URL: https://curvegram61.doodlekit.com/blog/entry/15742432/cryptocurrency-payments-coming-to-some-texas-heb-stores
Submission: On June 24 via manual from US

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 15 HTTP transactions. The main IP is 54.88.250.211, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is curvegram61.doodlekit.com.
TLS certificate: Issued by RapidSSL RSA CA 2018 on July 3rd 2020. Valid for: 2 years.
This is the only time curvegram61.doodlekit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 54.88.250.211 14618 (AMAZON-AES)
1 2600:9000:210... 16509 (AMAZON-02)
1 65.9.77.114 16509 (AMAZON-02)
1 104.18.130.43 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
15 8
Domain Requested by
6 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com curvegram61.doodlekit.com
www.gstatic.com
1 fonts.gstatic.com www.google.com
1 bloximages.newyork1.vip.townnews.com curvegram61.doodlekit.com
1 static.meraevents.com curvegram61.doodlekit.com
1 live.staticflickr.com curvegram61.doodlekit.com
1 curvegram61.doodlekit.com
15 7

This site contains links to these domains. Also see Links.

Domain
pbase.com
Subject Issuer Validity Valid
*.doodlekit.com
RapidSSL RSA CA 2018
2020-07-03 -
2022-08-02
2 years crt.sh
static.flickr.com
Amazon
2021-02-11 -
2022-03-12
a year crt.sh
*.meraevents.com
Amazon
2021-05-01 -
2022-05-30
a year crt.sh
bloximages.chicago2.vip.townnews.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
2021-03-09 -
2022-04-09
a year crt.sh
www.google.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
*.google.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh

This page contains 3 frames:

Primary Page: https://curvegram61.doodlekit.com/blog/entry/15742432/cryptocurrency-payments-coming-to-some-texas-heb-stores
Frame ID: 328FCE7D2F72A260956E0553982C6D7B
Requests: 6 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSWwATAAAAAEWee0YDAUeqNIuSMcM2hb7GvZmJ&co=aHR0cHM6Ly9jdXJ2ZWdyYW02MS5kb29kbGVraXQuY29tOjQ0Mw..&hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&size=normal&cb=khjsvpm4n2g3
Frame ID: B448459653DA88C5B8128ADD57FEC36F
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&k=6LcSWwATAAAAAEWee0YDAUeqNIuSMcM2hb7GvZmJ&cb=v8zfaordh54y
Frame ID: 6D8CB46B579B635EA30AAA39DA709A95
Requests: 3 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

15
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

8
IPs

2
Countries

1485 kB
Transfer

1584 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request cryptocurrency-payments-coming-to-some-texas-heb-stores
curvegram61.doodlekit.com/blog/entry/15742432/
11 KB
4 KB
Document
General
Full URL
https://curvegram61.doodlekit.com/blog/entry/15742432/cryptocurrency-payments-coming-to-some-texas-heb-stores
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.250.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-250-211.compute-1.amazonaws.com
Software
Apache/2.2.22 (Ubuntu) / Phusion Passenger 5.0.21
Resource Hash
c92f7e0349c4aa610ce69999c1b4b017ee6394368f0f7df2b4f77133919648a4

