prettynewstendances.systeme.io Open in urlscan Pro
13.225.78.26  Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 53bf375a-d6ad5ac4 Show response prettynewstendances.systeme.io/	173 KB 174 KB	171ms 124ms	Document text/html	13.225.78.26 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prettynewstendances.systeme.io/53bf375a-d6ad5ac4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.26 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-26.fra2.r.cloudfront.net Software nginx/1.14.0 (Ubuntu) / Resource Hash 17da90a2c7cdabe5340b5bab32e0b1b3970a9e06edc02de5814d6f6a00cad5c6 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=0, must-revalidate, private max-age=0, no-store, no-cache, must-revalidate content-type text/html; charset=UTF-8 date Fri, 02 Dec 2022 16:28:48 GMT expires Fri, 02 Dec 2022 16:28:48 GMT server nginx/1.14.0 (Ubuntu) via 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront) x-amz-cf-id KRNs3e8Yb95X1Eqbmo1H-DW-3TVnrSgRkp-lCbNjeKTGLbTRUNik7A== x-amz-cf-pop FRA2-C2 x-cache Miss from cloudfront
GET H2	200	css2 fonts.googleapis.com/	13 KB 2 KB	37ms 17ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:wght@400&family=Fredoka+One:wght@400&family=Raleway:wght@400&family=Source+Sans+Pro:ital,wght@0,400;0,700;1,400;1,700&display=swap Requested by Host: prettynewstendances.systeme.io URL: https://prettynewstendances.systeme.io/53bf375a-d6ad5ac4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c24bb3323a7bbc66c62f627532490fe2602643199d04f23cd9a89d6c0049a44c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://prettynewstendances.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 02 Dec 2022 16:28:48 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 02 Dec 2022 16:28:48 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 02 Dec 2022 16:28:48 GMT
GET H2	200	polyfill.min.js Show response cdn.polyfill.io/v2/	222 B 449 B	49ms 27ms	Script text/javascript	2a04:4e42:200::282 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.en%2CmatchMedia Requested by Host: prettynewstendances.systeme.io URL: https://prettynewstendances.systeme.io/53bf375a-d6ad5ac4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3 Request headers accept-language de-DE,de;q=0.9 Referer https://prettynewstendances.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Fri, 02 Dec 2022 16:28:48 GMT content-encoding br last-modified Fri, 18 Nov 2022 10:54:38 GMT age 0 vary User-Agent, Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800 useragent_normaliser chrome/108.0.0 server-timing cache-hhn4023, PASS, fastly;desc="Edge time";dur=14 accept-ranges bytes content-length 126
GET H2	200	all.min.css d3fit27i5nzkqh.cloudfront.net/assets/css/	486 KB 81 KB	48ms 21ms	Stylesheet text/css	2600:9000:21f3:5600:1c:d937:ae40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3fit27i5nzkqh.cloudfront.net/assets/css/all.min.css Requested by Host: prettynewstendances.systeme.io URL: https://prettynewstendances.systeme.io/53bf375a-d6ad5ac4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:5600:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d Request headers accept-language de-DE,de;q=0.9 Referer https://prettynewstendances.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 27 Oct 2022 00:59:35 GMT content-encoding gzip via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) last-modified Wed, 18 May 2022 12:25:57 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 3166154 etag W/"325672b036bab9b57f6873aed5eccc43" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control max-age=31536000,public x-amz-cf-id FEiEiXxB_YUHa14zVMdTCoayWTCbTq0yl-mXLs5NVWzJTNFdFKfiDA==
GET H2	200	crypto728.gif abmining.io/images/banners/	290 KB 291 KB	112ms 27ms	Image image/gif	190.115.26.154 DDOS-GUARD CORP.
