urlscan.io logo urlscan.io
SecurityTrails logo

zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io Open in urlscan Pro
2604:1380:4091:3003:5000:f7ff:febf:354b  Public Scan

Go To Rescan Add Verdict Report
URL: https://zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io/
Submission: On April 15 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 11 HTTP transactions. The main IP is 2604:1380:4091:3003:5000:f7ff:febf:354b, located in Frankfurt am Main, Germany and belongs to PACKET, US. The main domain is zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io.
TLS certificate: Issued by R3 on February 16th 2023. Valid for: 3 months.
This is the only time zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    2604:1380:4091:3003:5000:f7ff:febf:354b (Frankfurt am Main, Germany)

ASN54825 (PACKET, US)
zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:e4::ac40:a916 (United States)

ASN13335 (CLOUDFLARENET, US)
gamepress.gg
2    199.232.194.2 (United States)

ASN54113 (FASTLY, US)
media1.giphy.com
media0.giphy.com
3    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
4 icp0.io
zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io
79 KB
3 gstatic.com
fonts.gstatic.com
56 KB
2 giphy.com
media1.giphy.com — Cisco Umbrella Rank: 1887
media0.giphy.com — Cisco Umbrella Rank: 1893
177 KB
1 gamepress.gg
gamepress.gg — Cisco Umbrella Rank: 145680
1 MB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39
1 KB
11 5
Domain Requested by
4 zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io
3 fonts.gstatic.com fonts.googleapis.com
1 media0.giphy.com zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io
1 media1.giphy.com zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io
1 gamepress.gg zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io
1 fonts.googleapis.com zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io
11 6

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
twitter.com
www.appbrewery.co
Subject Issuer Validity Valid
boundary.dfinity.network
R3		 2023-02-16 -
2023-05-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
gamepress.gg
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
*.giphy.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-29 -
2023-12-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io/
Frame ID: E7BCA4F6B603DC96B00866CBB9754EC6
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SporkyGG

