lestrade.w3spaces.com Open in urlscan Pro
2600:9000:2156:8000:b:df74:43c0:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lestrade.w3spaces.com/
Effective URL:
https://lestrade.w3spaces.com/
Submission: On November 06 via api (November 6th 2023, 10:48:11 am UTC) from US — Scanned from DE

Summary HTTP 22 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 22 HTTP transactions. The main IP is 2600:9000:2156:8000:b:df74:43c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is lestrade.w3spaces.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on June 11th 2023. Valid for: a year.

This is the only time lestrade.w3spaces.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:215... 2600:9000:2156:fe00:b:df74:43c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:8000:b:df74:43c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
5	104.18.37.69 104.18.37.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.159.129.233 162.159.129.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	192.0.77.40 192.0.77.40	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
3 7	2620:100:6021... 2620:100:6021:15::a27d:410f	19679 (DROPBOX) (DROPBOX)
1	18.66.97.45 18.66.97.45	16509 (AMAZON-02) (AMAZON-02)
22	11

1 2600:9000:2156:fe00:b:df74:43c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

lestrade.w3spaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:8000:b:df74:43c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

lestrade.w3spaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.37.69 (None, )

ASN13335 (CLOUDFLARENET, US)

kaeya.crd.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.129.233 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.discordapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.40 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com

static.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:100:6021:15::a27d:410f (United States) 3 redirects

ASN19679 (DROPBOX, US)

dl.dropbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dl.dropboxusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.dl.dropboxusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-45.fra56.r.cloudfront.net

cdn.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	gstatic.com fonts.gstatic.com	60 KB
5	crd.co kaeya.crd.co	1 MB
4	dropboxusercontent.com dl.dropboxusercontent.com — Cisco Umbrella Rank: 17061 www.dl.dropboxusercontent.com — Cisco Umbrella Rank: 320437	3 MB
3	dropbox.com 3 redirects dl.dropbox.com — Cisco Umbrella Rank: 58158	698 B
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 ajax.googleapis.com — Cisco Umbrella Rank: 364	210 KB
2	w3spaces.com 1 redirects lestrade.w3spaces.com	53 KB
1	glitch.me cdn.glitch.me — Cisco Umbrella Rank: 58115	25 KB
1	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1492
1	tumblr.com static.tumblr.com — Cisco Umbrella Rank: 52479	1 KB
1	discordapp.com cdn.discordapp.com — Cisco Umbrella Rank: 2888	73 KB
22	10

	Domain	Requested by
5	fonts.gstatic.com	fonts.googleapis.com
5	kaeya.crd.co	lestrade.w3spaces.com
3	dl.dropboxusercontent.com	lestrade.w3spaces.com
3	dl.dropbox.com	3 redirects
2	fonts.googleapis.com	lestrade.w3spaces.com
2	lestrade.w3spaces.com	1 redirects
1	www.dl.dropboxusercontent.com	lestrade.w3spaces.com
1	cdn.glitch.me	lestrade.w3spaces.com
1	kit.fontawesome.com	lestrade.w3spaces.com
1	static.tumblr.com	lestrade.w3spaces.com
1	ajax.googleapis.com	lestrade.w3spaces.com
1	cdn.discordapp.com	lestrade.w3spaces.com
22	12

This site contains links to these domains. Also see Links.

Domain
rentry.co

Subject Issuer	Validity	Valid
*.w3spaces.com Amazon RSA 2048 M02	`2023-06-11` - `2024-07-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
crd.co Cloudflare Inc ECC CA-3	`2023-03-12` - `2024-03-11`	a year	crt.sh
discordapp.com Cloudflare Inc ECC CA-3	`2023-10-20` - `2024-10-19`	a year	crt.sh
*.tumblr.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
glitch.com Amazon RSA 2048 M01	`2023-02-22` - `2024-02-01`	a year	crt.sh
dl.dropbox.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-14` - `2024-03-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://lestrade.w3spaces.com/
Frame ID: 4829618BE0DE5D9236ED3458C7137361
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ERY BEGINNING. IT WAzzz