General Check archive.org Show headers Download Go to Show image Full URL https://abmining.io/images/banners/crypto728.gif Requested by Host: prettynewstendances.systeme.io URL: https://prettynewstendances.systeme.io/53bf375a-d6ad5ac4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 190.115.26.154 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ), Reverse DNS web.xuybit.com Software ddos-guard / Resource Hash 289a12f39b26e78c6e3c1b4fc068a10f3c4635a97aa01fbb187414b5a143b9f4 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers accept-language de-DE,de;q=0.9 Referer https://prettynewstendances.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; date Wed, 30 Nov 2022 10:50:33 GMT last-modified Mon, 12 Sep 2022 12:18:40 GMT server ddos-guard age 193096 content-type image/gif ddg-cache-status HIT accept-ranges bytes content-length 297070
GET H2	200	runtimeSimplePage.6525755ed16e40f11e2f.js Show response d3fit27i5nzkqh.cloudfront.net/js/	2 KB 1 KB	29ms 8ms	Script application/javascript	2600:9000:21f3:5600:1c:d937:ae40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3fit27i5nzkqh.cloudfront.net/js/runtimeSimplePage.6525755ed16e40f11e2f.js Requested by Host: prettynewstendances.systeme.io URL: https://prettynewstendances.systeme.io/53bf375a-d6ad5ac4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:5600:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e6e6bcec8cf0fab66c48aea5ba1e6cfa240580212d714019a81493caad1c2b99 Request headers accept-language de-DE,de;q=0.9 Referer https://prettynewstendances.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Tue, 11 Oct 2022 00:57:17 GMT content-encoding br via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) last-modified Fri, 07 Oct 2022 12:47:38 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 4548692 etag W/"7e48280fb388cda9c9571931b0370d17" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=31536000,public x-amz-cf-id MxPqqEk23mIUzEWLqM0Qweo_FmxeCy3n5_bi7ads1vy7_WTlF0DMrQ==
GET H2	200	simplePage.759789331a543ecea693.js Show response d3fit27i5nzkqh.cloudfront.net/js/	487 KB 80 KB	29ms 8ms	Script application/javascript	2600:9000:21f3:5600:1c:d937:ae40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3fit27i5nzkqh.cloudfront.net/js/simplePage.759789331a543ecea693.js Requested by Host: prettynewstendances.systeme.io URL: https://prettynewstendances.systeme.io/53bf375a-d6ad5ac4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:5600:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9bd9334028af173e04258cf0b07b1e1a6c1188e417540fd6c2723b366f625eed Request headers accept-language de-DE,de;q=0.9 Referer https://prettynewstendances.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Fri, 02 Dec 2022 15:17:01 GMT content-encoding br via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) last-modified Fri, 02 Dec 2022 15:16:55 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 4308 etag W/"43687d536fa432897b31bd80d142cbbd" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=31536000,public x-amz-cf-id drkT5ZtQkIhk7DhnUXbCQqXiHHAwh9Sj51LmsGsEL_956MqhhovSDg==
GET H2	200	vendors~simplePage.ee9310ad2d6b7ab45026.js Show response d3fit27i5nzkqh.cloudfront.net/js/	843 KB 227 KB	46ms 25ms	Script application/javascript	2600:9000:21f3:5600:1c:d937:ae40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3fit27i5nzkqh.cloudfront.net/js/vendors~simplePage.ee9310ad2d6b7ab45026.js Requested by Host: prettynewstendances.systeme.io URL: https://prettynewstendances.systeme.io/53bf375a-d6ad5ac4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:5600:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 19dbf5d9a89e6f5ac893669c5c8a79c2617c2b1f85b9a4779ec2c7fd276db395 Request headers accept-language de-DE,de;q=0.9 Referer https://prettynewstendances.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Fri, 04 Nov 2022 04:24:42 GMT content-encoding br via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) last-modified Mon, 31 Oct 2022 10:51:07 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 2462647 etag W/"3205e2b6080f635764b5e003a11e8852" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=31536000,public x-amz-cf-id Rwm8mcsf900FMy1Ea7bOWWijN1R_vSeAG67sjDKWBhxJMw4F1itG-w==