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

11
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

1801 kB
Transfer

1795 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io/ 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2604:1380:4091:3003:5000:f7ff:febf:354b Frankfurt am Main, Germany, ASN54825 (PACKET, US),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
3208c4d18a89a3590ace02ab1e2d487d07eac2594165f635ae9cda53c9c0727c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-None-Match,If-Modified-Since,Cache-Control,Content-Type,Range,Cookie
access-control-allow-methods
HEAD, GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges,Content-Length,Content-Range
access-control-max-age
600
content-encoding
gzip
content-type
text/html
date
Sat, 15 Apr 2023 20:49:03 GMT
etag
W/"3208c4d18a89a3590ace02ab1e2d487d07eac2594165f635ae9cda53c9c0727c"
ic-certificate
certificate=:2dn3o2R0cmVlgwGDAYMBgwJIY2FuaXN0ZXKDAYIEWCCoui2QxJKHXLIgzvmcJln6GPRX6a7+TftbmT+R1m9KbIMBgwGCBFggeAab3uu6dEYzgt84QaPPueFDGHxAMpfXLX859Xcd1a2DAYMBggRYIF9dJE4Cq090uxCufiZBDatWbWdgh29uczQMQJ5O0L3UgwGDAYIEWCBxATngsMHtbTDXgk/ASrhbbdG7c+Roh2ib/te3YTLmu4MBggRYIKVBDJ1aZtGW2tnCdp6R/az9Mw1G0SDzcm6mfEfKrPqEgwGDAYMBgwJKAAAAAAFwDCABAYMBgwGDAYMCTmNlcnRpZmllZF9kYXRhggNYIO70kbqJ11BFe8OvLvlwuFcSVXzGqGxldu1jem/jjScuggRYIIPFa/FN3j0o3mbGkrX8nZfp3ZhbatcrD+b4ToqN89yyggRYIFctjcintow2Np91vXH7xYRAvidoxeQh8sdCSPFra3P8ggRYILnTUgj9SSHrS7imWtKAGArHV6u7vhNHxgrENVhVQgB0ggRYIOV1CY1eiyKRG5jrs8AvWTZDSry8FnCVerPigdqwWYdpggRYIJJY3zPnmm8tN0zBJtiZl+cm85FjIsnqhftfLI1v91ZPggRYINR5nLh9uFIcq4FoeVWess8JfLyvokQfXsN3r9sFDlnqggRYIPbfgu8PmtEr3Q26hry/i4U28amdbC7Q1XRjK9jieJrWggRYIB7HJVMccH57/1LBlquySjzI/hN0eTPWcg1wUchlQuNnggRYIFUsrCeZrk7ulbxa6G03TGzVgYWbfSkIDohRFUaNFieMggRYIO2guLJH76DNihQL/jZM7IMXp3BHxfGVA62j+gEJwVo4ggRYIAsx3Yh3v8ECDsp7zUe/nQ8r/+2i2OwR1/CuCt7Bt8rBgwGCBFggzFeBCfxdveWRz3nLP6YybNzN2fqI6idZLKiIgkNmr+ODAkR0aW1lggNJ7pr1hPfYjasXaXNpZ25hdHVyZVgwsW2ztzq7SqtIUsDAEIiihau5pz/23OP6ElovIWL8nc9dnE5b8gXcxFoRkqbvggu3amRlbGVnYXRpb26iaXN1Ym5ldF9pZFgdWBtaovEMXyIeRd50os7K/T2gdr452wkHy/VUuwJrY2VydGlmaWNhdGVZAlfZ2feiZHRyZWWDAYIEWCCfcfRxjaJpRQsduBk8uOqYBeEkerKdZr3t8C5xn7abkYMBgwJGc3VibmV0gwGDAYIEWCBTY9mSHEaKwaDAR1EkoXA7Duq0TxKv5LtyGgWeq/vM3oMBgwGDAYMBgwJYHVgbWqLxDF8iHkXedKLOyv09oHa+OdsJB8v1VLsCgwGDAk9jYW5pc3Rlcl9yYW5nZXOCA1gb2dn3gYJKAAAAAAFwAAABAUoAAAAAAX///wEBgwJKcHVibGljX2tleYIDWIUwgYIwHQYNKwYBBAGC3HwFAwECAQYMKwYBBAGC3HwFAwIBA2EArSiiv6rmySSO8eo+T0vG6ikQHOUzsAdTSbuGqIU1whbOQ0yaoBi4dGVEHdmX7SMnDish4SbHTxYpO9uikDPoWOzVC9p74baSpAHhVOuHtl3PCYNjXleOPqL22bAsfHncggRYII0bb/PggEBVd5jVU9ZK+ViZ8loBZuOxJ20cjdvfWrcFggRYIF0tHJQ49uHbod+twsUPUYtjGCYo081ptJRNWMs2qpicggRYIJw4PrjSp8hsakQTVQaijycHL+Lb7z6e6a9HHs3AY7PTggRYIGoX9qb27SEZm4g9MxiDSItkMnfhcHLoLRzEA2u1LKNmggRYIN8RJENd8cm64fE0TvP9pqYPj699BnIONfATSdimT8lkgwJEdGltZYIDSfTVv77fldOpF2lzaWduYXR1cmVYMI/bQUQjXb5JqhLHfqtY5OBUKotG6gPcAa3N7kRxHmFsQG+MKLC3Q8a1diKz6SK6Kg==:, tree=:2dn3gwJLaHR0cF9hc3NldHODAYMBgwJOL1N0dWJDb2RlLmh0bWyCBFggQ5cjsbHzsRZEH+oUEJCyfVNu24umSQCiUZL0h+AWVwiCBFggn9QIFYTd3Wslk+AFylxms43HUNG4DVhkK46AqM9Zu8WDAYIEWCB2BOV+g1SF7Xghzcekq3x2O2a8VNUoNGB3TQQyyqy7mIMBggRYIDOa2kyjkN5UDd7N2xKQJnY/g941WhrnNP1yohCOeRzRgwJLL2luZGV4Lmh0bWyCA1ggMgjE0YqJo1kKzgKrHi1IfQfqwllBZfY1rpzaU8nAcnw=:
server
nginx/1.21.3
styles.css
zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io/css/styles.css
Requested by
Host: zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io
URL: https://zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2604:1380:4091:3003:5000:f7ff:febf:354b Frankfurt am Main, Germany, ASN54825 (PACKET, US),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
8111661079ffeee424d655b66ebab5ec1062b3c2a42c5850c01041262164df7f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 20:49:03 GMT