Page URL History Show full URLs

http://lestrade.w3spaces.com/ HTTP 301
https://lestrade.w3spaces.com/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

86 %
HTTPS

64 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

5226 kB
Transfer

5608 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://rentry.co/Iunox
Title: full list of interest here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lestrade.w3spaces.com/ HTTP 301
https://lestrade.w3spaces.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://dl.dropbox.com/s/j8ky6jfd09v7bc0/betterfly.ttf HTTP 302
https://dl.dropboxusercontent.com/s/j8ky6jfd09v7bc0/betterfly.ttf

Request Chain 19

https://dl.dropbox.com/s/pwrpudozsv56tud/KosugiMaru-Regular.ttf HTTP 302
https://dl.dropboxusercontent.com/s/pwrpudozsv56tud/KosugiMaru-Regular.ttf

Request Chain 21

https://dl.dropbox.com/s/cn0l1yjacta4whv/W95FA.otf HTTP 302
https://dl.dropboxusercontent.com/s/cn0l1yjacta4whv/W95FA.otf

22 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
lestrade.w3spaces.com/
Redirect Chain

http://lestrade.w3spaces.com/
https://lestrade.w3spaces.com/

52 KB
53 KB

897ms
876ms

Document
text/html

2600:9000:2156:8000:b:df74:43c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lestrade.w3spaces.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8000:b:df74:43c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3218d45470b6761aeebdae98b901da3cf42abbb0188a3163a04b100767267ac8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 53415
content-type: text/html
date: Mon, 06 Nov 2023 10:48:06 GMT
etag: "c8fe5cd5ec59a5dbe9416a2545812faa"
last-modified: Mon, 06 Nov 2023 07:42:27 GMT
server: AmazonS3
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
x-amz-cf-id: KB646r3A_xdlL6G_mElPgDHDNvj1iVW9LlUFKMNGOa-1uSUl1446xA==
x-amz-cf-pop: FRA50-C1
x-amz-id-2: 1yEQ9IsGNstazzfjD0esAO0J19+3IzW0jkucNCeqib88w9uXSd7KeDftVTBA6/iGjvYsBKDW3K8=
x-amz-request-id: HXANJ5JG2QMC3B7K
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Mon, 06 Nov 2023 10:48:04 GMT
Location: https://lestrade.w3spaces.com/
Server: CloudFront
Via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
X-Amz-Cf-Id: zeZgkueWYT3SzTRUDXZgE-WOjVBUJD6RalDH1uPxAMaJvL3jCXFOuw==
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Redirect from cloudfront

GET
H2 200 css2
fonts.googleapis.com/ 107 KB
29 KB 46ms
23ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?display=swap&family=Kosugi+Maru:ital,wght@0,400;1,400

Requested by

Host: lestrade.w3spaces.com
URL: https://lestrade.w3spaces.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ef861bc41a4e0418ed78fd7fe45edfe4b764666a9fe1ebdd84d081c9cc3ffce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lestrade.w3spaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 10:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 10:48:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 10:48:05 GMT

GET
H2 200 css2
fonts.googleapis.com/ 335 KB
88 KB 35ms
33ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=M+PLUS+Rounded+1c:wght@400;500;800&display=swap

Requested by

Host: lestrade.w3spaces.com
URL: https://lestrade.w3spaces.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a07bb123e951b2619c292161da7f970a5f2a5424cc36648b8fbcdba35f56939

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lestrade.w3spaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Nov 2023 10:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 10:48:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Nov 2023 10:48:05 GMT

GET
H2 200 image02.png
kaeya.crd.co/assets/images/ 21 KB
21 KB 496ms
454ms Image
image/png 104.18.37.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kaeya.crd.co/assets/images/image02.png?v=7f8c71db
Requested by: Host: lestrade.w3spaces.com
URL: https://lestrade.w3spaces.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.37.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afd616bf0d831ed321a074f5b0cb4b756cd7d997c20c83be30b61f2742a1a833