Request headers

:method
GET
:authority
curvegram61.doodlekit.com
:scheme
https
:path
/blog/entry/15742432/cryptocurrency-payments-coming-to-some-texas-heb-stores
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 23:50:15 GMT
content-type
text/html; charset=utf-8
content-length
4071
server
Apache/2.2.22 (Ubuntu)
cache-control
max-age=0, private, must-revalidate
x-request-id
8af8a46f252932dc3d83391c9d9e9565
x-ua-compatible
IE=Edge,chrome=1
etag
"7a6e5495c47b1813cba5da2742ab70e0"
x-runtime
0.034915
x-rack-cache
miss
x-powered-by
Phusion Passenger 5.0.21
status
200 OK
vary
Accept-Encoding
content-encoding
gzip
50159407733_f0ecacc595_b.jpg
live.staticflickr.com/65535/
186 KB
187 KB
Image
General
Full URL
https://live.staticflickr.com/65535/50159407733_f0ecacc595_b.jpg
Requested by
Host: curvegram61.doodlekit.com
URL: https://curvegram61.doodlekit.com/blog/entry/15742432/cryptocurrency-payments-coming-to-some-texas-heb-stores
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:f600:0:5a51:64c9:c681 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jubilee /
Resource Hash
39f32f32a7eec9a33f62331131aad635b0c933d4b04cd1beb03dd992be69b678
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://curvegram61.doodlekit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 23:50:15 GMT
via
1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
mib
2
x-ttfb
0.1274
surrogate-control
public, max-age=31536000
ourvalues
Dare (#4 of 5)
x-cache
Miss from cloudfront
p3p
CP="This is not a P3P policy. We respect your privacy."
streaming
false
edge-control
public, max-age=31536000
last-modified
Mon, 27 Jul 2020 18:17:11 GMT
imageheight
683
powered-by
Mutation/1.0
imagewidth
1024
x-ttdb-l
190765
x-request-id
45b9d8da
x-ua-compatible
IE=edge
x-env
a=live, b=jubilee, c=4cf206a9, e=5017319cdd8b6f0e8ca83f5d61e011f0dc7d4baa
server
Jubilee
etag
"948fe6efcc8bbfc910acd2ab390a1973.1"
x-frame-options
DENY
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-pop
AMS1-C1
hiring
Change the world of photography with us. https://www.flickr.com/jobs/
origintype
D
x-amz-cf-id
VmSHhrAK0izXMM80kOYSB3O5juw8ZqrGt0ByJ7dscasnojKN6XWZ0A==
quote
"I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
expires
Fri, 24 Jun 2022 23:50:15 GMT
WhatsApp-Image-2019-03-19-at-9-08-06-AM1552967003.jpeg
static.meraevents.com/content/dashboard/tinymce/uploads/
180 KB
180 KB
Image
General
Full URL
https://static.meraevents.com/content/dashboard/tinymce/uploads/WhatsApp-Image-2019-03-19-at-9-08-06-AM1552967003.jpeg
Requested by
Host: curvegram61.doodlekit.com
URL: https://curvegram61.doodlekit.com/blog/entry/15742432/cryptocurrency-payments-coming-to-some-texas-heb-stores
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac0c00fd3f6fc076776ebf9e272849bed90a9fa6441215de57b88f7bedb4124f

