worker-withered-sound-fb55.yzmbechiengels.workers.dev Open in urlscan Pro
172.67.165.214 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Effective URL:
https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS
Submission: On May 15 via manual (May 15th 2024, 7:31:01 pm UTC) from XK — Scanned from DE

Summary HTTP 52 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 52 HTTP transactions. The main IP is 172.67.165.214, located in United States and belongs to CLOUDFLARENET, US. The main domain is worker-withered-sound-fb55.yzmbechiengels.workers.dev.
TLS certificate: Issued by E1 on April 30th 2024. Valid for: 3 months.

This is the only time worker-withered-sound-fb55.yzmbechiengels.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
8	172.67.165.214 172.67.165.214	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
3	54.85.39.78 54.85.39.78	14618 (AMAZON-AES) (AMAZON-AES)
1	104.17.24.14 104.17.24.14	() ()
1	2a04:4e42:200... 2a04:4e42:200::649	() ()
3	2620:1ec:46::45 2620:1ec:46::45	() ()
52	8

8 172.67.165.214 (United States)

ASN13335 (CLOUDFLARENET, US)

worker-withered-sound-fb55.yzmbechiengels.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.85.39.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-39-78.compute-1.amazonaws.com

endurable-lateral-walk.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN- ()

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (None, )

ASN- ()

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:46::45 (None, )

ASN- ()

aadcdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	google.com www.google.com — Cisco Umbrella Rank: 2	964 B
8	workers.dev worker-withered-sound-fb55.yzmbechiengels.workers.dev	9 KB
7	gstatic.com www.gstatic.com	202 KB
3	msauth.net aadcdn.msauth.net	5 KB
3	glitch.me endurable-lateral-walk.glitch.me Failed	1 MB
1	jquery.com code.jquery.com	30 KB
1	cloudflare.com cdnjs.cloudflare.com	6 KB
52	7

	Domain	Requested by
21	www.google.com	worker-withered-sound-fb55.yzmbechiengels.workers.dev www.gstatic.com
8	worker-withered-sound-fb55.yzmbechiengels.workers.dev
7	www.gstatic.com	www.google.com
3	aadcdn.msauth.net	worker-withered-sound-fb55.yzmbechiengels.workers.dev
3	endurable-lateral-walk.glitch.me	worker-withered-sound-fb55.yzmbechiengels.workers.dev
1	code.jquery.com	endurable-lateral-walk.glitch.me
1	cdnjs.cloudflare.com	endurable-lateral-walk.glitch.me
52	7

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
www.microsoft.com
privacy.microsoft.com

Subject Issuer	Validity	Valid
yzmbechiengels.workers.dev E1	`2024-04-30` - `2024-07-29`	3 months	crt.sh
*.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
glitch.com Amazon RSA 2048 M03	`2023-12-04` - `2025-01-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
aadcdn.msauth.net DigiCert SHA2 Secure Server CA	`2024-04-30` - `2025-04-30`	a year	crt.sh

This page contains 17 frames:

Frame: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS
Frame ID: 3DE94CC7A0267327B8C9EACA01D35859
Requests: 43 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS&co=aHR0cHM6Ly93b3JrZXItd2l0aGVyZWQtc291bmQtZmI1NS55em1iZWNoaWVuZ2Vscy53b3JrZXJzLmRldjo0NDM.&hl=de&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=9pfc2w9daq6c
Frame ID: 3A30019101D6487B62A4B402E81F3ABA
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS&co=aHR0cHM6Ly93b3JrZXItd2l0aGVyZWQtc291bmQtZmI1NS55em1iZWNoaWVuZ2Vscy53b3JrZXJzLmRldjo0NDM.&hl=de&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=nrz0ird8n9lu
Frame ID: EC1AF7919C855C0ECD574AC176BD4157
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS&co=aHR0cHM6Ly93b3JrZXItd2l0aGVyZWQtc291bmQtZmI1NS55em1iZWNoaWVuZ2Vscy53b3JrZXJzLmRldjo0NDM.&hl=de&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=o65y6k92y1bg
Frame ID: 273778041F93D0C07FCEF6C88CDD5EC1
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS&co=aHR0cHM6Ly93b3JrZXItd2l0aGVyZWQtc291bmQtZmI1NS55em1iZWNoaWVuZ2Vscy53b3JrZXJzLmRldjo0NDM.&hl=de&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=wd4jyc1u1if6
Frame ID: 1A6D283211643AB9927D75791588B591
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS&co=aHR0cHM6Ly93b3JrZXItd2l0aGVyZWQtc291bmQtZmI1NS55em1iZWNoaWVuZ2Vscy53b3JrZXJzLmRldjo0NDM.&hl=de&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=mt7ad65uvkax
Frame ID: CA2D48E312730A88E413DDB9A18DC956
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS&co=aHR0cHM6Ly93b3JrZXItd2l0aGVyZWQtc291bmQtZmI1NS55em1iZWNoaWVuZ2Vscy53b3JrZXJzLmRldjo0NDM.&hl=de&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=l6808vjqj1pj
Frame ID: 9E5FDEBD7FD7D3432509E7CDE3213025
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS&co=aHR0cHM6Ly93b3JrZXItd2l0aGVyZWQtc291bmQtZmI1NS55em1iZWNoaWVuZ2Vscy53b3JrZXJzLmRldjo0NDM.&hl=de&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=au502jjlue86
Frame ID: FF501109E5C54CE0EA1FEE05D4EFC7AB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS&co=aHR0cHM6Ly93b3JrZXItd2l0aGVyZWQtc291bmQtZmI1NS55em1iZWNoaWVuZ2Vscy53b3JrZXJzLmRldjo0NDM.&hl=de&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=2e1mmkokdxkx
Frame ID: 7FD899A783DA336C5A54AC9A94D66541
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS&co=aHR0cHM6Ly93b3JrZXItd2l0aGVyZWQtc291bmQtZmI1NS55em1iZWNoaWVuZ2Vscy53b3JrZXJzLmRldjo0NDM.&hl=de&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=4pgd717m5q9f
Frame ID: F85B7B62083C9C54D815665D7976BABB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS&co=aHR0cHM6Ly93b3JrZXItd2l0aGVyZWQtc291bmQtZmI1NS55em1iZWNoaWVuZ2Vscy53b3JrZXJzLmRldjo0NDM.&hl=de&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=r335vocnnmj
Frame ID: 7C36F2982424548C05051A664D795557
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS&co=aHR0cHM6Ly93b3JrZXItd2l0aGVyZWQtc291bmQtZmI1NS55em1iZWNoaWVuZ2Vscy53b3JrZXJzLmRldjo0NDM.&hl=de&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=r8brxanaaosz
Frame ID: D0E72F365C8ED82D16F239B3A7121059
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS&co=aHR0cHM6Ly93b3JrZXItd2l0aGVyZWQtc291bmQtZmI1NS55em1iZWNoaWVuZ2Vscy53b3JrZXJzLmRldjo0NDM.&hl=de&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=4ouodqjekuhv
Frame ID: 1E66F55C7D7A9845730E053BEAB92C1F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS&co=aHR0cHM6Ly93b3JrZXItd2l0aGVyZWQtc291bmQtZmI1NS55em1iZWNoaWVuZ2Vscy53b3JrZXJzLmRldjo0NDM.&hl=de&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=56jkfo8o8l6f
Frame ID: 77AB58390894FD4726E21B88612AEEAE
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS&co=aHR0cHM6Ly93b3JrZXItd2l0aGVyZWQtc291bmQtZmI1NS55em1iZWNoaWVuZ2Vscy53b3JrZXJzLmRldjo0NDM.&hl=de&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=jl4u62ox9ow8
Frame ID: 21F31D480F0DDE797CDF4966DAE8C882
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vjbW55W42X033PfTdVf6Ft4q&k=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS
Frame ID: 764F15BD1560E9AFA79B68E244F7AD9C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vjbW55W42X033PfTdVf6Ft4q&k=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS
Frame ID: B596FD6248D00CED972C3F7B4651CA5C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to Best Productivity Provider!

Page URL History Show full URLs

https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Page URL
https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS Page URL
https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS Page URL
https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS Page URL
https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS Page URL
https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS Page URL
https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

52
Requests

85 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

8
IPs

2
Countries

1334 kB
Transfer

4776 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://go.microsoft.com/fwlink/p/?LinkId=708614
Title: More information

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/fr/servicesagreement/
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/fr/privacystatement
Title: Cookie Privacy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Page URL
https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS Page URL
https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS Page URL
https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS Page URL
https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS Page URL
https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS Page URL
https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 / Show response
worker-withered-sound-fb55.yzmbechiengels.workers.dev/ 2 KB
1 KB 115ms
47ms Document
text/html 172.67.165.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.165.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9565dfa7e39544b9907e19635c5e7fbd5ff1bade22154edd60c6d33cf00ed069