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lestrade.w3spaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 10:48:05 GMT
cf-cache-status: MISS
last-modified: Thu, 02 Feb 2023 19:25:16 GMT
server: cloudflare
etag: "539b-5f3bc864ca748"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 821cc31a2a92917c-FRA
content-length: 21403
expires: Mon, 13 Nov 2023 10:48:05 GMT

GET
H2 200 image06.png
kaeya.crd.co/assets/images/ 21 KB
21 KB 490ms
448ms Image
image/png 104.18.37.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kaeya.crd.co/assets/images/image06.png?v=7f8c71db
Requested by: Host: lestrade.w3spaces.com
URL: https://lestrade.w3spaces.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.37.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afd616bf0d831ed321a074f5b0cb4b756cd7d997c20c83be30b61f2742a1a833

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lestrade.w3spaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 10:48:05 GMT
cf-cache-status: MISS
last-modified: Thu, 02 Feb 2023 19:25:16 GMT
server: cloudflare
etag: "539b-5f3bc864c3600"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 821cc31a3a97917c-FRA
content-length: 21403
expires: Mon, 13 Nov 2023 10:48:05 GMT

GET
H2 200 tumblr_49dcb86cb79e75569ae47cf17adbb3b6_fe5e7ef7_2048.jpg
cdn.discordapp.com/attachments/503392593657200647/1170987321923997716/ 72 KB
73 KB 169ms
134ms Image
image/jpeg 162.159.129.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.discordapp.com/attachments/503392593657200647/1170987321923997716/tumblr_49dcb86cb79e75569ae47cf17adbb3b6_fe5e7ef7_2048.jpg?ex=655b09ed&is=654894ed&hm=444fd5eebabedb850a1d0ca616e7c9dd9e61312aa0ac7a897a0dc899fbc297df&
Requested by: Host: lestrade.w3spaces.com
URL: https://lestrade.w3spaces.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.129.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 806491cd415cc0a0377ca4bce8e3479ac9e1659ab98f47cb4791e83b23dc1a84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lestrade.w3spaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 10:48:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 73957
last-modified: Mon, 06 Nov 2023 07:25:33 GMT
cf-bgj: h2pri
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AocaZ6YwKxmZYonkLZEioIK7C%2FWyOW%2BNd9EdXAK8e94D8y1O3RPDnPxoopelPs9HACqr6tyEExutj289iEgqXea6rSNIaK8BJw9FDn8jTfSWyHa24oAkt7B%2BecoDiwv7PQujWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 821cc31a2be21915-FRA
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Tue, 05 Nov 2024 10:48:05 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7/ 93 KB
93 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7/jquery.min.js

Requested by

Host: lestrade.w3spaces.com
URL: https://lestrade.w3spaces.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lestrade.w3spaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 18:27:28 GMT
x-content-type-options: nosniff
age: 404437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94840
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Oct 2024 18:27:28 GMT

GET
H2 200 glenplayer02.js Show response
static.tumblr.com/gtjt4bo/QRmphdsdv/ 874 B
1 KB 35ms
7ms Script
text/javascript 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tumblr.com/gtjt4bo/QRmphdsdv/glenplayer02.js

Requested by

Host: lestrade.w3spaces.com
URL: https://lestrade.w3spaces.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

e3ac527cd57cc7de7204d4a7c5bd7a2bc8407ed8bbab28c914e216312d1896d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lestrade.w3spaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Mon, 06 Nov 2023 10:48:05 GMT
strict-transport-security: max-age=31536000; preload
last-modified: Mon, 29 Oct 2018 22:13:08 GMT
server: nginx
etag: "0c72d69900626725bd7d730e5d46a141"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 874
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 403 8119dfca45.js
kit.fontawesome.com/ 0
0 148ms
127ms Script
text/plain 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/8119dfca45.js
Requested by: Host: lestrade.w3spaces.com
URL: https://lestrade.w3spaces.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://lestrade.w3spaces.com/
Origin: https://lestrade.w3spaces.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 10:48:05 GMT
cf-cache-status: MISS
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
vary: Accept-Encoding
cf-ray: 821cc31a1f765b7a-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
content-length: 9
x-request-id: F5UC9PWQLek54dB5YwIi