content-encoding
gzip
server
nginx/1.21.3
etag
"4f3afd0facb90ba440f71a50d1dad97120b2d029cfb85deb757498ff3c959f97"
ic-certificate
certificate=:2dn3o2R0cmVlgwGDAYMBgwJIY2FuaXN0ZXKDAYIEWCCoui2QxJKHXLIgzvmcJln6GPRX6a7+TftbmT+R1m9KbIMBgwGCBFggeAab3uu6dEYzgt84QaPPueFDGHxAMpfXLX859Xcd1a2DAYMBggRYIF9dJE4Cq090uxCufiZBDatWbWdgh29uczQMQJ5O0L3UgwGDAYIEWCBxATngsMHtbTDXgk/ASrhbbdG7c+Roh2ib/te3YTLmu4MBggRYIKVBDJ1aZtGW2tnCdp6R/az9Mw1G0SDzcm6mfEfKrPqEgwGDAYMBgwJKAAAAAAFwDCABAYMBgwGDAYMCTmNlcnRpZmllZF9kYXRhggNYIO70kbqJ11BFe8OvLvlwuFcSVXzGqGxldu1jem/jjScuggRYIIPFa/FN3j0o3mbGkrX8nZfp3ZhbatcrD+b4ToqN89yyggRYIFctjcintow2Np91vXH7xYRAvidoxeQh8sdCSPFra3P8ggRYILnTUgj9SSHrS7imWtKAGArHV6u7vhNHxgrENVhVQgB0ggRYIOV1CY1eiyKRG5jrs8AvWTZDSry8FnCVerPigdqwWYdpggRYIJJY3zPnmm8tN0zBJtiZl+cm85FjIsnqhftfLI1v91ZPggRYINR5nLh9uFIcq4FoeVWess8JfLyvokQfXsN3r9sFDlnqggRYIPbfgu8PmtEr3Q26hry/i4U28amdbC7Q1XRjK9jieJrWggRYIB7HJVMccH57/1LBlquySjzI/hN0eTPWcg1wUchlQuNnggRYIFUsrCeZrk7ulbxa6G03TGzVgYWbfSkIDohRFUaNFieMggRYIFPIdlfcBlS0POWTV53U+xDI+0yF04iuLR0vTM+BNi+QggRYIHmZ5lNhidSy5P7Q+OBuOXp04yMKgXGPfB6w31YQB8RFgwGCBFggzFeBCfxdveWRz3nLP6YybNzN2fqI6idZLKiIgkNmr+ODAkR0aW1lggNJo8alsvrYjasXaXNpZ25hdHVyZVgwhrpQHlr/X21aTnAaJfBmzx06LdqDazDSu11OJ7+yxjdrZrsc4kFWnGDYDFqkjwrMamRlbGVnYXRpb26iaXN1Ym5ldF9pZFgdWBtaovEMXyIeRd50os7K/T2gdr452wkHy/VUuwJrY2VydGlmaWNhdGVZAlfZ2feiZHRyZWWDAYIEWCAu+RpeO84XrGk1Mm0AaQDGF0m1PLAyIG3gS+LfLihQTYMBgwJGc3VibmV0gwGDAYIEWCBTY9mSHEaKwaDAR1EkoXA7Duq0TxKv5LtyGgWeq/vM3oMBgwGDAYMBgwJYHVgbWqLxDF8iHkXedKLOyv09oHa+OdsJB8v1VLsCgwGDAk9jYW5pc3Rlcl9yYW5nZXOCA1gb2dn3gYJKAAAAAAFwAAABAUoAAAAAAX///wEBgwJKcHVibGljX2tleYIDWIUwgYIwHQYNKwYBBAGC3HwFAwECAQYMKwYBBAGC3HwFAwIBA2EArSiiv6rmySSO8eo+T0vG6ikQHOUzsAdTSbuGqIU1whbOQ0yaoBi4dGVEHdmX7SMnDish4SbHTxYpO9uikDPoWOzVC9p74baSpAHhVOuHtl3PCYNjXleOPqL22bAsfHncggRYII0bb/PggEBVd5jVU9ZK+ViZ8loBZuOxJ20cjdvfWrcFggRYIF0tHJQ49uHbod+twsUPUYtjGCYo081ptJRNWMs2qpicggRYIJw4PrjSp8hsakQTVQaijycHL+Lb7z6e6a9HHs3AY7PTggRYIGoX9qb27SEZm4g9MxiDSItkMnfhcHLoLRzEA2u1LKNmggRYIN8RJENd8cm64fE0TvP9pqYPj699BnIONfATSdimT8lkgwJEdGltZYIDSYiY4JvLldOpF2lzaWduYXR1cmVYMIw5SxGnluK4umMF+tWY03CfR3iHUc6RS5nLx9ZU/xf4hhH3J+0MwmulMznhWPn0gw==:, tree=:2dn3gwJLaHR0cF9hc3NldHODAYMBggRYICyxTFqA4CdkMVlwmeyCPAQ2G5/+wgJqHsROwHYkPUn9gwGDAk8vY3NzL3N0eWxlcy5jc3OCA1gggRFmEHn/7uQk1lW2brq17BBis8KkLFhQwBBBJiFk33+CBFgg+BhvmYBxs4Vv6IQpmKWK6keHeGGV9HPkaY1gbZqy9LCCBFggokETVzJKIV+si7kude+lVv6GxLvuYJVUWGaN2+NPOQc=:
access-control-max-age
600
access-control-allow-methods
HEAD, GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges,Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-None-Match,If-Modified-Since,Cache-Control,Content-Type,Range,Cookie
content-length
816
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Merriweather&family=Montserrat&family=Sacramento&display=swap
Requested by
Host: zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io
URL: https://zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
032ffac9e0735d4009dc4195806d0840e069ed234a8a7c7c646233db4db446a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 15 Apr 2023 20:49:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 15 Apr 2023 20:49:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 15 Apr 2023 20:49:03 GMT
cloud.png
zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io/images/ 		4 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io/images/cloud.png
Requested by
Host: zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io
URL: https://zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2604:1380:4091:3003:5000:f7ff:febf:354b Frankfurt am Main, Germany, ASN54825 (PACKET, US),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
0bce50f71a4b9b08ff9b7e481e690d9dc7f863e39aacc88df0858c8100763207