GET H2	200	5fabd3f2a4518_photo-1580939595998-e0ef5d62bd1b.jpeg d1yei2z3i6k35z.cloudfront.net/systeme-common/	58 KB 58 KB	55ms 10ms	Image image/jpeg	2600:9000:21f3:9800:f:a462:c1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1yei2z3i6k35z.cloudfront.net/systeme-common/5fabd3f2a4518_photo-1580939595998-e0ef5d62bd1b.jpeg Requested by Host: prettynewstendances.systeme.io URL: https://prettynewstendances.systeme.io/53bf375a-d6ad5ac4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:9800:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3d57761bedb9c99f053470d07a7bfb4c62c576d5faed810c678bcb2bf0ebaac4 Request headers accept-language de-DE,de;q=0.9 Referer https://prettynewstendances.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Fri, 02 Dec 2022 01:02:13 GMT via 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront) last-modified Tue, 05 Jan 2021 12:56:48 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 55596 etag "14a7ec477b77c90e306d3da92a79aeff" vary Origin x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes x-robots-tag noindex content-length 59214 x-amz-cf-id 9yzD1sLU63J2STI6cwXHecuKOXPHvIAOt3niYftaf6-sdV3rGDAz_g==
GET H2	200	k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2 fonts.gstatic.com/s/fredokaone/v13/	15 KB 16 KB	31ms 8ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/fredokaone/v13/k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400&family=Fredoka+One:wght@400&family=Raleway:wght@400&family=Source+Sans+Pro:ital,wght@0,400;0,700;1,400;1,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e9986c62b19bce3791c4c103a4aa87c91d22d9e1c9f252f7f802ea26d3405769 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://prettynewstendances.systeme.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Fri, 02 Dec 2022 16:20:30 GMT x-content-type-options nosniff age 498 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15596 x-xss-protection 0 last-modified Thu, 21 Apr 2022 16:51:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 02 Dec 2023 16:20:30 GMT
GET H2	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v21/	13 KB 13 KB	32ms 10ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400&family=Fredoka+One:wght@400&family=Raleway:wght@400&family=Source+Sans+Pro:ital,wght@0,400;0,700;1,400;1,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://prettynewstendances.systeme.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Mon, 28 Nov 2022 17:43:57 GMT x-content-type-options nosniff age 341091 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13036 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:04:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 28 Nov 2023 17:43:57 GMT
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v21/	13 KB 13 KB	37ms 15ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400&family=Fredoka+One:wght@400&family=Raleway:wght@400&family=Source+Sans+Pro:ital,wght@0,400;0,700;1,400;1,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://prettynewstendances.systeme.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Fri, 25 Nov 2022 18:50:20 GMT x-content-type-options nosniff age 596308 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12924 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:02:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 25 Nov 2023 18:50:20 GMT