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 88458ba4ae3418cb-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Wed, 15 May 2024 19:30:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I76Fi9hnnS6f9i%2BxrRkj0YMQCmaiyTXRatc3rGCRNEaqraXzAN7retCGOg0FuFtcOpKyUQ2iJ9HRMMbWzBMSjRJ7IoJEZudF7ju4mVWq5ONwn981KCjVhHPgCrdcwBR1QJ4IBO2FVydNnJdN2cG9j8O24flWJbqzu%2BQxYS1gTP8PMC9h9rXgyw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
964 B 126ms
49ms Script
text/javascript 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS

Requested by

Host: worker-withered-sound-fb55.yzmbechiengels.workers.dev
URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

3953b3a943823d58f71366f7f51eed66d66f5b524536ae04773ac07af0be6544

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:30:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 15 May 2024 19:30:57 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/ 505 KB
202 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a624368de63b32a27d36d8032e5e1bfe03a5e738338493aa0dfc4938d9cd3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Origin: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 13:08:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206091
x-xss-protection: 0
last-modified: Sun, 05 May 2024 20:00:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 May 2025 13:08:52 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 3A30 0
0 163ms
87ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS&co=aHR0cHM6Ly93b3JrZXItd2l0aGVyZWQtc291bmQtZmI1NS55em1iZWNoaWVuZ2Vscy53b3JrZXJzLmRldjo0NDM.&hl=de&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=9pfc2w9daq6c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-49NEIaDFxDVWiP-MxE_inA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-49NEIaDFxDVWiP-MxE_inA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 May 2024 19:30:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame EC1A 0
0 141ms
66ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-75_VeT8olrnhKU0GVCe8ow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-75_VeT8olrnhKU0GVCe8ow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 May 2024 19:30:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET template.htm
endurable-lateral-walk.glitch.me/ 0
0

POST
H3 200 bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS Show response
worker-withered-sound-fb55.yzmbechiengels.workers.dev/ 2 KB
1 KB 50ms
50ms Document
text/html 172.67.165.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.165.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9565dfa7e39544b9907e19635c5e7fbd5ff1bade22154edd60c6d33cf00ed069

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 88458baaadda18cb-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Wed, 15 May 2024 19:30:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HWchqCxzJwOONoaYNhYOqa4%2F5yqbMr03N8Brrl8%2BjmzR1x%2FNSYYZTNQqNPspj3GJC1uo9vkrmN1h8PerZ%2BmYx3py8W1U592rg%2BS%2B51k60JUzb8rYLyDQWmhv6ECReuUTV%2BjUyVHWzODEP9lkhm02y1Cl7%2B67EgojHiB%2FaXkj8dMXBxyf6gWlKw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
0 126ms
49ms Script
text/javascript 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS

Requested by

Host: worker-withered-sound-fb55.yzmbechiengels.workers.dev
URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

3953b3a943823d58f71366f7f51eed66d66f5b524536ae04773ac07af0be6544

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:30:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 15 May 2024 19:30:57 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/ 505 KB
0 126ms
40ms Script
text/javascript 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a624368de63b32a27d36d8032e5e1bfe03a5e738338493aa0dfc4938d9cd3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Origin: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 13:08:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206091
x-xss-protection: 0
last-modified: Sun, 05 May 2024 20:00:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 May 2025 13:08:52 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 2737 0
0 64ms
64ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-h413xuzc8WWq61umHjudCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-h413xuzc8WWq61umHjudCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 May 2024 19:30:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 1A6D 0
0 69ms
69ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-j3k6_tk9kT524XglXXa-OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-j3k6_tk9kT524XglXXa-OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 May 2024 19:30:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET template.htm
endurable-lateral-walk.glitch.me/ 0
0

POST
H3 200 bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS Show response
worker-withered-sound-fb55.yzmbechiengels.workers.dev/ 2 KB
1 KB 59ms
58ms Document
text/html 172.67.165.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.165.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9565dfa7e39544b9907e19635c5e7fbd5ff1bade22154edd60c6d33cf00ed069

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 88458bac0f9a18cb-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Wed, 15 May 2024 19:30:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oyMVtUSGwNdoJCR%2BSNKRm929nqrk74ds7MGQaYEXd%2Ftgd%2BlhTZXYkxk78d5dBK1pYobNcEjy8ICvoRXT%2BHxePgghRYIZ4%2FWjqvGUKxW%2Fu%2F%2BOTh%2F98nrJNe7KqH5zmj%2FKKqJvaSF4P%2F5pAi7DvNpUQciZmErfrGWRiHgYFlfRl1WTDT8akMzdNw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
0 126ms
49ms Script
text/javascript 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS

Requested by

Host: worker-withered-sound-fb55.yzmbechiengels.workers.dev
URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

