bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link Open in urlscan Pro
2602:fea2:2::1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://jqhx9dmv.r.us-east-1.awstrack.me/L0/http:%2F%2F1352271900.vitralii-moderne.ro%2Fipfs%2Fbafybeiemwdrec5cu7makrm2kjdbmfvqkyukflnwd5...
Effective URL:
https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/MTY5ODk3NzYxNg?QppDK&BTqIm=cIShOOx2lT1waYokBHMldeqttJ3aJmhm-sfmaxZ2VuLXBneC00cHliNHV6czRweWI0dXp...
Submission: On November 07 via api (November 7th 2023, 11:18:37 am UTC) from US — Scanned from US

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 27 HTTP transactions. The main IP is 2602:fea2:2::1, located in United States and belongs to PROTOCOL, US. The main domain is bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link.
TLS certificate: Issued by R3 on October 28th 2023. Valid for: 3 months.

This is the only time bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.55.163.24 52.55.163.24	14618 (AMAZON-AES) (AMAZON-AES)
6	2602:fea2:2::1 2602:fea2:2::1	40680 (PROTOCOL) (PROTOCOL)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:402... 2607:f8b0:4020:805::2004	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:402... 2607:f8b0:4020:805::2003	15169 (GOOGLE) (GOOGLE)
6	51.158.22.144 51.158.22.144	12876 (Online SAS) (Online SAS)
1	104.18.11.207 104.18.11.207	() ()
1	151.101.130.137 151.101.130.137	() ()
1	152.199.4.44 152.199.4.44	() ()
27	9

1 52.55.163.24 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-163-24.compute-1.amazonaws.com

jqhx9dmv.r.us-east-1.awstrack.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2602:fea2:2::1 (United States)

ASN40680 (PROTOCOL, US)

1352271900.vitralii-moderne.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bafybeihg6373ouu5rt43ljwttvwwulj7hnhsk5zeqfe5iqucs2cpfg2rr4.ipfs.dweb.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4020:805::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4020:805::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.158.22.144 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-22-144.rev.poneytelecom.eu

thirsty-pike.51-158-22-144.plesk.page	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loving-lovelace.51-158-22-144.plesk.page	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.207 (None, )

ASN- ()

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (None, )

ASN- ()

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.4.44 (None, )

ASN- ()

aadcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	plesk.page thirsty-pike.51-158-22-144.plesk.page loving-lovelace.51-158-22-144.plesk.page	249 KB
5	dweb.link bafybeihg6373ouu5rt43ljwttvwwulj7hnhsk5zeqfe5iqucs2cpfg2rr4.ipfs.dweb.link bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link	5 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2	72 KB
3	gstatic.com www.gstatic.com	399 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	56 KB
1	msftauth.net aadcdn.msftauth.net	5 KB
1	jquery.com code.jquery.com	30 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	22 KB
1	vitralii-moderne.ro 1352271900.vitralii-moderne.ro	8 KB
1	awstrack.me 1 redirects jqhx9dmv.r.us-east-1.awstrack.me	306 B
27	10

	Domain	Requested by
5	www.google.com	1352271900.vitralii-moderne.ro www.gstatic.com www.google.com bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link
4	thirsty-pike.51-158-22-144.plesk.page	1352271900.vitralii-moderne.ro
3	bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link	1352271900.vitralii-moderne.ro
3	www.gstatic.com	www.google.com
2	loving-lovelace.51-158-22-144.plesk.page	bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link cdnjs.cloudflare.com
2	bafybeihg6373ouu5rt43ljwttvwwulj7hnhsk5zeqfe5iqucs2cpfg2rr4.ipfs.dweb.link	1352271900.vitralii-moderne.ro
2	cdnjs.cloudflare.com	1352271900.vitralii-moderne.ro bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link
1	aadcdn.msftauth.net	bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link
1	code.jquery.com	bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link
1	maxcdn.bootstrapcdn.com	bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link
1	1352271900.vitralii-moderne.ro
1	jqhx9dmv.r.us-east-1.awstrack.me	1 redirects
27	12

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
thirsty-pike.51-158-22-144.plesk.page R3	`2023-10-16` - `2024-01-14`	3 months	crt.sh
dweb.link R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
loving-lovelace.51-158-22-144.plesk.page R3	`2023-10-16` - `2024-01-14`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA	`2023-01-31` - `2024-01-31`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/MTY5ODk3NzYxNg?QppDK&BTqIm=cIShOOx2lT1waYokBHMldeqttJ3aJmhm-sfmaxZ2VuLXBneC00cHliNHV6czRweWI0dXpzLWRvYy1iZC14eXotc3dyaS5vcmc=
Frame ID: 3BF5C9822265D1E43C986F1B73A3ABB9
Requests: 25 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCLHogAAAAALXP_eDOUkSgFmLHGEuG6Hp1iNE6&co=aHR0cDovLzEzNTIyNzE5MDAudml0cmFsaWktbW9kZXJuZS5ybzo4MA..&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&sa=submit&cb=fe6oyux9g386
Frame ID: A8B177F5C60E62E1D6937BE41F3E6538
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://jqhx9dmv.r.us-east-1.awstrack.me/L0/http:%2F%2F1352271900.vitralii-moderne.ro%2Fipfs%2Fbafybeiemwdrec5cu7makr... HTTP 302
http://1352271900.vitralii-moderne.ro/ipfs/bafybeiemwdrec5cu7makrm2kjdbmfvqkyukflnwd5f3x4lzmtc6pk3zyfi/MTY5ODk3Nzc... Page URL
https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/MTY5ODk3NzYxNg?QppDK&BTqIm=cIShOOx2lT1waYokBHMldeqttJ3aJmhm-sfmaxZ2VuLXBneC0... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