Request headers

Referer
https://curvegram61.doodlekit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 23:50:16 GMT
via
1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront)
last-modified
Wed, 27 May 2020 18:06:13 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
etag
"ce4459bfceba422d2144c898a92eb234"
x-cache
Miss from cloudfront
content-type
jpeg
cache-control
max-age=172800
accept-ranges
bytes
content-length
184139
x-amz-cf-id
kDISAEcvLNFzWn2QGjVr0kyfiaoXNYWqXSNknyn8Hw9FpD6v9oM9yg==
6036656ca3cc2.image.jpg
bloximages.newyork1.vip.townnews.com/news-daily.com/content/tncms/assets/v3/editorial/8/0a/80ae097e-3e05-54aa-bdf8-a277d927a52a/
0
0
Image
General
Full URL
https://bloximages.newyork1.vip.townnews.com/news-daily.com/content/tncms/assets/v3/editorial/8/0a/80ae097e-3e05-54aa-bdf8-a277d927a52a/6036656ca3cc2.image.jpg?resize=1067,630
Requested by
Host: curvegram61.doodlekit.com
URL: https://curvegram61.doodlekit.com/blog/entry/15742432/cryptocurrency-payments-coming-to-some-texas-heb-stores
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://curvegram61.doodlekit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
api.js
www.google.com/recaptcha/
850 B
648 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: curvegram61.doodlekit.com
URL: https://curvegram61.doodlekit.com/blog/entry/15742432/cryptocurrency-payments-coming-to-some-texas-heb-stores
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c64512c48f56cf04a9a28a1dbede98dcf5742344997ada0b81eedd27daa06e6e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://curvegram61.doodlekit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 23:50:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
556
x-xss-protection
1; mode=block
expires
Thu, 24 Jun 2021 23:50:15 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/
341 KB
341 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ab6a25b3bfe17a0705d5017781df867ba5ccb3238943115697016ffd35e19e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://curvegram61.doodlekit.com
Referer
https://curvegram61.doodlekit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 07:32:53 GMT
x-content-type-options
nosniff
age
58642
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
349230
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 23:22:36 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Jun 2022 07:32:53 GMT
anchor
www.google.com/recaptcha/api2/ Frame B448
40 KB
20 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSWwATAAAAAEWee0YDAUeqNIuSMcM2hb7GvZmJ&co=aHR0cHM6Ly9jdXJ2ZWdyYW02MS5kb29kbGVraXQuY29tOjQ0Mw..&hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&size=normal&cb=khjsvpm4n2g3
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
da500d2b896f8648a57ec62b7ac9f75d88ab21d132aca3b215a53256b7067540
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-87zoHcfC+xLCKRE/QZhxZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LcSWwATAAAAAEWee0YDAUeqNIuSMcM2hb7GvZmJ&co=aHR0cHM6Ly9jdXJ2ZWdyYW02MS5kb29kbGVraXQuY29tOjQ0Mw..&hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&size=normal&cb=khjsvpm4n2g3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://curvegram61.doodlekit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://curvegram61.doodlekit.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 24 Jun 2021 23:50:15 GMT
content-security-policy
script-src 'report-sample' 'nonce-87zoHcfC+xLCKRE/QZhxZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20747
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/ Frame B448
52 KB
25 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSWwATAAAAAEWee0YDAUeqNIuSMcM2hb7GvZmJ&co=aHR0cHM6Ly9jdXJ2ZWdyYW02MS5kb29kbGVraXQuY29tOjQ0Mw..&hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&size=normal&cb=khjsvpm4n2g3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 13:32:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37070
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 23:22:36 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Jun 2022 13:32:25 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/ Frame B448
341 KB
341 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSWwATAAAAAEWee0YDAUeqNIuSMcM2hb7GvZmJ&co=aHR0cHM6Ly9jdXJ2ZWdyYW02MS5kb29kbGVraXQuY29tOjQ0Mw..&hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&size=normal&cb=khjsvpm4n2g3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ab6a25b3bfe17a0705d5017781df867ba5ccb3238943115697016ffd35e19e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 07:32:53 GMT
x-content-type-options
nosniff
age
58642
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
349230
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 23:22:36 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Jun 2022 07:32:53 GMT
truncated
/ Frame B448
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B448
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B448
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/styles__ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 14:48:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
205284
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Tue, 29 Jun 2021 14:48:51 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B448
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSWwATAAAAAEWee0YDAUeqNIuSMcM2hb7GvZmJ&co=aHR0cHM6Ly9jdXJ2ZWdyYW02MS5kb29kbGVraXQuY29tOjQ0Mw..&hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&size=normal&cb=khjsvpm4n2g3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 21:15:46 GMT
x-content-type-options
nosniff
age
182069
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 21:15:46 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame B448
102 B
132 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=FDTCuNjXhn1sV0lk31aK53uB
Requested by
Host: curvegram61.doodlekit.com
URL: https://curvegram61.doodlekit.com/blog/entry/15742432/cryptocurrency-payments-coming-to-some-texas-heb-stores
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2deefd752d0d838a84f4e550d6a6055dbf21806ce45024af042696f443912130
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSWwATAAAAAEWee0YDAUeqNIuSMcM2hb7GvZmJ&co=aHR0cHM6Ly9jdXJ2ZWdyYW02MS5kb29kbGVraXQuY29tOjQ0Mw..&hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&size=normal&cb=khjsvpm4n2g3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 23:50:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 24 Jun 2021 23:50:15 GMT
bframe
www.google.com/recaptcha/api2/ Frame 6D8C
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&k=6LcSWwATAAAAAEWee0YDAUeqNIuSMcM2hb7GvZmJ&cb=v8zfaordh54y
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e9d558e03fcd2fdd17446279acdc1625a3745a849e9895c1fecd4a6e701a5736
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rOlcCYlH5SjgNIASuxhurQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&k=6LcSWwATAAAAAEWee0YDAUeqNIuSMcM2hb7GvZmJ&cb=v8zfaordh54y
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://curvegram61.doodlekit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://curvegram61.doodlekit.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 24 Jun 2021 23:50:15 GMT
content-security-policy
script-src 'report-sample' 'nonce-rOlcCYlH5SjgNIASuxhurQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1114
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/ Frame 6D8C
52 KB
25 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&k=6LcSWwATAAAAAEWee0YDAUeqNIuSMcM2hb7GvZmJ&cb=v8zfaordh54y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 13:32:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37070
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 23:22:36 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Jun 2022 13:32:25 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/ Frame 6D8C
341 KB
341 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/FDTCuNjXhn1sV0lk31aK53uB/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=FDTCuNjXhn1sV0lk31aK53uB&k=6LcSWwATAAAAAEWee0YDAUeqNIuSMcM2hb7GvZmJ&cb=v8zfaordh54y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ab6a25b3bfe17a0705d5017781df867ba5ccb3238943115697016ffd35e19e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 07:32:53 GMT
x-content-type-options
nosniff
age
58642
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
349230
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 23:22:36 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Jun 2022 07:32:53 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_17153

0 Cookies