3953b3a943823d58f71366f7f51eed66d66f5b524536ae04773ac07af0be6544

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:30:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 15 May 2024 19:30:57 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/ 505 KB
0 126ms
40ms Script
text/javascript 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a624368de63b32a27d36d8032e5e1bfe03a5e738338493aa0dfc4938d9cd3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Origin: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 13:08:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206091
x-xss-protection: 0
last-modified: Sun, 05 May 2024 20:00:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 May 2025 13:08:52 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame CA2D 0
0 65ms
65ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lBfz_l_tnfcyRJ4bYBR0ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-lBfz_l_tnfcyRJ4bYBR0ig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 May 2024 19:30:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 9E5F 0
0 63ms
63ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aqmvKnGdO2hI_gHUoyXa6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-aqmvKnGdO2hI_gHUoyXa6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 May 2024 19:30:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET template.htm
endurable-lateral-walk.glitch.me/ 0
0

POST
H3 200 bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS Show response
worker-withered-sound-fb55.yzmbechiengels.workers.dev/ 2 KB
1 KB 56ms
56ms Document
text/html 172.67.165.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.165.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9565dfa7e39544b9907e19635c5e7fbd5ff1bade22154edd60c6d33cf00ed069

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 88458bad598218cb-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Wed, 15 May 2024 19:30:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DqWgPgI8nEz0EamoOr72Tfup4PSsYE%2Fx7ewt0rh3U0QkE1oOPO7EBcnBdzqP1HQvXy0roF%2FqFiRBUky%2BEGn4ZXC4Ibbh5BN725a8Jt1I%2Bc8FYxCI9Xf7eYdXPWOQGbgYNXxr0t0GNY3MZ0dDC7cYtTug8N3VgOakVrJF4gUssftpA07cZy4xQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
0 1ms
1ms Script
text/javascript 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS

Requested by

Host: worker-withered-sound-fb55.yzmbechiengels.workers.dev
URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

3953b3a943823d58f71366f7f51eed66d66f5b524536ae04773ac07af0be6544

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:30:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 15 May 2024 19:30:57 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/ 505 KB
0 0ms
0ms Script
text/javascript 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a624368de63b32a27d36d8032e5e1bfe03a5e738338493aa0dfc4938d9cd3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Origin: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 13:08:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206091
x-xss-protection: 0
last-modified: Sun, 05 May 2024 20:00:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 May 2025 13:08:52 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame FF50 0
0 74ms
74ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-d_zWir_7D14F5-I6yVn6PQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-d_zWir_7D14F5-I6yVn6PQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 May 2024 19:30:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 7FD8 0
0 66ms
66ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s-AnkGf0SDwF_ycLMUmIJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-s-AnkGf0SDwF_ycLMUmIJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 May 2024 19:30:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET template.htm
endurable-lateral-walk.glitch.me/ 0
0

POST
H3 200 bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS Show response
worker-withered-sound-fb55.yzmbechiengels.workers.dev/ 2 KB
1 KB 47ms
46ms Document
text/html 172.67.165.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.165.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9565dfa7e39544b9907e19635c5e7fbd5ff1bade22154edd60c6d33cf00ed069

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 88458baedba118cb-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Wed, 15 May 2024 19:30:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hmLq3kySKwVOhbeipmvrGSRve7pluIYOaCjEzY0idfxOy0AVEjmIZRNGHJ5xA8CpkqIVLZebV0EX2lyJlBWWjHIcjfqNXyCLI5lgbqBCMQBtt78EQaAM10ggVMh%2FaXL5RG3XayaUCl3PwwCRVuZ8ge16Ed2wZlR2w6IzNvhxu1Chvo3qlSZ0bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
0 1ms
1ms Script
text/javascript 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS

Requested by

Host: worker-withered-sound-fb55.yzmbechiengels.workers.dev
URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

3953b3a943823d58f71366f7f51eed66d66f5b524536ae04773ac07af0be6544

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:30:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 15 May 2024 19:30:57 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/ 505 KB
0 0ms
0ms Script
text/javascript 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a624368de63b32a27d36d8032e5e1bfe03a5e738338493aa0dfc4938d9cd3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Origin: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 13:08:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206091
x-xss-protection: 0
last-modified: Sun, 05 May 2024 20:00:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 May 2025 13:08:52 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame F85B 0
0 59ms
58ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iiOc8dOEChUzSZ4NZLYMDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-iiOc8dOEChUzSZ4NZLYMDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 May 2024 19:30:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 7C36 0
0 74ms
73ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JfMHvRVZCRzWQvgLGCtnQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-JfMHvRVZCRzWQvgLGCtnQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 May 2024 19:30:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET template.htm
endurable-lateral-walk.glitch.me/ 0
0