27
Requests

89 %
HTTPS

44 %
IPv6

10
Domains

12
Subdomains

9
IPs

3
Countries

846 kB
Transfer

1790 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://jqhx9dmv.r.us-east-1.awstrack.me/L0/http:%2F%2F1352271900.vitralii-moderne.ro%2Fipfs%2Fbafybeiemwdrec5cu7makrm2kjdbmfvqkyukflnwd5f3x4lzmtc6pk3zyfi%2FMTY5ODk3Nzc0Mg%3FNzQwMTIyMjU5-sfmaxZ2VuLXBneC0zNjg1MTkzOTYtaWZ4YmQtaXN4c3dyaS5vcmc=sf-1MC4w/1/0100018ba974c7e6-74a7baa7-f8ba-4858-a403-eecd04b8bb56-000000/L28_2Z4xQc7EwFe2QHNyEg02G6I=347 HTTP 302
http://1352271900.vitralii-moderne.ro/ipfs/bafybeiemwdrec5cu7makrm2kjdbmfvqkyukflnwd5f3x4lzmtc6pk3zyfi/MTY5ODk3Nzc0Mg?NzQwMTIyMjU5-sfmaxZ2VuLXBneC0zNjg1MTkzOTYtaWZ4YmQtaXN4c3dyaS5vcmc=sf-1MC4w Page URL
https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/MTY5ODk3NzYxNg?QppDK&BTqIm=cIShOOx2lT1waYokBHMldeqttJ3aJmhm-sfmaxZ2VuLXBneC00cHliNHV6czRweWI0dXpzLWRvYy1iZC14eXotc3dyaS5vcmc= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://jqhx9dmv.r.us-east-1.awstrack.me/L0/http:%2F%2F1352271900.vitralii-moderne.ro%2Fipfs%2Fbafybeiemwdrec5cu7makrm2kjdbmfvqkyukflnwd5f3x4lzmtc6pk3zyfi%2FMTY5ODk3Nzc0Mg%3FNzQwMTIyMjU5-sfmaxZ2VuLXBneC0zNjg1MTkzOTYtaWZ4YmQtaXN4c3dyaS5vcmc=sf-1MC4w/1/0100018ba974c7e6-74a7baa7-f8ba-4858-a403-eecd04b8bb56-000000/L28_2Z4xQc7EwFe2QHNyEg02G6I=347 HTTP 302
http://1352271900.vitralii-moderne.ro/ipfs/bafybeiemwdrec5cu7makrm2kjdbmfvqkyukflnwd5f3x4lzmtc6pk3zyfi/MTY5ODk3Nzc0Mg?NzQwMTIyMjU5-sfmaxZ2VuLXBneC0zNjg1MTkzOTYtaWZ4YmQtaXN4c3dyaS5vcmc=sf-1MC4w

27 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

MTY5ODk3Nzc0Mg Show response
1352271900.vitralii-moderne.ro/ipfs/bafybeiemwdrec5cu7makrm2kjdbmfvqkyukflnwd5f3x4lzmtc6pk3zyfi/
Redirect Chain

http://jqhx9dmv.r.us-east-1.awstrack.me/L0/http:%2F%2F1352271900.vitralii-moderne.ro%2Fipfs%2Fbafybeiemwdrec5cu7makrm2kjdbmfvqkyukflnwd5f3x4lzmtc6pk3zyfi%2FMTY5ODk3Nzc0Mg%3FNzQwMTIyMjU5-sfmaxZ2VuLX...
http://1352271900.vitralii-moderne.ro/ipfs/bafybeiemwdrec5cu7makrm2kjdbmfvqkyukflnwd5f3x4lzmtc6pk3zyfi/MTY5ODk3Nzc0Mg?NzQwMTIyMjU5-sfmaxZ2VuLXBneC0zNjg1MTkzOTYtaWZ4YmQtaXN4c3dyaS5vcmc=sf-1MC4w