GET
DATA 200
OK truncated
/ 185 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17f15e053d27f97fcb19e202fc1cb93f934c7dff73ff245e9e06358da9bf9ab6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 185 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6c0070107e7122dd9641f81bac5b538a935b4414f7bf8b3d44e74ec0a83ae37

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 187 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56cfa01dc20893682ff8bde143d9c0af697ab1f6ad8ee0383e8b099fceb4d4f5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 397 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19bcd591b90b35bd6e42c7eae795906cf308f5831b04dbc6d88bfee0fb475011

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 0nksC9PgP_wGh21A2KeqGiTv4ur_mWjfXWdNMtg65zwIiCccFzPAsA.118.woff2
fonts.gstatic.com/s/kosugimaru/v14/ 7 KB
7 KB 36ms
13ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kosugimaru/v14/0nksC9PgP_wGh21A2KeqGiTv4ur_mWjfXWdNMtg65zwIiCccFzPAsA.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Kosugi+Maru:ital,wght@0,400;1,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ea8b887893e6ee4a5dd5f35c63aaaf47e16f6f06ce77e3a49cc02ee344a9d07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lestrade.w3spaces.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 12:32:52 GMT
x-content-type-options: nosniff
age: 252913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7048
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:08:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 12:32:52 GMT

GET
H2 200 0nksC9PgP_wGh21A2KeqGiTv4ur_mWjfXWdNMtg65zwIiCccFzPAsA.119.woff2
fonts.gstatic.com/s/kosugimaru/v14/ 20 KB
21 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kosugimaru/v14/0nksC9PgP_wGh21A2KeqGiTv4ur_mWjfXWdNMtg65zwIiCccFzPAsA.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Kosugi+Maru:ital,wght@0,400;1,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69e9ad3f44afcd18d783d1a89f5a08873521b478f4a822acd1a26fc8d4ea4f92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lestrade.w3spaces.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 04:14:02 GMT
x-content-type-options: nosniff
age: 196443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20464
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:08:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Nov 2024 04:14:02 GMT

GET
H2 200 0nksC9PgP_wGh21A2KeqGiTv4ur_mWjfXWdNMtg65zwIiCccFzPAsA.111.woff2
fonts.gstatic.com/s/kosugimaru/v14/ 13 KB
13 KB 35ms
14ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kosugimaru/v14/0nksC9PgP_wGh21A2KeqGiTv4ur_mWjfXWdNMtg65zwIiCccFzPAsA.111.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Kosugi+Maru:ital,wght@0,400;1,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1f17ee375fa8802ca44af6a84ef3c91d68872158bb6f6cf2ae78485a077111f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lestrade.w3spaces.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 16:41:47 GMT
x-content-type-options: nosniff
age: 237978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12908
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:02:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 16:41:47 GMT

GET
H2 200 0nksC9PgP_wGh21A2KeqGiTv4ur_mWjfXWdNMtg65zwIiCccFzPAsA.117.woff2
fonts.gstatic.com/s/kosugimaru/v14/ 9 KB
9 KB 36ms
17ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kosugimaru/v14/0nksC9PgP_wGh21A2KeqGiTv4ur_mWjfXWdNMtg65zwIiCccFzPAsA.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Kosugi+Maru:ital,wght@0,400;1,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af35ec69cfdddd1cbee3d7684cd20677a0a411546fe4e933aa4092da3bdc31fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lestrade.w3spaces.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 21:42:02 GMT
x-content-type-options: nosniff
age: 219963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8852
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:40:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 21:42:02 GMT