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 20:49:04 GMT
server
nginx/1.21.3
etag
"0bce50f71a4b9b08ff9b7e481e690d9dc7f863e39aacc88df0858c8100763207"
ic-certificate
certificate=:2dn3o2R0cmVlgwGDAYMBgwJIY2FuaXN0ZXKDAYIEWCCoui2QxJKHXLIgzvmcJln6GPRX6a7+TftbmT+R1m9KbIMBgwGCBFggeAab3uu6dEYzgt84QaPPueFDGHxAMpfXLX859Xcd1a2DAYMBggRYIF9dJE4Cq090uxCufiZBDatWbWdgh29uczQMQJ5O0L3UgwGDAYIEWCBxATngsMHtbTDXgk/ASrhbbdG7c+Roh2ib/te3YTLmu4MBggRYIKVBDJ1aZtGW2tnCdp6R/az9Mw1G0SDzcm6mfEfKrPqEgwGDAYMBgwJKAAAAAAFwDCABAYMBgwGDAYMCTmNlcnRpZmllZF9kYXRhggNYIO70kbqJ11BFe8OvLvlwuFcSVXzGqGxldu1jem/jjScuggRYIIPFa/FN3j0o3mbGkrX8nZfp3ZhbatcrD+b4ToqN89yyggRYIFctjcintow2Np91vXH7xYRAvidoxeQh8sdCSPFra3P8ggRYILnTUgj9SSHrS7imWtKAGArHV6u7vhNHxgrENVhVQgB0ggRYIOV1CY1eiyKRG5jrs8AvWTZDSry8FnCVerPigdqwWYdpggRYIJJY3zPnmm8tN0zBJtiZl+cm85FjIsnqhftfLI1v91ZPggRYINR5nLh9uFIcq4FoeVWess8JfLyvokQfXsN3r9sFDlnqggRYIPbfgu8PmtEr3Q26hry/i4U28amdbC7Q1XRjK9jieJrWggRYIB7HJVMccH57/1LBlquySjzI/hN0eTPWcg1wUchlQuNnggRYIFUsrCeZrk7ulbxa6G03TGzVgYWbfSkIDohRFUaNFieMggRYIFPIdlfcBlS0POWTV53U+xDI+0yF04iuLR0vTM+BNi+QggRYIHmZ5lNhidSy5P7Q+OBuOXp04yMKgXGPfB6w31YQB8RFgwGCBFggzFeBCfxdveWRz3nLP6YybNzN2fqI6idZLKiIgkNmr+ODAkR0aW1lggNJo8alsvrYjasXaXNpZ25hdHVyZVgwhrpQHlr/X21aTnAaJfBmzx06LdqDazDSu11OJ7+yxjdrZrsc4kFWnGDYDFqkjwrMamRlbGVnYXRpb26iaXN1Ym5ldF9pZFgdWBtaovEMXyIeRd50os7K/T2gdr452wkHy/VUuwJrY2VydGlmaWNhdGVZAlfZ2feiZHRyZWWDAYIEWCBeb6ICnQRXyDLVJWZF+bYPOiHzqkC9iEpgYJrL47TLMoMBgwJGc3VibmV0gwGDAYIEWCBTY9mSHEaKwaDAR1EkoXA7Duq0TxKv5LtyGgWeq/vM3oMBgwGDAYMBgwJYHVgbWqLxDF8iHkXedKLOyv09oHa+OdsJB8v1VLsCgwGDAk9jYW5pc3Rlcl9yYW5nZXOCA1gb2dn3gYJKAAAAAAFwAAABAUoAAAAAAX///wEBgwJKcHVibGljX2tleYIDWIUwgYIwHQYNKwYBBAGC3HwFAwECAQYMKwYBBAGC3HwFAwIBA2EArSiiv6rmySSO8eo+T0vG6ikQHOUzsAdTSbuGqIU1whbOQ0yaoBi4dGVEHdmX7SMnDish4SbHTxYpO9uikDPoWOzVC9p74baSpAHhVOuHtl3PCYNjXleOPqL22bAsfHncggRYII0bb/PggEBVd5jVU9ZK+ViZ8loBZuOxJ20cjdvfWrcFggRYIF0tHJQ49uHbod+twsUPUYtjGCYo081ptJRNWMs2qpicggRYIJw4PrjSp8hsakQTVQaijycHL+Lb7z6e6a9HHs3AY7PTggRYIGoX9qb27SEZm4g9MxiDSItkMnfhcHLoLRzEA2u1LKNmggRYIN8RJENd8cm64fE0TvP9pqYPj699BnIONfATSdimT8lkgwJEdGltZYIDSeup1aa9l9OpF2lzaWduYXR1cmVYMJSOhfiIl+yjg7tVEGx6CLARinLnJ0UcPaLyPEbkK42FQ7TJvnAsqQ8L+XgCkaMAXQ==:, tree=:2dn3gwJLaHR0cF9hc3NldHODAYIEWCBVK9Opr6opEbAytB6MHOAQtt3foA9KPA1tsseb8sL1aYMBgwJRL2ltYWdlcy9jbG91ZC5wbmeCA1ggC85Q9xpLmwj/m35IHmkNncf4Y+OarMiN8IWMgQB2MgeCBFggPWnP1Glh9/aHvXIG8XuHQ+NOpRDdGlVq1qa6kfuKWHE=:
access-control-max-age
600
access-control-allow-methods