POST
H3 200 bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS Show response
worker-withered-sound-fb55.yzmbechiengels.workers.dev/ 2 KB
1 KB 80ms
80ms Document
text/html 172.67.165.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.165.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9565dfa7e39544b9907e19635c5e7fbd5ff1bade22154edd60c6d33cf00ed069

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 88458baffd6618cb-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Wed, 15 May 2024 19:30:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NUrZUIIVv1a%2BvULnG%2F49NF1BSIsqkvwVE4LU1XRz6nRpUFQWfvTLcQ4dVRKYE0S98JCCrXgRz9mFTraREhdDheKgo4r%2Bxp4DI0sFcMNqmJMXmZdVFuBv6zBfRw5s0DDpI%2F1HPrsMRT1fDMo1nNSA3dKomyJvUxAf289FtUfwPJ1PBX4IGSgkZA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
0 1ms
1ms Script
text/javascript 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS

Requested by

Host: worker-withered-sound-fb55.yzmbechiengels.workers.dev
URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

3953b3a943823d58f71366f7f51eed66d66f5b524536ae04773ac07af0be6544

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:30:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 15 May 2024 19:30:57 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/ 505 KB
0 0ms
0ms Script
text/javascript 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a624368de63b32a27d36d8032e5e1bfe03a5e738338493aa0dfc4938d9cd3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Origin: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 13:08:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206091
x-xss-protection: 0
last-modified: Sun, 05 May 2024 20:00:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 May 2025 13:08:52 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame D0E7 0
0 66ms
66ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FGR-yFmcKBgZcavB7Fv7cQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-FGR-yFmcKBgZcavB7Fv7cQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 May 2024 19:30:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 1E66 0
0 74ms
73ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Y4YkLY5zFQvumkxR0Y8GBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Y4YkLY5zFQvumkxR0Y8GBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 May 2024 19:30:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET template.htm
endurable-lateral-walk.glitch.me/ 0
0

POST
H3 200 Primary Request bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS Show response
worker-withered-sound-fb55.yzmbechiengels.workers.dev/ 2 KB
1 KB 47ms
47ms Document
text/html 172.67.165.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.165.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9565dfa7e39544b9907e19635c5e7fbd5ff1bade22154edd60c6d33cf00ed069

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 88458bb17f7618cb-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Wed, 15 May 2024 19:30:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ONXYZRBy7q9%2FNOhlze%2B%2Fc%2B1OjG%2BH12mixnvrUQ5CU2PWPTAMXv97%2BoHschfdtQB8oP8Ex9T0s7p%2FwtAqvZq5QiS2orN42wwfKnYOrL6PJRtKqUTMQpJuwaW0PFtzYS6Bx%2FNV%2B1DOs%2F2QSeVgDYdGkwT%2FbnUifUgBbA5qjvx57LAybDlHLqdE6w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
0 1ms
1ms Script
text/javascript 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS

Requested by

Host: worker-withered-sound-fb55.yzmbechiengels.workers.dev
URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

3953b3a943823d58f71366f7f51eed66d66f5b524536ae04773ac07af0be6544

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:30:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 15 May 2024 19:30:57 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/ 505 KB
0 0ms
0ms Script
text/javascript 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a624368de63b32a27d36d8032e5e1bfe03a5e738338493aa0dfc4938d9cd3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Origin: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 13:08:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206091
x-xss-protection: 0
last-modified: Sun, 05 May 2024 20:00:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 May 2025 13:08:52 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 77AB 0
0 66ms
65ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f9Cr-ICAu6DR7ojlfxe3Sg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-f9Cr-ICAu6DR7ojlfxe3Sg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 May 2024 19:30:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 21F3 0
0 72ms
72ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cUiB8_EHA3sTgSFMK7Tbxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-cUiB8_EHA3sTgSFMK7Tbxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 May 2024 19:30:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 template.htm Show response
endurable-lateral-walk.glitch.me/ 270 B
774 B 186ms
184ms Fetch
text/html 54.85.39.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://endurable-lateral-walk.glitch.me/template.htm
Requested by: Host: worker-withered-sound-fb55.yzmbechiengels.workers.dev
URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.39.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-39-78.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: cdfa5d229d99c544d2b46a3ad900020c518f800f43048d78c037dd604b30cc52