11 KB
8 KB

406ms
266ms

Document
text/html

2602:fea2:2::1
PROTOCOL

General

Check archive.org

Show headers Download Go to

Full URL: http://1352271900.vitralii-moderne.ro/ipfs/bafybeiemwdrec5cu7makrm2kjdbmfvqkyukflnwd5f3x4lzmtc6pk3zyfi/MTY5ODk3Nzc0Mg?NzQwMTIyMjU5-sfmaxZ2VuLXBneC0zNjg1MTkzOTYtaWZ4YmQtaXN4c3dyaS5vcmc=sf-1MC4w
Protocol: HTTP/1.1
Server: 2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software: openresty /
Resource Hash: 37b5c584623416953ace61105478a7d0bcfba87c3c6c504a73fd92d9e909e27b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
Access-Control-Allow-Methods: GET HEAD OPTIONS GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Range, X-Chunked-Output, X-Stream-Output
Cache-Control: public, max-age=29030400, immutable
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 07 Nov 2023 11:18:33 GMT
Etag: W/"bafkreibxwxcyiyruc2ktvttbcbkhrj6qxt52q7b4nrieu475slm6scpcpm"
Server: openresty
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-IPFS-LB-POP: gateway-bank2-ny5
X-IPFS-POP: ipfs-bank1-ny5
X-Ipfs-Gateway-Host: ipfs-bank1-ny5
X-Ipfs-Path: /ipfs/bafybeiemwdrec5cu7makrm2kjdbmfvqkyukflnwd5f3x4lzmtc6pk3zyfi/MTY5ODk3Nzc0Mg
X-Ipfs-Roots: bafybeiemwdrec5cu7makrm2kjdbmfvqkyukflnwd5f3x4lzmtc6pk3zyfi,bafkreibxwxcyiyruc2ktvttbcbkhrj6qxt52q7b4nrieu475slm6scpcpm
X-Proxy-Cache: MISS

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Tue, 07 Nov 2023 11:18:32 GMT
Location: http://1352271900.vitralii-moderne.ro/ipfs/bafybeiemwdrec5cu7makrm2kjdbmfvqkyukflnwd5f3x4lzmtc6pk3zyfi/MTY5ODk3Nzc0Mg?NzQwMTIyMjU5-sfmaxZ2VuLXBneC0zNjg1MTkzOTYtaWZ4YmQtaXN4c3dyaS5vcmc=sf-1MC4w

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 32ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: 1352271900.vitralii-moderne.ro
URL: http://1352271900.vitralii-moderne.ro/ipfs/bafybeiemwdrec5cu7makrm2kjdbmfvqkyukflnwd5f3x4lzmtc6pk3zyfi/MTY5ODk3Nzc0Mg?NzQwMTIyMjU5-sfmaxZ2VuLXBneC0zNjg1MTkzOTYtaWZ4YmQtaXN4c3dyaS5vcmc=sf-1MC4w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://1352271900.vitralii-moderne.ro/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 07 Nov 2023 11:18:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4041427
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27958
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YS0oxH1Bf8nE24j%2B3sHazXOJNDUZotBCoFYpASd3Zx%2FtJysFfb25grhM2GVXJQr%2BOG5R078dTTnfzXiRQvXAGo%2F8bNWpSSIklA3yetrE0dysRjX9TTfbPqioSQkbjtNqetfjBw49h3rtTR9FcVwlE0A0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82252d1978c64367-EWR
expires: Sun, 27 Oct 2024 11:18:33 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 80ms
40ms Script
text/javascript 2607:f8b0:4020:805::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c6a4e1b8a0a22208b9dbd647ff0c61effbf1c86c465d1a4ec8334ad6ef9767e7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://1352271900.vitralii-moderne.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 11:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 07 Nov 2023 11:18:33 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/ 467 KB
188 KB 52ms
11ms Script
text/javascript 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7f150e7d0ed3cf657e531221f2640209e6daebed0fbaa6ab7e430ce8eb56a37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://1352271900.vitralii-moderne.ro/
Origin: http://1352271900.vitralii-moderne.ro
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 04:31:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 456453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191376
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 02:02:02 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Nov 2024 04:31:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame A8B1 58 KB
33 KB 55ms
53ms Document
text/html 2607:f8b0:4020:805::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCLHogAAAAALXP_eDOUkSgFmLHGEuG6Hp1iNE6&co=aHR0cDovLzEzNTIyNzE5MDAudml0cmFsaWktbW9kZXJuZS5ybzo4MA..&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&sa=submit&cb=fe6oyux9g386

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3d3042b51c549ff4cdbd1ed9d3b1290eeab4b88908f20ed42b12225eaa5aaf28

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mjqLSkDS4uphOkvNkxhtnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://1352271900.vitralii-moderne.ro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-mjqLSkDS4uphOkvNkxhtnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 11:18:33 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/ Frame A8B1 55 KB
24 KB 78ms
51ms Stylesheet
text/css 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCLHogAAAAALXP_eDOUkSgFmLHGEuG6Hp1iNE6&co=aHR0cDovLzEzNTIyNzE5MDAudml0cmFsaWktbW9kZXJuZS5ybzo4MA..&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&sa=submit&cb=fe6oyux9g386

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 16:08:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 02:02:02 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Nov 2024 16:08:05 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/ Frame A8B1 467 KB
187 KB 64ms
53ms Script
text/javascript 2607:f8b0:4020:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7f150e7d0ed3cf657e531221f2640209e6daebed0fbaa6ab7e430ce8eb56a37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 04:31:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 456453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191376
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 02:02:02 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Nov 2024 04:31:00 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame A8B1 102 B
133 B 43ms
42ms Other
text/javascript 2607:f8b0:4020:805::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c8bb9d1a8eec9d58deb70c22a52e8bc5bcfd0f57eb7ba9a3a3f3312c184da91