GET
H2 200 0nksC9PgP_wGh21A2KeqGiTv4ur_mWjfXWdNMtg65zwIiCccFzPAsA.113.woff2
fonts.gstatic.com/s/kosugimaru/v14/ 11 KB
11 KB 34ms
15ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kosugimaru/v14/0nksC9PgP_wGh21A2KeqGiTv4ur_mWjfXWdNMtg65zwIiCccFzPAsA.113.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Kosugi+Maru:ital,wght@0,400;1,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eab2567c6d3a6e6742cd7104c91bf0c178d0796a6e766a4a434c4c2e2d14597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lestrade.w3spaces.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 05:16:26 GMT
x-content-type-options: nosniff
age: 279099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10756
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 05:16:26 GMT

GET
H2

404

betterfly.ttf
dl.dropboxusercontent.com/s/j8ky6jfd09v7bc0/
Redirect Chain

https://dl.dropbox.com/s/j8ky6jfd09v7bc0/betterfly.ttf
https://dl.dropboxusercontent.com/s/j8ky6jfd09v7bc0/betterfly.ttf

0
0

188ms
178ms

Font
text/html

2620:100:6021:15::a27d:410f
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://dl.dropboxusercontent.com/s/j8ky6jfd09v7bc0/betterfly.ttf

Requested by

Host: lestrade.w3spaces.com
URL: https://lestrade.w3spaces.com/

Protocol

Server

2620:100:6021:15::a27d:410f , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-forms allow-scripts
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lestrade.w3spaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: sandbox allow-forms allow-scripts
date: Mon, 06 Nov 2023 10:48:05 GMT
content-encoding: gzip
accept-encoding: identity,gzip
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
x-dropbox-request-id: 26a79abf2c5146d1b02b3d43f85e5f12
access-control-expose-headers: Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
x-dropbox-response-origin: far_remote
x-robots-tag: noindex, nofollow, noimageindex

Redirect headers

content-security-policy: sandbox
date: Mon, 06 Nov 2023 10:48:05 GMT
content-encoding: gzip
accept-encoding: identity,gzip
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://dl.dropboxusercontent.com/s/j8ky6jfd09v7bc0/betterfly.ttf
access-control-expose-headers: Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control: no-cache
x-dropbox-response-origin: far_remote
x-robots-tag: noindex, nofollow, noimageindex
x-dropbox-request-id: 3c04428abb9943d8a1707a926630bf6c

GET
H/1.1 200
OK LL_RECOR.TTF
cdn.glitch.me/9bbfdfb3-4bfa-4c39-8743-5621c8b9df21/ 24 KB
25 KB 51ms
8ms Font
binary/octet-stream 18.66.97.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.glitch.me/9bbfdfb3-4bfa-4c39-8743-5621c8b9df21/LL_RECOR.TTF

Requested by

Host: lestrade.w3spaces.com
URL: https://lestrade.w3spaces.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-45.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d42a9d28c87bc063f47f0fbb8e20ac633b954440e3ca3852e8758d111d805b18

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

Referer: https://lestrade.w3spaces.com/
Origin: https://lestrade.w3spaces.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Sun, 17 Sep 2023 01:34:23 GMT
Via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
Content-Security-Policy: script-src 'none'
Last-Modified: Mon, 20 Dec 2021 00:44:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P2
Age: 4353223
ETag: "405dd9e951c6ec3554da85cf3f4d0a9b"
X-Cache: Hit from cloudfront
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 25060
X-Amz-Cf-Id: QWuxaOTenNk1QZRid794Q3EoLZ5wg6OcatCcrnrykhZE2VfIYdyHZQ==

GET
H2

200

KosugiMaru-Regular.ttf
dl.dropboxusercontent.com/s/pwrpudozsv56tud/
Redirect Chain

https://dl.dropbox.com/s/pwrpudozsv56tud/KosugiMaru-Regular.ttf
https://dl.dropboxusercontent.com/s/pwrpudozsv56tud/KosugiMaru-Regular.ttf