GET H2	200	JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 fonts.gstatic.com/s/montserrat/v25/	12 KB 13 KB	37ms 15ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400&family=Fredoka+One:wght@400&family=Raleway:wght@400&family=Source+Sans+Pro:ital,wght@0,400;0,700;1,400;1,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://prettynewstendances.systeme.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Tue, 29 Nov 2022 21:34:14 GMT x-content-type-options nosniff age 240874 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12708 x-xss-protection 0 last-modified Mon, 11 Jul 2022 18:55:59 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 29 Nov 2023 21:34:14 GMT
GET H2	200	6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2 fonts.gstatic.com/s/sourcesanspro/v21/	12 KB 12 KB	38ms 16ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400&family=Fredoka+One:wght@400&family=Raleway:wght@400&family=Source+Sans+Pro:ital,wght@0,400;0,700;1,400;1,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://prettynewstendances.systeme.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Wed, 30 Nov 2022 20:15:44 GMT x-content-type-options nosniff age 159184 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12580 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:19:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 30 Nov 2023 20:15:44 GMT
GET H2	200	6356c0c0a9dbb_validusp.png d1yei2z3i6k35z.cloudfront.net/654097/	7 KB 7 KB	180ms 166ms	Image image/png	2600:9000:21f3:9800:f:a462:c1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1yei2z3i6k35z.cloudfront.net/654097/6356c0c0a9dbb_validusp.png Requested by Host: prettynewstendances.systeme.io URL: https://prettynewstendances.systeme.io/53bf375a-d6ad5ac4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:9800:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash da2024c410827dc0006d9acd116f7cf36383efb856d9f6f3e2d88125398d311c Request headers accept-language de-DE,de;q=0.9 Referer https://prettynewstendances.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Fri, 02 Dec 2022 16:28:49 GMT via 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront) last-modified Mon, 24 Oct 2022 16:43:46 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "a9287d304c9dd2d64b9ff48f19c67bfe" vary Origin x-cache Miss from cloudfront content-type image/png cache-control max-age=31536000 accept-ranges bytes x-robots-tag noindex content-length 6798 x-amz-cf-id GgQLjxqTCFb41DWmrfwWEccYYWUn2UxYw_RpJvCykfQAeOQV4qSLSg==
GET H2	200	6356c409c0d59_streakktum.jpg d1yei2z3i6k35z.cloudfront.net/654097/	15 KB 15 KB	203ms 189ms	Image image/jpeg	2600:9000:21f3:9800:f:a462:c1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1yei2z3i6k35z.cloudfront.net/654097/6356c409c0d59_streakktum.jpg Requested by Host: prettynewstendances.systeme.io URL: https://prettynewstendances.systeme.io/53bf375a-d6ad5ac4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:9800:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b1aebf7f28336809836d7733da5cd2eadae0f7504dfad3193f7f8f645c229150 Request headers accept-language de-DE,de;q=0.9 Referer https://prettynewstendances.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Fri, 02 Dec 2022 16:28:49 GMT via 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront) last-modified Mon, 24 Oct 2022 16:57:47 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "623a8880644efdf9b27e59755e698193" vary Origin x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes x-robots-tag noindex content-length 15063 x-amz-cf-id cMow-Z6oHenI0M2nNGcTvLItpa6pR8GmiST7RvaTBQBGGHhj6_G0Dw==
GET H2	200	6356c9c868655_Wing.png d1yei2z3i6k35z.cloudfront.net/654097/	12 KB 13 KB	165ms 151ms	Image image/png	2600:9000:21f3:9800:f:a462:c1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1yei2z3i6k35z.cloudfront.net/654097/6356c9c868655_Wing.png Requested by Host: prettynewstendances.systeme.io URL: https://prettynewstendances.systeme.io/53bf375a-d6ad5ac4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:9800:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d7e69a72ba3d8403f406ffdbff236a6e079b93f9c82a5a6928a393d2624e7bf5 Request headers accept-language de-DE,de;q=0.9 Referer https://prettynewstendances.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Fri, 02 Dec 2022 16:28:49 GMT via 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront) last-modified Mon, 24 Oct 2022 17:22:17 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "5f9f62ef08a9df408c96aaf7e238c7ec" vary Origin x-cache Miss from cloudfront content-type image/png cache-control max-age=31536000 accept-ranges bytes x-robots-tag noindex content-length 12600 x-amz-cf-id xh1cphpcsixje9KddBm7-8bQLq6i-nqZRat4UlGdgquykCVMAxsEHA==