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCLHogAAAAALXP_eDOUkSgFmLHGEuG6Hp1iNE6&co=aHR0cDovLzEzNTIyNzE5MDAudml0cmFsaWktbW9kZXJuZS5ybzo4MA..&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&sa=submit&cb=fe6oyux9g386
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 11:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 07 Nov 2023 11:18:33 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame A8B1 33 KB
19 KB 78ms
78ms XHR
application/json 2607:f8b0:4020:805::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LcCLHogAAAAALXP_eDOUkSgFmLHGEuG6Hp1iNE6

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2d99f7c75d071d4ba55dd87b0fa00636d48b4cfe5e9859ba48f2a72b063f6033

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCLHogAAAAALXP_eDOUkSgFmLHGEuG6Hp1iNE6&co=aHR0cDovLzEzNTIyNzE5MDAudml0cmFsaWktbW9kZXJuZS5ybzo4MA..&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&sa=submit&cb=fe6oyux9g386
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 07 Nov 2023 11:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 07 Nov 2023 11:18:33 GMT

OPTIONS
H/1.1 200
OK verify1.php
thirsty-pike.51-158-22-144.plesk.page/v1/ Frame 0
0 622ms
84ms Preflight 51.158.22.144
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://thirsty-pike.51-158-22-144.plesk.page/v1/verify1.php
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 51.158.22.144 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-158-22-144.rev.poneytelecom.eu
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://1352271900.vitralii-moderne.ro
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorizationtype, authorizationpass, authorizationip, authorization1,Content-Type, soapaction
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
Allow: OPTIONS, TRACE, GET, HEAD, POST
Content-Length: 0
Date: Tue, 07 Nov 2023 11:18:31 GMT
Public: OPTIONS, TRACE, GET, HEAD, POST
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin

POST
H/1.1 200
OK verify1.php Show response
thirsty-pike.51-158-22-144.plesk.page/v1/ 149 B
592 B 143ms
122ms XHR
text/html 51.158.22.144
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://thirsty-pike.51-158-22-144.plesk.page/v1/verify1.php
Requested by: Host: 1352271900.vitralii-moderne.ro
URL: http://1352271900.vitralii-moderne.ro/ipfs/bafybeiemwdrec5cu7makrm2kjdbmfvqkyukflnwd5f3x4lzmtc6pk3zyfi/MTY5ODk3Nzc0Mg?NzQwMTIyMjU5-sfmaxZ2VuLXBneC0zNjg1MTkzOTYtaWZ4YmQtaXN4c3dyaS5vcmc=sf-1MC4w
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 51.158.22.144 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-158-22-144.rev.poneytelecom.eu
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c28033f0b5697eea1797705d18af9b9f704a597edf70a17639ae7416e62a88bb

Request headers

Referer: http://1352271900.vitralii-moderne.ro/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 07 Nov 2023 11:18:32 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorizationtype, authorizationpass, authorizationip, authorization1,Content-Type, soapaction
Content-Length: 149

HEAD
H2 410 MTY5ODk3NzU2Ng
bafybeihg6373ouu5rt43ljwttvwwulj7hnhsk5zeqfe5iqucs2cpfg2rr4.ipfs.dweb.link/ 0
0 38ms
7ms Fetch
text/html 2602:fea2:2::1
PROTOCOL

General

Check archive.org

Show headers Download Go to

Full URL

https://bafybeihg6373ouu5rt43ljwttvwwulj7hnhsk5zeqfe5iqucs2cpfg2rr4.ipfs.dweb.link/MTY5ODk3NzU2Ng?

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),

Reverse DNS

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: http://1352271900.vitralii-moderne.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 11:18:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: openresty
x-ipfs-lb-pop: gateway-bank1-ny5
etag: "650c2b69-1a10"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: Content-Range, X-Chunked-Output, X-Stream-Output
access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
content-length: 6672

HEAD
H2 200 MTY5ODk3NzYxNg
bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/ 0
0 32ms
5ms Fetch
text/html 2602:fea2:2::1
PROTOCOL

General

Check archive.org

Show headers Download Go to

Full URL

https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/MTY5ODk3NzYxNg?