3 MB
3 MB

678ms
667ms

Font
application/octet-stream

2620:100:6021:15::a27d:410f
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://dl.dropboxusercontent.com/s/pwrpudozsv56tud/KosugiMaru-Regular.ttf

Requested by

Host: lestrade.w3spaces.com
URL: https://lestrade.w3spaces.com/

Protocol

Server

2620:100:6021:15::a27d:410f , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

ed098a4cf6479a7f07dd351227274bdf5919842dca54f6329aba9b9ae26aa34e

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lestrade.w3spaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
date: Mon, 06 Nov 2023 10:48:06 GMT
x-content-type-options: nosniff
accept-encoding: identity,gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-dropbox-request-id: e0e179e376ac4ecea076af23728fbeaf
x-dropbox-response-origin: far_remote
content-disposition: inline; filename="KosugiMaru-Regular.ttf"; filename*=UTF-8''KosugiMaru-Regular.ttf
content-length: 3565692
pragma: public
server: envoy
etag: 1675374946695215n
x-server-response-time: 520
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control: max-age=60
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noimageindex

Redirect headers

content-security-policy: sandbox
date: Mon, 06 Nov 2023 10:48:05 GMT
content-encoding: gzip
accept-encoding: identity,gzip
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://dl.dropboxusercontent.com/s/pwrpudozsv56tud/KosugiMaru-Regular.ttf
access-control-expose-headers: Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control: no-cache
x-dropbox-response-origin: far_remote
x-robots-tag: noindex, nofollow, noimageindex
x-dropbox-request-id: fd2e8bbe4aee4f54890df8a817a966e2

GET
H2 206 Starry%20Eyes%20-%20Cigarettes%20After%20Sex.mp3
www.dl.dropboxusercontent.com/s/g7l02c1h4vhv7bu/ 64 KB
0 1123ms
1077ms Media
audio/mpeg 2620:100:6021:15::a27d:410f
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dl.dropboxusercontent.com/s/g7l02c1h4vhv7bu/Starry%20Eyes%20-%20Cigarettes%20After%20Sex.mp3?dl=0

Requested by

Host: lestrade.w3spaces.com
URL: https://lestrade.w3spaces.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:100:6021:15::a27d:410f , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lestrade.w3spaces.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Range: bytes=0-

Response headers

content-security-policy: report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
date: Mon, 06 Nov 2023 10:48:06 GMT
x-content-type-options: nosniff
accept-encoding: identity,gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-dropbox-request-id: 8caf3572df81491380be3338f2f51650
Content-Range: bytes 0-3331485/3331486
x-dropbox-response-origin: far_remote
content-disposition: inline; filename="Starry Eyes - Cigarettes After Sex.mp3"; filename*=UTF-8''Starry%20Eyes%20-%20Cigarettes%20After%20Sex.mp3
Content-Length: 3331486
pragma: public
server: envoy
etag: 1672548463130087n
content-type: audio/mpeg
cache-control: max-age=60
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noimageindex

GET
H2

200

W95FA.otf
dl.dropboxusercontent.com/s/cn0l1yjacta4whv/
Redirect Chain

https://dl.dropbox.com/s/cn0l1yjacta4whv/W95FA.otf
https://dl.dropboxusercontent.com/s/cn0l1yjacta4whv/W95FA.otf

42 KB
43 KB

486ms
476ms

Font
application/octet-stream

2620:100:6021:15::a27d:410f
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://dl.dropboxusercontent.com/s/cn0l1yjacta4whv/W95FA.otf

Requested by

Host: lestrade.w3spaces.com
URL: https://lestrade.w3spaces.com/

Protocol

Server

2620:100:6021:15::a27d:410f , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