GET H2	200	6356cb9fe3f3c_mainet1.jpg d1yei2z3i6k35z.cloudfront.net/654097/	21 KB 21 KB	193ms 179ms	Image image/jpeg	2600:9000:21f3:9800:f:a462:c1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1yei2z3i6k35z.cloudfront.net/654097/6356cb9fe3f3c_mainet1.jpg Requested by Host: prettynewstendances.systeme.io URL: https://prettynewstendances.systeme.io/53bf375a-d6ad5ac4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:9800:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 09508b91b6fad8dc5639d813624379574ea682dd19d847feb9bfb61be83fe76b Request headers accept-language de-DE,de;q=0.9 Referer https://prettynewstendances.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Fri, 02 Dec 2022 16:28:49 GMT via 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront) last-modified Mon, 24 Oct 2022 17:30:09 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "720947170ac73859481b439a526bb882" vary Origin x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes x-robots-tag noindex content-length 21445 x-amz-cf-id QJFBo09jWY_QgRjnCpjXy4gfQrt-WdZDJy9wpCMryzMV_xl6lnvlFA==
GET H2	200	6356d4c07b771_photo_2022-10-24_20-04-26.jpg d1yei2z3i6k35z.cloudfront.net/654097/	100 KB 100 KB	228ms 215ms	Image image/jpeg	2600:9000:21f3:9800:f:a462:c1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1yei2z3i6k35z.cloudfront.net/654097/6356d4c07b771_photo_2022-10-24_20-04-26.jpg Requested by Host: prettynewstendances.systeme.io URL: https://prettynewstendances.systeme.io/53bf375a-d6ad5ac4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:9800:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash afc87b8839109ca44f33d54128e3a3b5d3f862a8f0c50433eae97c56d307144d Request headers accept-language de-DE,de;q=0.9 Referer https://prettynewstendances.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Fri, 02 Dec 2022 16:28:49 GMT via 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront) last-modified Mon, 24 Oct 2022 18:09:05 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "b9b2d9d2b7c0915cb1000c2e10da5733" vary Origin x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes x-robots-tag noindex content-length 102067 x-amz-cf-id 3C_OjC392YVCfxuNvMvY11xUm5d1KSGxw1wdXCpPPAfb8gvACZlWGQ==
GET H2	200	6356d51d4754b_EAZYBOT.jpg d1yei2z3i6k35z.cloudfront.net/654097/	3 KB 4 KB	151ms 150ms	Image image/jpeg	2600:9000:21f3:9800:f:a462:c1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1yei2z3i6k35z.cloudfront.net/654097/6356d51d4754b_EAZYBOT.jpg Requested by Host: prettynewstendances.systeme.io URL: https://prettynewstendances.systeme.io/53bf375a-d6ad5ac4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:9800:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2a1c700b707147149a557180d0faf5e46a31ba94fe7a1590b1d934c172bdefb3 Request headers accept-language de-DE,de;q=0.9 Referer https://prettynewstendances.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Fri, 02 Dec 2022 16:28:49 GMT via 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront) last-modified Mon, 24 Oct 2022 18:10:38 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "897b8bb56075d2047bc64e9d6776b0aa" vary Origin x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes x-robots-tag noindex content-length 3409 x-amz-cf-id TCTV2q-qagHP7LEKdotTAnLs7hoVZIJy1EG4mDMsHN7ix21yaLJpXA==