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),

Reverse DNS

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: http://1352271900.vitralii-moderne.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 11:18:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-ipfs-gateway-host: ipfs-bank8-ny5
x-ipfs-pop: ipfs-bank8-ny5
server: openresty
x-ipfs-lb-pop: gateway-bank1-ny5
x-ipfs-roots: bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq,bafkreibi64o3q3faccpawvungsknxn6qa2dmdczzeoipvj2vy3u3cfvc3q
etag: W/"bafkreibi64o3q3faccpawvungsknxn6qa2dmdczzeoipvj2vy3u3cfvc3q"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS, GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: Content-Range, X-Chunked-Output, X-Stream-Output
cache-control: public, max-age=29030400, immutable
x-ipfs-path: /ipfs/bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq/MTY5ODk3NzYxNg
timing-allow-origin: *
access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
x-proxy-cache: MISS

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame A8B1 33 KB
19 KB 88ms
88ms XHR
application/json 2607:f8b0:4020:805::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LcCLHogAAAAALXP_eDOUkSgFmLHGEuG6Hp1iNE6

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b34d8e1420c57d3aff5dd40d65790269c9eb988a9968ddf0502b3ae1ff10df50

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcCLHogAAAAALXP_eDOUkSgFmLHGEuG6Hp1iNE6&co=aHR0cDovLzEzNTIyNzE5MDAudml0cmFsaWktbW9kZXJuZS5ybzo4MA..&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&sa=submit&cb=fe6oyux9g386
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 07 Nov 2023 11:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 07 Nov 2023 11:18:34 GMT

OPTIONS
H/1.1 200
OK verify1.php
thirsty-pike.51-158-22-144.plesk.page/v1/ Frame 0
0 312ms
83ms Preflight 51.158.22.144
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://thirsty-pike.51-158-22-144.plesk.page/v1/verify1.php
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 51.158.22.144 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-158-22-144.rev.poneytelecom.eu
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://1352271900.vitralii-moderne.ro
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorizationtype, authorizationpass, authorizationip, authorization1,Content-Type, soapaction
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
Allow: OPTIONS, TRACE, GET, HEAD, POST
Content-Length: 0
Date: Tue, 07 Nov 2023 11:18:31 GMT
Public: OPTIONS, TRACE, GET, HEAD, POST
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin

POST
H/1.1 200
OK verify1.php Show response
thirsty-pike.51-158-22-144.plesk.page/v1/ 149 B
592 B 123ms
122ms XHR
text/html 51.158.22.144
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://thirsty-pike.51-158-22-144.plesk.page/v1/verify1.php
Requested by: Host: 1352271900.vitralii-moderne.ro
URL: http://1352271900.vitralii-moderne.ro/ipfs/bafybeiemwdrec5cu7makrm2kjdbmfvqkyukflnwd5f3x4lzmtc6pk3zyfi/MTY5ODk3Nzc0Mg?NzQwMTIyMjU5-sfmaxZ2VuLXBneC0zNjg1MTkzOTYtaWZ4YmQtaXN4c3dyaS5vcmc=sf-1MC4w
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 51.158.22.144 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-158-22-144.rev.poneytelecom.eu
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c28033f0b5697eea1797705d18af9b9f704a597edf70a17639ae7416e62a88bb

Request headers

Referer: http://1352271900.vitralii-moderne.ro/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 07 Nov 2023 11:18:32 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorizationtype, authorizationpass, authorizationip, authorization1,Content-Type, soapaction
Content-Length: 149

HEAD
H2 410 MTY5ODk3NzU2Ng
bafybeihg6373ouu5rt43ljwttvwwulj7hnhsk5zeqfe5iqucs2cpfg2rr4.ipfs.dweb.link/ 0
0 6ms
6ms Fetch
text/html 2602:fea2:2::1
PROTOCOL

General

Check archive.org

Show headers Download Go to

Full URL

https://bafybeihg6373ouu5rt43ljwttvwwulj7hnhsk5zeqfe5iqucs2cpfg2rr4.ipfs.dweb.link/MTY5ODk3NzU2Ng?

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),

Reverse DNS

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: http://1352271900.vitralii-moderne.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 11:18:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: openresty
x-ipfs-lb-pop: gateway-bank1-ny5
etag: "650c2b69-1a10"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: Content-Range, X-Chunked-Output, X-Stream-Output
access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
content-length: 6672

HEAD
H2 200 MTY5ODk3NzYxNg
bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/ 0
0 7ms
6ms Fetch
text/html 2602:fea2:2::1
PROTOCOL

General

Check archive.org

Show headers Download Go to

Full URL

https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/MTY5ODk3NzYxNg?

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),

Reverse DNS

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: http://1352271900.vitralii-moderne.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 11:18:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-ipfs-gateway-host: ipfs-bank8-ny5
x-ipfs-pop: ipfs-bank8-ny5
server: openresty
x-ipfs-lb-pop: gateway-bank1-ny5
x-ipfs-roots: bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq,bafkreibi64o3q3faccpawvungsknxn6qa2dmdczzeoipvj2vy3u3cfvc3q
etag: W/"bafkreibi64o3q3faccpawvungsknxn6qa2dmdczzeoipvj2vy3u3cfvc3q"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS, GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: Content-Range, X-Chunked-Output, X-Stream-Output
cache-control: public, max-age=29030400, immutable
x-ipfs-path: /ipfs/bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq/MTY5ODk3NzYxNg
timing-allow-origin: *
access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
x-proxy-cache: MISS

GET
H2 200 Primary Request MTY5ODk3NzYxNg Show response
bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/ 7 KB
5 KB 23ms
9ms Document
text/html 2602:fea2:2::1
PROTOCOL