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:30:59 GMT
x-amz-version-id: hLBYCJfv4MXrLhV1y11nVDDTf4ThygFS
x-amz-request-id: QSCH2A3VHWFWW1F4
x-amz-server-side-encryption: AES256
content-length: 270
x-amz-id-2: dFUKyshVsp3T+KPrc/EsW5zhddv9MGkZtAjoDWqJQp56ufFftPihXhARN+2Epx14O8gnqxfVN9Xi+r5OsgUC5Q==
last-modified: Fri, 03 May 2024 01:43:25 GMT
server: AmazonS3
etag: "554a4d91defd80c083caf48a38f21a30"
access-control-max-age: 3600
access-control-allow-methods: GET, HEAD
content-type: text/html; charset=utf-8
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
cache-control: no-cache
accept-ranges: bytes

POST
H3 200 bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS
worker-withered-sound-fb55.yzmbechiengels.workers.dev/ 0
0 50ms
49ms Document
text/html 172.67.165.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.165.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 88458bb36a3718cb-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Wed, 15 May 2024 19:30:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6RQIxn4vSZqzNZ9R6W0sbvEGXhXdFp2NmsjY73MoHgyIGnf4Jtq%2FIl16IeCE1O%2FaSAx8tIG2%2FCYc6qIwS1m88%2FtkzFnsyazypNqhiJhTLLVwMSO3mu78tsB27V1K%2BGtMk6ITeC3sPFvUncYdQNC1QHwKcVnd%2BLMeOn3ZTSKxdHwYzS%2BiW0ofZg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET bframe
www.google.com/recaptcha/api2/ Frame 764F 0
0

GET bframe
www.google.com/recaptcha/api2/ Frame B596 0
0

GET
DATA 200
OK truncated Show response
/ 114 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8341fced36479b5df8c6854ea7b161d71c1a23251f81f6172963908baf5bfd8

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: text/plain;charset=US-ASCII

GET
H2 200 datt.js Show response
endurable-lateral-walk.glitch.me/ 993 KB
995 KB 561ms
327ms Script
application/javascript 54.85.39.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://endurable-lateral-walk.glitch.me/datt.js
Requested by: Host: worker-withered-sound-fb55.yzmbechiengels.workers.dev
URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.39.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-39-78.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: bcf19cc049a6970b7f104c8bb8e7cdf18bd2cc6b6887fbeef58ef0e0949f9825

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:31:00 GMT
x-amz-version-id: bnPpTymefOzY97uuedilkmmuGQLrc5dR
last-modified: Fri, 03 May 2024 01:43:25 GMT
server: AmazonS3
x-amz-request-id: YF40ZS2BRNXDMZDJ
etag: "0a8978556df1a8898e41b02b6a95b2cd"
x-amz-server-side-encryption: AES256
content-type: application/javascript; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 1016966
x-amz-id-2: XeJMIcAmktUvMBxfyGKLtZ8IxKUa8LSpjrPzimYSFEQFtQ54cPyvvkm6PHmq3rsaL70gF085H58=

GET
H3 200 font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 37 KB
6 KB 102ms
56ms Stylesheet
text/css 104.17.24.14

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css

Requested by

Host: endurable-lateral-walk.glitch.me
URL: https://endurable-lateral-walk.glitch.me/datt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Origin: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:31:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2298779
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5884
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-9226"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WFPt8PzuAR1Hw4N44FQrvfjnl6sDC2I8ZXElhqWDTchBGFK0paTo16Lrm4HrZNgKCTf%2FlM3kC2nuP8OPsgb0cRqlpCpCq07WjKVR9XB7HEsHLg8yH%2FquKZUmn1jxBds9TaOYnIeG"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88458bbc49e53678-FRA
expires: Mon, 05 May 2025 19:31:01 GMT

GET
H2 200 jquery-3.1.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 112ms
36ms Script
application/javascript 2a04:4e42:200::649

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.1.1.min.js
Requested by: Host: endurable-lateral-walk.glitch.me
URL: https://endurable-lateral-walk.glitch.me/datt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:31:01 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 21000860
x-cache: HIT, HIT
content-length: 30070
x-served-by: cache-lga21947-LGA, cache-cph2320041-CPH
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1715801461.201713,VS0,VE0
etag: W/"28feccc0-152b5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 88, 8904

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 756 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 899 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7fcd37eaafe3f08647ed072d5289eadfff6c660a26cdef31532b3fcfb4a0bb2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 222 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 749f85621d92a5b31b2a377a8c385a36d48a83327dad9a8a8da93cd831b8c9a2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 513 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 picker_verify_sms_27a6d18b56f46818420e60a773c36d4e.svg
aadcdn.msauth.net/shared/1.0/content/images/ 250 B
745 B 457ms
39ms Image
image/svg+xml 2620:1ec:46::45