HEAD, GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges,Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-None-Match,If-Modified-Since,Cache-Control,Content-Type,Range,Cookie
content-length
3901
mountain.png
zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io/images/ 		64 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io/images/mountain.png
Requested by
Host: zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io
URL: https://zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2604:1380:4091:3003:5000:f7ff:febf:354b Frankfurt am Main, Germany, ASN54825 (PACKET, US),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
67ef352db83a32912709ab5a56544f7a8cfb877ab8d0ad8b2ba62924bb8acadb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 20:49:04 GMT
server
nginx/1.21.3
etag
"67ef352db83a32912709ab5a56544f7a8cfb877ab8d0ad8b2ba62924bb8acadb"
ic-certificate
certificate=:2dn3o2R0cmVlgwGDAYMBgwJIY2FuaXN0ZXKDAYIEWCCoui2QxJKHXLIgzvmcJln6GPRX6a7+TftbmT+R1m9KbIMBgwGCBFggeAab3uu6dEYzgt84QaPPueFDGHxAMpfXLX859Xcd1a2DAYMBggRYIF9dJE4Cq090uxCufiZBDatWbWdgh29uczQMQJ5O0L3UgwGDAYIEWCBxATngsMHtbTDXgk/ASrhbbdG7c+Roh2ib/te3YTLmu4MBggRYIKVBDJ1aZtGW2tnCdp6R/az9Mw1G0SDzcm6mfEfKrPqEgwGDAYMBgwJKAAAAAAFwDCABAYMBgwGDAYMCTmNlcnRpZmllZF9kYXRhggNYIO70kbqJ11BFe8OvLvlwuFcSVXzGqGxldu1jem/jjScuggRYIIPFa/FN3j0o3mbGkrX8nZfp3ZhbatcrD+b4ToqN89yyggRYIFctjcintow2Np91vXH7xYRAvidoxeQh8sdCSPFra3P8ggRYILnTUgj9SSHrS7imWtKAGArHV6u7vhNHxgrENVhVQgB0ggRYIOV1CY1eiyKRG5jrs8AvWTZDSry8FnCVerPigdqwWYdpggRYIJJY3zPnmm8tN0zBJtiZl+cm85FjIsnqhftfLI1v91ZPggRYINR5nLh9uFIcq4FoeVWess8JfLyvokQfXsN3r9sFDlnqggRYIPbfgu8PmtEr3Q26hry/i4U28amdbC7Q1XRjK9jieJrWggRYIB7HJVMccH57/1LBlquySjzI/hN0eTPWcg1wUchlQuNnggRYIFUsrCeZrk7ulbxa6G03TGzVgYWbfSkIDohRFUaNFieMggRYIFPIdlfcBlS0POWTV53U+xDI+0yF04iuLR0vTM+BNi+QggRYIHmZ5lNhidSy5P7Q+OBuOXp04yMKgXGPfB6w31YQB8RFgwGCBFggzFeBCfxdveWRz3nLP6YybNzN2fqI6idZLKiIgkNmr+ODAkR0aW1lggNJo8alsvrYjasXaXNpZ25hdHVyZVgwhrpQHlr/X21aTnAaJfBmzx06LdqDazDSu11OJ7+yxjdrZrsc4kFWnGDYDFqkjwrMamRlbGVnYXRpb26iaXN1Ym5ldF9pZFgdWBtaovEMXyIeRd50os7K/T2gdr452wkHy/VUuwJrY2VydGlmaWNhdGVZAlfZ2feiZHRyZWWDAYIEWCCfcfRxjaJpRQsduBk8uOqYBeEkerKdZr3t8C5xn7abkYMBgwJGc3VibmV0gwGDAYIEWCBTY9mSHEaKwaDAR1EkoXA7Duq0TxKv5LtyGgWeq/vM3oMBgwGDAYMBgwJYHVgbWqLxDF8iHkXedKLOyv09oHa+OdsJB8v1VLsCgwGDAk9jYW5pc3Rlcl9yYW5nZXOCA1gb2dn3gYJKAAAAAAFwAAABAUoAAAAAAX///wEBgwJKcHVibGljX2tleYIDWIUwgYIwHQYNKwYBBAGC3HwFAwECAQYMKwYBBAGC3HwFAwIBA2EArSiiv6rmySSO8eo+T0vG6ikQHOUzsAdTSbuGqIU1whbOQ0yaoBi4dGVEHdmX7SMnDish4SbHTxYpO9uikDPoWOzVC9p74baSpAHhVOuHtl3PCYNjXleOPqL22bAsfHncggRYII0bb/PggEBVd5jVU9ZK+ViZ8loBZuOxJ20cjdvfWrcFggRYIF0tHJQ49uHbod+twsUPUYtjGCYo081ptJRNWMs2qpicggRYIJw4PrjSp8hsakQTVQaijycHL+Lb7z6e6a9HHs3AY7PTggRYIGoX9qb27SEZm4g9MxiDSItkMnfhcHLoLRzEA2u1LKNmggRYIN8RJENd8cm64fE0TvP9pqYPj699BnIONfATSdimT8lkgwJEdGltZYIDSfTVv77fldOpF2lzaWduYXR1cmVYMI/bQUQjXb5JqhLHfqtY5OBUKotG6gPcAa3N7kRxHmFsQG+MKLC3Q8a1diKz6SK6Kg==:, tree=:2dn3gwJLaHR0cF9hc3NldHODAYIEWCBVK9Opr6opEbAytB6MHOAQtt3foA9KPA1tsseb8sL1aYMBggRYIHYE5X6DVIXteCHNx6SrfHY7ZrxU1Sg0YHdNBDLKrLuYgwGDAlQvaW1hZ2VzL21vdW50YWluLnBuZ4IDWCBn7zUtuDoykScJq1pWVE96jPuHerjQrYsrpikku4rK24IEWCBy/Xfl8eajt0nJnUvkV4n/rbZxHOIxOMpvyVLrA1SF6w==:
access-control-max-age
600
access-control-allow-methods
HEAD, GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges,Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-None-Match,If-Modified-Since,Cache-Control,Content-Type,Range,Cookie
content-length
65865
sk_c1046_3.gif
gamepress.gg/epicseven/sites/epicseven/files/2019-12/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gamepress.gg/epicseven/sites/epicseven/files/2019-12/sk_c1046_3.gif
Requested by
Host: zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io
URL: https://zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e942c80300f8f17244d3708734938d1a1d5388a4cfe329620147acddd3ac5081
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 20:49:04 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-ah-environment
prod
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1521451
x-request-id
v-f5617c9c-dbce-11ed-9a84-dfb0bd8b7097
last-modified
Mon, 23 Dec 2019 21:13:06 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PykpPBB%2Ff27XeLqy%2FiUbLjmMOXvSlr1BFJKb%2BaSJMfZe4KPZ53wsLQXfzlxYu1f5u2whLs1WMbJlnqLdc0%2FsljtzgfNaYw7xw2u75HF%2BcjGq2Ij0wotXKnZdqznnUFuoFGZSG6VEGXye3HA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
7b870d8fbf2d3ced-CDG
expires
Sat, 29 Apr 2023 20:49:04 GMT
giphy.gif
media1.giphy.com/media/yzY9DpxLPxATtaerWq/ 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media1.giphy.com/media/yzY9DpxLPxATtaerWq/giphy.gif?cid=ecf05e47l5fnt4b95w1kirnta633fy87279m8qf7h95cmc1s&rid=giphy.gif&ct=s
Requested by
Host: zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io
URL: https://zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
86e285b8a879760d552fa5a8d6247f9c7bda169667629fad4005850653c1f782
Security Headers
Name Value
Strict-Transport-Security max-age=15465600