General

Check archive.org

Show headers Download Go to

Full URL

https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/MTY5ODk3NzYxNg?QppDK&BTqIm=cIShOOx2lT1waYokBHMldeqttJ3aJmhm-sfmaxZ2VuLXBneC00cHliNHV6czRweWI0dXpzLWRvYy1iZC14eXotc3dyaS5vcmc=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),

Reverse DNS

Software

openresty /

Resource Hash

28f71db86ca0109e0b568d3494dbb7d00686c18b392390faa755c6e9b116a2dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://1352271900.vitralii-moderne.ro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-allow-methods: GET HEAD OPTIONS GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Range, X-Chunked-Output, X-Stream-Output
cache-control: public, max-age=29030400, immutable
content-encoding: gzip
content-type: text/html
date: Tue, 07 Nov 2023 11:18:35 GMT
etag: W/"bafkreibi64o3q3faccpawvungsknxn6qa2dmdczzeoipvj2vy3u3cfvc3q"
server: openresty
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-ipfs-gateway-host: ipfs-bank2-ny5
x-ipfs-lb-pop: gateway-bank2-ny5
x-ipfs-path: /ipfs/bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq/MTY5ODk3NzYxNg
x-ipfs-pop: ipfs-bank2-ny5
x-ipfs-roots: bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq,bafkreibi64o3q3faccpawvungsknxn6qa2dmdczzeoipvj2vy3u3cfvc3q
x-proxy-cache: MISS

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 21ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/
Origin: https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 07 Nov 2023 11:18:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 613312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27958
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7KAnzCOOQtYAUBaVvgI1QM9ymHSwYakjCiQVyOgWw1kXY0wvNU5IJoZu%2FFvFYEDrp%2FhdxXYwh4XH78xaPV2KceSJZWSNQ4gmld12BGNI2b97R9m9b90C5MUIecWGw7T3oRFw859GzR2jaPkM%2FcLlUbB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82252d25197b41a6-EWR
expires: Sun, 27 Oct 2024 11:18:35 GMT

HEAD
H/1.1 200
OK /
loving-lovelace.51-158-22-144.plesk.page/ 0
0 724ms
88ms Fetch
text/html 51.158.22.144
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://loving-lovelace.51-158-22-144.plesk.page/?ck=1
Requested by: Host: bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link
URL: https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/MTY5ODk3NzYxNg?QppDK&BTqIm=cIShOOx2lT1waYokBHMldeqttJ3aJmhm-sfmaxZ2VuLXBneC00cHliNHV6czRweWI0dXpzLWRvYy1iZC14eXotc3dyaS5vcmc=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 51.158.22.144 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-158-22-144.rev.poneytelecom.eu
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Tue, 07 Nov 2023 11:18:33 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: authorizationtype, authorizationpass, authorizationip, authorization1,Content-Type, soapaction
Content-Length: 0

POST
H/1.1 200
OK / Show response
loving-lovelace.51-158-22-144.plesk.page/ 247 KB
247 KB 580ms
580ms XHR
text/html 51.158.22.144
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://loving-lovelace.51-158-22-144.plesk.page/?ck=1&pxg=gen&e=YmRAc3dyaS5vcmc=&ep=aHR0cHM6Ly9sb3ZpbmctbG92ZWxhY2UuNTEtMTU4LTIyLTE0NC5wbGVzay5wYWdlL3BvaW50ZXIuZ29vZ2xlYXBpLmNvbS8/&en=YmRAc3dyaS5vcmc=&eu=swri.org
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 51.158.22.144 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-158-22-144.rev.poneytelecom.eu
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5071c93788554cd141bafdd91bdcf8d5015ef12f2826346cb902f3e0c9f34083

Request headers

Accept: */*
Referer: https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Pragma: no-cache
Date: Tue, 07 Nov 2023 11:18:33 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Headers: authorizationtype, authorizationpass, authorizationip, authorization1,Content-Type, soapaction
Content-Length: 252745
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 141 KB
22 KB 328ms
14ms Stylesheet
text/css 104.18.11.207

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

Requested by

Host: bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link
URL: https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/MTY5ODk3NzYxNg?QppDK&BTqIm=cIShOOx2lT1waYokBHMldeqttJ3aJmhm-sfmaxZ2VuLXBneC00cHliNHV6czRweWI0dXpzLWRvYy1iZC14eXotc3dyaS5vcmc=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/
Origin: https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 11:18:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 946
age: 4265
cdn-cachedat: 09/21/2023 20:15:20
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"450fc463b8b1a349df717056fbb3e078"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: b5eb665728dd67417cb9aaf15902a8e3
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 82252d33585a43ad-EWR
cdn-requestpullsuccess: True

GET
H2 200 jquery-3.1.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 334ms
3ms Script
application/javascript 151.101.130.137

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.1.1.min.js
Requested by: Host: bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link
URL: https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/MTY5ODk3NzYxNg?QppDK&BTqIm=cIShOOx2lT1waYokBHMldeqttJ3aJmhm-sfmaxZ2VuLXBneC00cHliNHV6czRweWI0dXpzLWRvYy1iZC14eXotc3dyaS5vcmc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