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/picker_verify_sms_27a6d18b56f46818420e60a773c36d4e.svg
Requested by: Host: worker-withered-sound-fb55.yzmbechiengels.workers.dev
URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ed8f3acb9b87f99e42c74463d4e2be96ee85b8a87cd6eb874295ace420a5904

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 May 2024 19:31:01 GMT
content-encoding: gzip
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 4554691
content-length: 199
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jan 2020 19:28:39 GMT
etag: 0x8D79B8374CE7F93
x-azure-ref: 20240515T193101Z-1675f555588g45tr0ndadfx7pw00000000yg00000000qasu
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: e4b2e636-301e-0051-6e9b-a6adaf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 picker_verify_call_fe87496cc7a44412f7893a72099c120a.svg
aadcdn.msauth.net/shared/1.0/content/images/ 3 KB
2 KB 456ms
38ms Image
image/svg+xml 2620:1ec:46::45

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/picker_verify_call_fe87496cc7a44412f7893a72099c120a.svg
Requested by: Host: worker-withered-sound-fb55.yzmbechiengels.workers.dev
URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55ce3b0ce5bc71339308107982cd7671f96014256ded0be36dc8062e64c847f1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 May 2024 19:31:01 GMT
content-encoding: gzip
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 4554691
content-length: 1173
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jan 2020 19:28:39 GMT
etag: 0x8D79B83749623C9
x-azure-ref: 20240515T193101Z-1675f555588g45tr0ndadfx7pw00000000yg00000000qast
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: bfe0bf10-101e-006f-7299-a62ea3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 picker_verify_fluent_authenticator_b59c16ca9bf156438a8a96d45e33db64.svg
aadcdn.msauth.net/shared/1.0/content/images/ 7 KB
3 KB 457ms
39ms Image
image/svg+xml 2620:1ec:46::45

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/picker_verify_fluent_authenticator_b59c16ca9bf156438a8a96d45e33db64.svg
Requested by: Host: worker-withered-sound-fb55.yzmbechiengels.workers.dev
URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7ee799dd5b6f6dbb70b043b766362a6724e71458f9839306c995f06b218c2f8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 May 2024 19:31:01 GMT
content-encoding: gzip
x-cache: TCP_HIT
x-fd-int-roxy-purgeid: 4554691
content-length: 2407
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 11:11:29 GMT
etag: 0x8DA034FE445C10D
x-azure-ref: 20240515T193101Z-1675f555588g45tr0ndadfx7pw00000000yg00000000qasv
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 03a002c2-401e-0062-5c55-a5f1b8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
DATA 200
OK truncated Show response
/ 114 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4da9a57d1bc6ba4ee6a59c9459ee9b35ec11fd7f9fe9e4323c224b7f0c8203bb

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: text/plain;charset=US-ASCII

GET
H2 200 seet.js Show response
endurable-lateral-walk.glitch.me/ 84 KB
85 KB 211ms
211ms Script
application/javascript 54.85.39.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://endurable-lateral-walk.glitch.me/seet.js
Requested by: Host: worker-withered-sound-fb55.yzmbechiengels.workers.dev
URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.39.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-39-78.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 09eb533a5fd70272de744f9ca0ff7b9ca0af77c6675440f290e4a7459629627c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 19:31:01 GMT
x-amz-version-id: DG3DaKxfKSd1fiXkGo.O2x5rBtrgiVFg
last-modified: Fri, 03 May 2024 01:43:25 GMT
server: AmazonS3
x-amz-request-id: JN0XC55X8CNJ6M6F
etag: "3c251732c3853cdf318bd284937a5c15"
x-amz-server-side-encryption: AES256
content-type: application/javascript; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 86375
x-amz-id-2: ETsDkjPiSxTYDQ6X1rqUiuBQANe1LMmuTOL43OmZOUvT4E3C0/OjEdY1K52OQpymJLhnru5AAPk=

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: endurable-lateral-walk.glitch.me
URL: https://endurable-lateral-walk.glitch.me/template.htm

Domain: endurable-lateral-walk.glitch.me
URL: https://endurable-lateral-walk.glitch.me/template.htm

Domain: endurable-lateral-walk.glitch.me
URL: https://endurable-lateral-walk.glitch.me/template.htm

Domain: endurable-lateral-walk.glitch.me
URL: https://endurable-lateral-walk.glitch.me/template.htm

Domain: endurable-lateral-walk.glitch.me
URL: https://endurable-lateral-walk.glitch.me/template.htm