9e1ad53708307b2b68e06d43799b2267f6aec620dda972bc62753ad16ba50f2b

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lestrade.w3spaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
date: Mon, 06 Nov 2023 10:48:05 GMT
x-content-type-options: nosniff
accept-encoding: identity,gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-dropbox-request-id: de7ffad6b1d348f1a18bf21ef8a04f26
x-dropbox-response-origin: far_remote
content-disposition: inline; filename="W95FA.otf"; filename*=UTF-8''W95FA.otf
content-length: 43372
pragma: public
server: envoy
etag: 1645059383824856n
x-server-response-time: 365
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control: max-age=60
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noimageindex

Redirect headers

content-security-policy: sandbox
date: Mon, 06 Nov 2023 10:48:05 GMT
content-encoding: gzip
accept-encoding: identity,gzip
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://dl.dropboxusercontent.com/s/cn0l1yjacta4whv/W95FA.otf
access-control-expose-headers: Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
cache-control: no-cache
x-dropbox-response-origin: far_remote
x-robots-tag: noindex, nofollow, noimageindex
x-dropbox-request-id: 28b705c713994c28955039c74a63ce9b

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85c2dfac4bb8a8bc3e066d54a0d4da611f0ca402f8804e81454f183a3f979a09

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 image01.png
kaeya.crd.co/assets/images/ 329 KB
330 KB 506ms
506ms Image
image/png 104.18.37.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kaeya.crd.co/assets/images/image01.png?v=7f8c71db
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.37.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 116ad12889389a0cca07439706d8d5c6eea83e806bc39fb5b1f5d0e43a8a6d1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lestrade.w3spaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 10:48:07 GMT
cf-cache-status: MISS
last-modified: Sat, 04 Feb 2023 22:20:46 GMT
server: cloudflare
etag: "52566-5f3e7359deb10"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 821cc322bd61917c-FRA
content-length: 337254
expires: Mon, 13 Nov 2023 10:48:07 GMT

GET
H2 200 image04.png
kaeya.crd.co/assets/images/ 610 KB
611 KB 529ms
528ms Image
image/png 104.18.37.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kaeya.crd.co/assets/images/image04.png?v=7f8c71db
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.37.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca4c2327becba9437a1502db2641f2c10691bc4e6419a0a7fcdfcfeb59e26587

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lestrade.w3spaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 10:48:07 GMT
cf-cache-status: MISS
last-modified: Thu, 02 Feb 2023 22:26:23 GMT
server: cloudflare
etag: "98841-5f3bf0e0c23c8"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 821cc322bd62917c-FRA
content-length: 624705
expires: Mon, 13 Nov 2023 10:48:07 GMT

GET
H2 200 image05.png
kaeya.crd.co/assets/images/ 293 KB
294 KB 531ms
531ms Image
image/png 104.18.37.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kaeya.crd.co/assets/images/image05.png?v=7f8c71db
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.37.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799da3f63421248f58ecc904aa7e390081f5e9ce2978ec15d57e82879d1c36d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lestrade.w3spaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 10:48:07 GMT
cf-cache-status: MISS
last-modified: Thu, 02 Feb 2023 19:25:16 GMT
server: cloudflare
etag: "4956e-5f3bc864bd070"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 821cc322bd63917c-FRA
content-length: 300398
expires: Mon, 13 Nov 2023 10:48:07 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.discordapp.com/	1970-01-20 16:01:09	Name: __cf_bm Value: fCAUTDCPxjG7hYe6sXReWWe00RgaeCJlVKiy9uIGJzY-1699267685-0-AUVtHfxqkN3oQ1LY0Eb54jVIuR7xNGb7g/TiemaLtgOs2ugk4A9eB8TsW7kSKybB7hRnLDoZWsHhImGPKoXKsB4=
.discordapp.com/	1969-12-31 23:59:59	Name: _cfuvid Value: TTAOSW0KeMoB5OuuBt6vTpy0issXp8JLCyTBxqsFMjw-1699267685589-0-604800000
.dropboxusercontent.com/	1969-12-31 23:59:59	Name: uc_session Value: A7xxEEittT37ahfoXbLjmTVwhD0Biss23Vf4cPc56VWiCg99f5sKuCQtwh0CiKHc