Referer: https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 07 Nov 2023 11:18:37 GMT
content-encoding: gzip
via: 1.1 varnish
age: 4553716
x-cache: HIT
content-length: 30070
x-served-by: cache-lga21927-LGA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1699355917.347819,VS0,VE0
etag: W/"28feccc0-152b5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 55387

GET all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 0
0

GET favicons
www.google.com/s2/ 0
0

GET
H2 200 53_8b36337037cff88c3df203bb73d58e41.png
aadcdn.msftauth.net/ests/2.1/content/images/applogos/ 5 KB
5 KB 319ms
6ms Image
image/png 152.199.4.44

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png
Requested by: Host: bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link
URL: https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/MTY5ODk3NzYxNg?QppDK&BTqIm=cIShOOx2lT1waYokBHMldeqttJ3aJmhm-sfmaxZ2VuLXBneC00cHliNHV6czRweWI0dXpzLWRvYy1iZC14eXotc3dyaS5vcmc=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.4.44 -, , ASN (),
Reverse DNS
Software: ECAcc (nya/1C47) /
Resource Hash: e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 07 Nov 2023 11:18:37 GMT
content-md5: izYzcDfP+Iw98gO7c9WOQQ==
age: 6740537
x-cache: HIT
content-length: 5139
x-ms-lease-status: unlocked
last-modified: Wed, 12 Feb 2020 22:14:11 GMT
server: ECAcc (nya/1C47)
etag: 0x8D7B008E3889D50
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: f8563522-201e-000d-5e1e-d4853d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f32e08ca8b628f66ebe61f043be979760c8651f03f878c95e20e33da6a3be5a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e86e4a63dbcb3ae16785a8723694ae23f7c66fbdbad3bba8fd3b8fe025b8e812

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 164 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 956495d6eb49a58fc181eb4955fa868250de99cbcc7e4643c8bba9d24fa693e6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 784beca0f92c659b76c0ed71589d7c3c14d1ce3e4fb6de7cfb2ebd17a6078d40

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 197 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e6420e0f2a938390b7f652d6a54ffc327eb4610009d997059cc2ec8c9962cc7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 188 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12f82edf182dddffd58aff342c647a43e5a3e0afa11951a3cdc1ad6937655d32

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Domain: www.google.com
URL: https://www.google.com/s2/favicons?domain=swri.org

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.google.com/recaptcha	1970-01-20 20:21:47	Name: _GRECAPTCHA Value: 09ANjddZbX5LqvcwSZ0Y_fkewT_oyDQyNLbfCIEUyHGnbApi61N74IZDZX_FCpO3SX1v3ETLkeqmZyBa48wYeQJYw