Domain: endurable-lateral-walk.glitch.me
URL: https://endurable-lateral-walk.glitch.me/template.htm

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vjbW55W42X033PfTdVf6Ft4q&k=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vjbW55W42X033PfTdVf6Ft4q&k=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: data:/html;base64,ZG9jdW1lbnQud3JpdGUoJzxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0IiBzcmM9Imh0dHBzOi8vZW5kdXJhYmxlLWxhdGVyYWwtd2Fsay5nbGl0Y2gubWUvZGF0dC5qcyI+PC9zY3JpcHQ+Jyk7 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://endurable-lateral-walk.glitch.me/datt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: data:/html;base64,ZG9jdW1lbnQud3JpdGUoJzxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0IiBzcmM9Imh0dHBzOi8vZW5kdXJhYmxlLWxhdGVyYWwtd2Fsay5nbGl0Y2gubWUvZGF0dC5qcyI+PC9zY3JpcHQ+Jyk7 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://endurable-lateral-walk.glitch.me/datt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://endurable-lateral-walk.glitch.me/datt.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.1.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://endurable-lateral-walk.glitch.me/datt.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.1.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: data:/html;base64,ZG9jdW1lbnQud3JpdGUoJzxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0IiBzcmM9Imh0dHBzOi8vZW5kdXJhYmxlLWxhdGVyYWwtd2Fsay5nbGl0Y2gubWUvc2VldC5qcyI+PC9zY3JpcHQ+Jyk7 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://endurable-lateral-walk.glitch.me/seet.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: data:/html;base64,ZG9jdW1lbnQud3JpdGUoJzxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0IiBzcmM9Imh0dHBzOi8vZW5kdXJhYmxlLWxhdGVyYWwtd2Fsay5nbGl0Y2gubWUvc2VldC5qcyI+PC9zY3JpcHQ+Jyk7 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://endurable-lateral-walk.glitch.me/seet.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
recommendation	warning	URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS Message: [DOM] Found 2 elements with non-unique id #idTxtBx_SAOTCC_OTC: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	verbose	URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/bFckqd-SKULfAbaMv1GkfQZZthD-euJaMHEAFS Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
cdnjs.cloudflare.com
code.jquery.com
endurable-lateral-walk.glitch.me
worker-withered-sound-fb55.yzmbechiengels.workers.dev
www.google.com
www.gstatic.com
endurable-lateral-walk.glitch.me
www.google.com
104.17.24.14
142.250.186.68
172.67.165.214
2620:1ec:46::45
2a00:1450:4001:81d::2003
2a04:4e42:200::649
54.85.39.78
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
09eb533a5fd70272de744f9ca0ff7b9ca0af77c6675440f290e4a7459629627c
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
3953b3a943823d58f71366f7f51eed66d66f5b524536ae04773ac07af0be6544
4a624368de63b32a27d36d8032e5e1bfe03a5e738338493aa0dfc4938d9cd3c0
4da9a57d1bc6ba4ee6a59c9459ee9b35ec11fd7f9fe9e4323c224b7f0c8203bb
55ce3b0ce5bc71339308107982cd7671f96014256ded0be36dc8062e64c847f1
5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69
749f85621d92a5b31b2a377a8c385a36d48a83327dad9a8a8da93cd831b8c9a2
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8ed8f3acb9b87f99e42c74463d4e2be96ee85b8a87cd6eb874295ace420a5904
9565dfa7e39544b9907e19635c5e7fbd5ff1bade22154edd60c6d33cf00ed069
a7ee799dd5b6f6dbb70b043b766362a6724e71458f9839306c995f06b218c2f8
a8341fced36479b5df8c6854ea7b161d71c1a23251f81f6172963908baf5bfd8
b7fcd37eaafe3f08647ed072d5289eadfff6c660a26cdef31532b3fcfb4a0bb2
bcf19cc049a6970b7f104c8bb8e7cdf18bd2cc6b6887fbeef58ef0e0949f9825
cdfa5d229d99c544d2b46a3ad900020c518f800f43048d78c037dd604b30cc52

worker-withered-sound-fb55.yzmbechiengels.workers.dev Open in urlscan Pro 172.67.165.214 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

85 %HTTPS

43 %IPv6

7 Domains

7 Subdomains

8 IPs

2 Countries

1334 kBTransfer

4776 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

worker-withered-sound-fb55.yzmbechiengels.workers.dev Open in urlscan Pro
172.67.165.214 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

85 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

8
IPs

2
Countries

1334 kB
Transfer

4776 kB
Size

0
Cookies

52 HTTP transactions
7 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!