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kit.fontawesome.com/8119dfca45.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://dl.dropboxusercontent.com/s/j8ky6jfd09v7bc0/betterfly.ttf Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.discordapp.com
cdn.glitch.me
dl.dropbox.com
dl.dropboxusercontent.com
fonts.googleapis.com
fonts.gstatic.com
kaeya.crd.co
kit.fontawesome.com
lestrade.w3spaces.com
static.tumblr.com
www.dl.dropboxusercontent.com
104.18.37.69
162.159.129.233
18.66.97.45
192.0.77.40
2600:9000:2156:8000:b:df74:43c0:93a1
2600:9000:2156:fe00:b:df74:43c0:93a1
2606:4700:4400::6812:2844
2620:100:6021:15::a27d:410f
2a00:1450:4001:80f::200a
2a00:1450:4001:810::200a
2a00:1450:4001:811::2003
0eab2567c6d3a6e6742cd7104c91bf0c178d0796a6e766a4a434c4c2e2d14597
116ad12889389a0cca07439706d8d5c6eea83e806bc39fb5b1f5d0e43a8a6d1a
17f15e053d27f97fcb19e202fc1cb93f934c7dff73ff245e9e06358da9bf9ab6
19bcd591b90b35bd6e42c7eae795906cf308f5831b04dbc6d88bfee0fb475011
3218d45470b6761aeebdae98b901da3cf42abbb0188a3163a04b100767267ac8
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
56cfa01dc20893682ff8bde143d9c0af697ab1f6ad8ee0383e8b099fceb4d4f5
69e9ad3f44afcd18d783d1a89f5a08873521b478f4a822acd1a26fc8d4ea4f92
799da3f63421248f58ecc904aa7e390081f5e9ce2978ec15d57e82879d1c36d4
7a07bb123e951b2619c292161da7f970a5f2a5424cc36648b8fbcdba35f56939
7ea8b887893e6ee4a5dd5f35c63aaaf47e16f6f06ce77e3a49cc02ee344a9d07
806491cd415cc0a0377ca4bce8e3479ac9e1659ab98f47cb4791e83b23dc1a84
85c2dfac4bb8a8bc3e066d54a0d4da611f0ca402f8804e81454f183a3f979a09
9e1ad53708307b2b68e06d43799b2267f6aec620dda972bc62753ad16ba50f2b
a1f17ee375fa8802ca44af6a84ef3c91d68872158bb6f6cf2ae78485a077111f
af35ec69cfdddd1cbee3d7684cd20677a0a411546fe4e933aa4092da3bdc31fd
afd616bf0d831ed321a074f5b0cb4b756cd7d997c20c83be30b61f2742a1a833
ca4c2327becba9437a1502db2641f2c10691bc4e6419a0a7fcdfcfeb59e26587
d42a9d28c87bc063f47f0fbb8e20ac633b954440e3ca3852e8758d111d805b18
e3ac527cd57cc7de7204d4a7c5bd7a2bc8407ed8bbab28c914e216312d1896d9
e6c0070107e7122dd9641f81bac5b538a935b4414f7bf8b3d44e74ec0a83ae37
ed098a4cf6479a7f07dd351227274bdf5919842dca54f6329aba9b9ae26aa34e
ef861bc41a4e0418ed78fd7fe45edfe4b764666a9fe1ebdd84d081c9cc3ffce9

lestrade.w3spaces.com Open in urlscan Pro 2600:9000:2156:8000:b:df74:43c0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

86 %HTTPS

64 %IPv6

10 Domains

12 Subdomains

11 IPs

3 Countries

5226 kBTransfer

5608 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

lestrade.w3spaces.com Open in urlscan Pro
2600:9000:2156:8000:b:df74:43c0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

86 %
HTTPS

64 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

5226 kB
Transfer

5608 kB
Size

3
Cookies

22 HTTP transactions
5 data transactions