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://bafybeihg6373ouu5rt43ljwttvwwulj7hnhsk5zeqfe5iqucs2cpfg2rr4.ipfs.dweb.link/MTY5ODk3NzU2Ng? Message: Failed to load resource: the server responded with a status of 410 ()
network	error	URL: https://bafybeihg6373ouu5rt43ljwttvwwulj7hnhsk5zeqfe5iqucs2cpfg2rr4.ipfs.dweb.link/MTY5ODk3NzU2Ng? Message: Failed to load resource: the server responded with a status of 410 ()
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/MTY5ODk3NzYxNg?QppDK&BTqIm=cIShOOx2lT1waYokBHMldeqttJ3aJmhm-sfmaxZ2VuLXBneC00cHliNHV6czRweWI0dXpzLWRvYy1iZC14eXotc3dyaS5vcmc= Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.1.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	warning	URL: https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/MTY5ODk3NzYxNg?QppDK&BTqIm=cIShOOx2lT1waYokBHMldeqttJ3aJmhm-sfmaxZ2VuLXBneC00cHliNHV6czRweWI0dXpzLWRvYy1iZC14eXotc3dyaS5vcmc= Message: Mixed Content: The page at 'https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/MTY5ODk3NzYxNg?QppDK&BTqIm=cIShOOx2lT1waYokBHMldeqttJ3aJmhm-sfmaxZ2VuLXBneC00cHliNHV6czRweWI0dXpzLWRvYy1iZC14eXotc3dyaS5vcmc=' was loaded over HTTPS, but requested an insecure element 'http://www.google.com/s2/favicons?domain=swri.org'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript	warning	URL: https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/MTY5ODk3NzYxNg?QppDK&BTqIm=cIShOOx2lT1waYokBHMldeqttJ3aJmhm-sfmaxZ2VuLXBneC00cHliNHV6czRweWI0dXpzLWRvYy1iZC14eXotc3dyaS5vcmc= Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.1.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/MTY5ODk3NzYxNg?QppDK&BTqIm=cIShOOx2lT1waYokBHMldeqttJ3aJmhm-sfmaxZ2VuLXBneC00cHliNHV6czRweWI0dXpzLWRvYy1iZC14eXotc3dyaS5vcmc= Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.1.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	warning	URL: https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/MTY5ODk3NzYxNg?QppDK&BTqIm=cIShOOx2lT1waYokBHMldeqttJ3aJmhm-sfmaxZ2VuLXBneC00cHliNHV6czRweWI0dXpzLWRvYy1iZC14eXotc3dyaS5vcmc= Message: Mixed Content: The page at 'https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/MTY5ODk3NzYxNg?QppDK&BTqIm=cIShOOx2lT1waYokBHMldeqttJ3aJmhm-sfmaxZ2VuLXBneC00cHliNHV6czRweWI0dXpzLWRvYy1iZC14eXotc3dyaS5vcmc=' was loaded over HTTPS, but requested an insecure element 'http://www.google.com/s2/favicons?domain=swri.org'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript	warning	URL: https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/MTY5ODk3NzYxNg?QppDK&BTqIm=cIShOOx2lT1waYokBHMldeqttJ3aJmhm-sfmaxZ2VuLXBneC00cHliNHV6czRweWI0dXpzLWRvYy1iZC14eXotc3dyaS5vcmc= Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.1.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	warning	URL: about:blank Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/MTY5ODk3NzYxNg?QppDK&BTqIm=cIShOOx2lT1waYokBHMldeqttJ3aJmhm-sfmaxZ2VuLXBneC00cHliNHV6czRweWI0dXpzLWRvYy1iZC14eXotc3dyaS5vcmc= Message: Mixed Content: The page at 'https://bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link/MTY5ODk3NzYxNg?QppDK&BTqIm=cIShOOx2lT1waYokBHMldeqttJ3aJmhm-sfmaxZ2VuLXBneC00cHliNHV6czRweWI0dXpzLWRvYy1iZC14eXotc3dyaS5vcmc=' was loaded over HTTPS, but requested an insecure element 'http://www.google.com/s2/favicons?domain=swri.org'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1352271900.vitralii-moderne.ro
aadcdn.msftauth.net
bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link
bafybeihg6373ouu5rt43ljwttvwwulj7hnhsk5zeqfe5iqucs2cpfg2rr4.ipfs.dweb.link
cdnjs.cloudflare.com
code.jquery.com
jqhx9dmv.r.us-east-1.awstrack.me
loving-lovelace.51-158-22-144.plesk.page
maxcdn.bootstrapcdn.com
thirsty-pike.51-158-22-144.plesk.page
www.google.com
www.gstatic.com
cdnjs.cloudflare.com
www.google.com
104.18.11.207
151.101.130.137
152.199.4.44
2602:fea2:2::1
2606:4700::6811:180e
2607:f8b0:4020:805::2003
2607:f8b0:4020:805::2004
51.158.22.144
52.55.163.24
12f82edf182dddffd58aff342c647a43e5a3e0afa11951a3cdc1ad6937655d32
1c8bb9d1a8eec9d58deb70c22a52e8bc5bcfd0f57eb7ba9a3a3f3312c184da91
28f71db86ca0109e0b568d3494dbb7d00686c18b392390faa755c6e9b116a2dc
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2d99f7c75d071d4ba55dd87b0fa00636d48b4cfe5e9859ba48f2a72b063f6033
2f32e08ca8b628f66ebe61f043be979760c8651f03f878c95e20e33da6a3be5a
37b5c584623416953ace61105478a7d0bcfba87c3c6c504a73fd92d9e909e27b
3d3042b51c549ff4cdbd1ed9d3b1290eeab4b88908f20ed42b12225eaa5aaf28
4e6420e0f2a938390b7f652d6a54ffc327eb4610009d997059cc2ec8c9962cc7
5071c93788554cd141bafdd91bdcf8d5015ef12f2826346cb902f3e0c9f34083
784beca0f92c659b76c0ed71589d7c3c14d1ce3e4fb6de7cfb2ebd17a6078d40
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
956495d6eb49a58fc181eb4955fa868250de99cbcc7e4643c8bba9d24fa693e6
b34d8e1420c57d3aff5dd40d65790269c9eb988a9968ddf0502b3ae1ff10df50
c28033f0b5697eea1797705d18af9b9f704a597edf70a17639ae7416e62a88bb
c6a4e1b8a0a22208b9dbd647ff0c61effbf1c86c465d1a4ec8334ad6ef9767e7
c7f150e7d0ed3cf657e531221f2640209e6daebed0fbaa6ab7e430ce8eb56a37
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898
e86e4a63dbcb3ae16785a8723694ae23f7c66fbdbad3bba8fd3b8fe025b8e812
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link Open in urlscan Pro 2602:fea2:2::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

89 %HTTPS

44 %IPv6

10 Domains

12 Subdomains

9 IPs

3 Countries

846 kBTransfer

1790 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bafybeib6vxbwy7ik2o4a7xdombho2e2ojuobrndcrobcqally32isznlyq.ipfs.dweb.link Open in urlscan Pro
2602:fea2:2::1 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

89 %
HTTPS

44 %
IPv6

10
Domains

12
Subdomains

9
IPs

3
Countries

846 kB
Transfer

1790 kB
Size

1
Cookies

27 HTTP transactions
6 data transactions