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 20:49:03 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=15465600
age
900314
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
142899
x-served-by
cache-iad-kiad7000178-IAD, cache-lcy-eglc8600034-LCY
last-modified
Mon, 12 Apr 2021 11:06:23 GMT
x-timer
S1681591744.961094,VS0,VE4
etag
"82f948ffad826982a51b26b4908adfc6"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-cache-hits
38, 1
giphy.gif
media0.giphy.com/media/CWr17ltjWUT3G/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media0.giphy.com/media/CWr17ltjWUT3G/giphy.gif?cid=ecf05e47no13nvqfrlmmfz6aa1yvesj8gawlixf9cav0w2gz&rid=giphy.gif&ct=s
Requested by
Host: zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io
URL: https://zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6492a2a144383b8f41bdc0db8336500cfe4eda4f8dd3dc0045a28b3d668be7d8
Security Headers
Name Value
Strict-Transport-Security max-age=15465600

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 20:49:03 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=15465600
age
109738
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
37463
x-served-by
cache-iad-kiad7000080-IAD, cache-lcy-eglc8600040-LCY
last-modified
Fri, 02 Dec 2016 03:20:39 GMT
x-timer
S1681591744.964752,VS0,VE2
etag
"196d6c487693d01f4bcd64e9749a5eac"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-cache-hits
286, 1
buEzpo6gcdjy0EiZMBUG4C0f_Q.woff2
fonts.gstatic.com/s/sacramento/v13/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sacramento/v13/buEzpo6gcdjy0EiZMBUG4C0f_Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather&family=Montserrat&family=Sacramento&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fcd867d2812578d001b0eca921848e24de91d01986f26e038be374ec7c5cfd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 18:11:51 GMT
x-content-type-options
nosniff
age
95833
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23708
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:03:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Apr 2024 18:11:51 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather&family=Montserrat&family=Sacramento&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 10:38:27 GMT
x-content-type-options
nosniff
age
382237
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12708
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:55:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 10:38:27 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather&family=Montserrat&family=Sacramento&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://zwb2h-eyaaa-aaaal-qbqqa-cai.raw.icp0.io
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 10:34:29 GMT
x-content-type-options
nosniff
age
382475
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20028
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 10:34:29 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

0 Cookies