS

67 %IPv6

9 Domains

9 Subdomains

6 IPs

2 Countries

1220 kBTransfer

1651 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gloriousplays.com Open in urlscan Pro
2606:4700:3030::ac43:930d Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

100 %
HTTPS

67 %
IPv6

9
Domains

9
Subdomains

6
IPs

2
Countries

1220 kB
Transfer

1651 kB
Size

5
Cookies

31 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!