GET H2	200	6356f01e0aaa8_safir1.jpg d1yei2z3i6k35z.cloudfront.net/654097/	10 KB 11 KB	189ms 188ms	Image image/jpeg	2600:9000:21f3:9800:f:a462:c1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1yei2z3i6k35z.cloudfront.net/654097/6356f01e0aaa8_safir1.jpg Requested by Host: prettynewstendances.systeme.io URL: https://prettynewstendances.systeme.io/53bf375a-d6ad5ac4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:9800:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7623cda5cb9a67066958de7b52ec82b4d6a623aadf53ef6a24af6d92d06dfef5 Request headers accept-language de-DE,de;q=0.9 Referer https://prettynewstendances.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Fri, 02 Dec 2022 16:28:49 GMT via 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront) last-modified Mon, 24 Oct 2022 20:05:51 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "bacc8bf99e7e4c39f38e791eb8dd15ab" vary Origin x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes x-robots-tag noindex content-length 10686 x-amz-cf-id q-NI05RH9F09sl_Kp3wmJvj9qvtyJTT-eHiLoD2vbzsd3k_iktMXXQ==
GET H2	200	635be7d512b6f_robotics1.png d1yei2z3i6k35z.cloudfront.net/654097/	8 KB 9 KB	166ms 166ms	Image image/png	2600:9000:21f3:9800:f:a462:c1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1yei2z3i6k35z.cloudfront.net/654097/635be7d512b6f_robotics1.png Requested by Host: prettynewstendances.systeme.io URL: https://prettynewstendances.systeme.io/53bf375a-d6ad5ac4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:9800:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2a596e841bc1a303d16ffee270dad5081990c2f5a6c55335ab96d83838117bf4 Request headers accept-language de-DE,de;q=0.9 Referer https://prettynewstendances.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Fri, 02 Dec 2022 16:28:49 GMT via 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront) last-modified Fri, 28 Oct 2022 14:31:50 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "c018ff405308b58581f7bd2348e93819" vary Origin x-cache Miss from cloudfront content-type image/png cache-control max-age=31536000 accept-ranges bytes x-robots-tag noindex content-length 8400 x-amz-cf-id mmc5KqYYWGZfB50u519WHi4bWQEzn6WFlk1RF0O-41Oxzv9ZT7TtWQ==
GET H2	200	63530ec9848e5_bitcoin-4130319_1280-Copie.png d1yei2z3i6k35z.cloudfront.net/654097/	1 MB 1 MB	211ms 210ms	Image image/png	2600:9000:21f3:9800:f:a462:c1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1yei2z3i6k35z.cloudfront.net/654097/63530ec9848e5_bitcoin-4130319_1280-Copie.png Requested by Host: prettynewstendances.systeme.io URL: https://prettynewstendances.systeme.io/53bf375a-d6ad5ac4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:9800:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4e90dd7a31a4e2dbca57b900804f5365db92852e6bdfda58761b7973131894fc Request headers accept-language de-DE,de;q=0.9 Referer https://prettynewstendances.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Fri, 02 Dec 2022 16:28:49 GMT via 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront) last-modified Fri, 21 Oct 2022 21:27:38 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "69cd1d17f80c02e24dcd9376fd9a32c5" vary Origin x-cache Miss from cloudfront content-type image/png cache-control max-age=31536000 accept-ranges bytes x-robots-tag noindex content-length 1502373 x-amz-cf-id t8tP173rubpBuzwkuK5vJVJ-tXNgB_Ydu-aw27uboqVM6hq-lodebA==
GET H2	200	5fcf54594a208_5fcf438882f0c_black-tumblr-icon.png d1yei2z3i6k35z.cloudfront.net/systeme-common/	13 KB 13 KB	26ms 25ms	Image image/png	2600:9000:21f3:9800:f:a462:c1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1yei2z3i6k35z.cloudfront.net/systeme-common/5fcf54594a208_5fcf438882f0c_black-tumblr-icon.png Requested by Host: prettynewstendances.systeme.io URL: https://prettynewstendances.systeme.io/53bf375a-d6ad5ac4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:9800:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b1b7c4097444f201aae9b8a12921f36d94e800feefe42c72729f7d238d6530ed Request headers accept-language de-DE,de;q=0.9 Referer https://prettynewstendances.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Wed, 30 Nov 2022 21:16:10 GMT via 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront) last-modified Tue, 05 Jan 2021 12:56:48 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 155559 etag "e259c7479048b82632386f0590e6fd7d" vary Origin x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000 accept-ranges bytes x-robots-tag noindex content-length 12848 x-amz-cf-id g31twwF3KCwsO4NPQw4BFsuqpUpEuUaY3pNhdTRjcoivwXBKbFoegg==
GET H2	200	5fcf543a89a28_5fcf4370eb219_images2.png d1yei2z3i6k35z.cloudfront.net/systeme-common/	2 KB 2 KB	24ms 23ms	Image image/png	2600:9000:21f3:9800:f:a462:c1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1yei2z3i6k35z.cloudfront.net/systeme-common/5fcf543a89a28_5fcf4370eb219_images2.png Requested by Host: prettynewstendances.systeme.io URL: https://prettynewstendances.systeme.io/53bf375a-d6ad5ac4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:9800:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6644b870c2439acdc9e82a54edf5d5f8bc3bb83cfd9b12d9fa8d6700f9644b2b Request headers accept-language de-DE,de;q=0.9 Referer https://prettynewstendances.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Wed, 30 Nov 2022 21:16:10 GMT via 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront) last-modified Tue, 05 Jan 2021 12:56:49 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 155559 etag "0ce434eea286f2d41221a0150cdc4be9" vary Origin x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000 accept-ranges bytes x-robots-tag noindex content-length 1649 x-amz-cf-id AE6aLGWXP6mwvJmCdHtI0TavkXloooaR2dWki_PaGFi8PAVQwoObgQ==
GET H2	200	5fcf542a5cbf9_5fb782e29d713_Untitleddesign9.png d1yei2z3i6k35z.cloudfront.net/systeme-common/	2 KB 3 KB	14ms 14ms	Image image/png	2600:9000:21f3:9800:f:a462:c1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1yei2z3i6k35z.cloudfront.net/systeme-common/5fcf542a5cbf9_5fb782e29d713_Untitleddesign9.png Requested by Host: prettynewstendances.systeme.io URL: https://prettynewstendances.systeme.io/53bf375a-d6ad5ac4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:9800:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3a546a1076076e1265f54d8b0538ea7cb3cce3c49952812f26cc4988615db9ca Request headers accept-language de-DE,de;q=0.9 Referer https://prettynewstendances.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Tue, 08 Nov 2022 04:59:12 GMT via 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront) last-modified Tue, 05 Jan 2021 12:56:49 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 2114977 etag "349cef1800881f5761c396e78e299347" vary Origin x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000 accept-ranges bytes x-robots-tag noindex content-length 2200 x-amz-cf-id IJ1HHSn6OyftkzFys5IjbG6FI5Gu3728B_trfazyKXejdH8WZIuJSw==
GET H2	200	5fcf54085f3a2_5fb782efc1504_Untitleddesign6.png d1yei2z3i6k35z.cloudfront.net/systeme-common/	3 KB 4 KB	16ms 15ms	Image image/png	2600:9000:21f3:9800:f:a462:c1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1yei2z3i6k35z.cloudfront.net/systeme-common/5fcf54085f3a2_5fb782efc1504_Untitleddesign6.png Requested by Host: prettynewstendances.systeme.io URL: https://prettynewstendances.systeme.io/53bf375a-d6ad5ac4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:9800:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 74faec348e5c250d89282313442021f8beefe18ccdf8968cc68e4ba9ead8ab6e Request headers accept-language de-DE,de;q=0.9 Referer https://prettynewstendances.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Fri, 04 Nov 2022 15:29:15 GMT via 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront) last-modified Tue, 05 Jan 2021 12:56:49 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 2422774 etag "1305e3345b120a47a67aa644cbc9ab4a" vary Origin x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000 accept-ranges bytes x-robots-tag noindex content-length 3354 x-amz-cf-id 3Qphq6S4T9Sn9ByxHibph-9VKZ5G8KS9jfOMqFpvwffkmX-O6ILNOw==
GET H2	200	affiliate_badge_logo.png editor.systeme.io/assets/images/	10 KB 11 KB	64ms 9ms	Image image/png	2600:9000:20eb:9e00:13:b2ca:a980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://editor.systeme.io/assets/images/affiliate_badge_logo.png Requested by Host: prettynewstendances.systeme.io URL: https://prettynewstendances.systeme.io/53bf375a-d6ad5ac4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:9e00:13:b2ca:a980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 786da302e95e77c4d1d81bd9b5262029cca6156ab196d4315d3918eb9c79d7b6 Request headers accept-language de-DE,de;q=0.9 Referer https://prettynewstendances.systeme.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Fri, 02 Dec 2022 15:17:32 GMT via 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront) last-modified Fri, 02 Dec 2022 15:16:57 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 age 4277 etag "8ef4308d7726d4ff8621170e787130ed" x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000,public accept-ranges bytes content-length 10472 x-amz-cf-id DIvRUyikN31VyPe0uCIJRvcd52oZaWio24-i6mrzs3YOLNUPOzgrNQ==

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| initialI18nStore string| initialLanguage object| webpackChunkeditor object| scCGSHMRCache object| regeneratorRuntime function| setImmediate function| clearImmediate

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			prettynewstendances.systeme.io/	1969-12-31 23:59:59	Name: user Value: 2tfmffe86o5h4ra72dih7vrja8
			prettynewstendances.systeme.io/	1970-01-20 17:29:18	Name: v Value: d4d458bb121de2eb4a4df888236d8417ddb949aca07b97dad499be4aba772904

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abmining.io
cdn.polyfill.io
d1yei2z3i6k35z.cloudfront.net
d3fit27i5nzkqh.cloudfront.net
editor.systeme.io
fonts.googleapis.com
fonts.gstatic.com
prettynewstendances.systeme.io
13.225.78.26
190.115.26.154
2600:9000:20eb:9e00:13:b2ca:a980:93a1
2600:9000:21f3:5600:1c:d937:ae40:93a1
2600:9000:21f3:9800:f:a462:c1c0:93a1
2a00:1450:4001:810::200a
2a00:1450:4001:830::2003
2a04:4e42:200::282
09508b91b6fad8dc5639d813624379574ea682dd19d847feb9bfb61be83fe76b
17da90a2c7cdabe5340b5bab32e0b1b3970a9e06edc02de5814d6f6a00cad5c6
19dbf5d9a89e6f5ac893669c5c8a79c2617c2b1f85b9a4779ec2c7fd276db395
289a12f39b26e78c6e3c1b4fc068a10f3c4635a97aa01fbb187414b5a143b9f4
2a1c700b707147149a557180d0faf5e46a31ba94fe7a1590b1d934c172bdefb3
2a596e841bc1a303d16ffee270dad5081990c2f5a6c55335ab96d83838117bf4
3a546a1076076e1265f54d8b0538ea7cb3cce3c49952812f26cc4988615db9ca
3d57761bedb9c99f053470d07a7bfb4c62c576d5faed810c678bcb2bf0ebaac4
4e90dd7a31a4e2dbca57b900804f5365db92852e6bdfda58761b7973131894fc
6644b870c2439acdc9e82a54edf5d5f8bc3bb83cfd9b12d9fa8d6700f9644b2b
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
74faec348e5c250d89282313442021f8beefe18ccdf8968cc68e4ba9ead8ab6e
7623cda5cb9a67066958de7b52ec82b4d6a623aadf53ef6a24af6d92d06dfef5
786da302e95e77c4d1d81bd9b5262029cca6156ab196d4315d3918eb9c79d7b6
9bd9334028af173e04258cf0b07b1e1a6c1188e417540fd6c2723b366f625eed
a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d
afc87b8839109ca44f33d54128e3a3b5d3f862a8f0c50433eae97c56d307144d
b1aebf7f28336809836d7733da5cd2eadae0f7504dfad3193f7f8f645c229150
b1b7c4097444f201aae9b8a12921f36d94e800feefe42c72729f7d238d6530ed
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c24bb3323a7bbc66c62f627532490fe2602643199d04f23cd9a89d6c0049a44c
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
d7e69a72ba3d8403f406ffdbff236a6e079b93f9c82a5a6928a393d2624e7bf5
da2024c410827dc0006d9acd116f7cf36383efb856d9f6f3e2d88125398d311c
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
e6e6bcec8cf0fab66c48aea5ba1e6cfa240580212d714019a81493caad1c2b99
e9986c62b19bce3791c4c103a4aa87c91d22d9e1c9f252f7f802ea26d3405769