urlscan.io logo urlscan.io
SecurityTrails logo

globalrestructuringreview.com Open in urlscan Pro
2606:4700::6812:1458  Public Scan

Go To Rescan Add Verdict Report
URL: https://globalrestructuringreview.com/article/foreign-banks-and-investors-accused-of-aiding-ftx-fraud-in-miami-suit
Submission Tags: falconsandbox
Submission: On February 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 25 HTTP transactions. The main IP is 2606:4700::6812:1458, located in United States and belongs to CLOUDFLARENET, US. The main domain is globalrestructuringreview.com. The Cisco Umbrella rank of the primary domain is 768061.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 14th 2022. Valid for: a year.
This is the only time globalrestructuringreview.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    2606:4700::6812:1458 (United States)

ASN13335 (CLOUDFLARENET, US)
globalrestructuringreview.com
6    2606:4700:4400::6812:2894 (United States)

ASN13335 (CLOUDFLARENET, US)
cookie-cdn.cookiepro.com
1    2600:9000:21f3:ea00:19:5eba:c5c0:21 (United States)

ASN16509 (AMAZON-02, US)
d2qu5xmcgmzxnb.cloudfront.net
2    2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    130.211.29.114 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 114.29.211.130.bc.googleusercontent.com
cdn.perfdrive.com
3    35.241.15.240 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 240.15.241.35.bc.googleusercontent.com
cas.avalon.perfdrive.com
Apex Domain
Subdomains		 Transfer
9 globalrestructuringreview.com
globalrestructuringreview.com — Cisco Umbrella Rank: 768061
456 KB
6 cookiepro.com
cookie-cdn.cookiepro.com — Cisco Umbrella Rank: 6119
110 KB
4 perfdrive.com
cdn.perfdrive.com — Cisco Umbrella Rank: 18255
cas.avalon.perfdrive.com — Cisco Umbrella Rank: 8188
14 KB
3 gstatic.com
fonts.gstatic.com
79 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
2 KB
1 cloudfront.net
d2qu5xmcgmzxnb.cloudfront.net
48 KB
25 6
Domain Requested by
9 globalrestructuringreview.com globalrestructuringreview.com
6 cookie-cdn.cookiepro.com globalrestructuringreview.com
cookie-cdn.cookiepro.com
3 cas.avalon.perfdrive.com cdn.perfdrive.com
3 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com globalrestructuringreview.com
1 cdn.perfdrive.com globalrestructuringreview.com
1 d2qu5xmcgmzxnb.cloudfront.net globalrestructuringreview.com
25 7
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-14 -
2023-04-14		 a year crt.sh
cookiepro.com
Cloudflare Inc ECC CA-3		 2022-04-19 -
2023-04-19		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2022-09-20 -
2023-09-26		 a year crt.sh
cas.avalon.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2022-08-02 -
2023-08-05		 a year crt.sh

This page contains 2 frames:

Primary Page: https://globalrestructuringreview.com/article/foreign-banks-and-investors-accused-of-aiding-ftx-fraud-in-miami-suit
Frame ID: F62313554B6CC8D205C1ABE030B96778
Requests: 22 HTTP requests in this frame

Frame: https://globalrestructuringreview.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677326400
Frame ID: 2F1912CC132D89E75DCB770A32F29BD8
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Foreign banks and investors accused of “aiding” FTX fraud in Miami suit - Global Restructuring ReviewBack ButtonFilter Button

Detected technologies

Overall confidence: 100%
Detected patterns
  • otSDKStub\.js

Page Statistics

25
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

709 kB
Transfer

2443 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request foreign-banks-and-investors-accused-of-aiding-ftx-fraud-in-miami-suit
globalrestructuringreview.com/article/ 		71 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://globalrestructuringreview.com/article/foreign-banks-and-investors-accused-of-aiding-ftx-fraud-in-miami-suit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1458 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f94b07b7d8d96c6e544d29d36de5163f80ce3cc11b3d1a3f5444d93aef5df68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
79f14373cd129189-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 25 Feb 2023 14:52:14 GMT
server
cloudflare
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
grr.css
globalrestructuringreview.com/styles/ 		502 KB
75 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://globalrestructuringreview.com/styles/grr.css?id=091031ccf0e7b219e2c8f668bdb5fa8f
Requested by
Host: globalrestructuringreview.com
URL: https://globalrestructuringreview.com/article/foreign-banks-and-investors-accused-of-aiding-ftx-fraud-in-miami-suit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1458 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
024d79f6b90ac7915f8de7405aa97b9d6ef6e8ff543c3f8e39311234d15cdfa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalrestructuringreview.com/article/foreign-banks-and-investors-accused-of-aiding-ftx-fraud-in-miami-suit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 25 Feb 2023 14:52:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 21 Feb 2023 09:47:50 GMT
server
cloudflare
age
2595
etag
W/"7d95e-5f532ac36dd80"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
79f1437c0b209189-FRA
x-xss-protection
1; mode=block
expires
Sat, 25 Feb 2023 18:52:14 GMT
otSDKStub.js
cookie-cdn.cookiepro.com/scripttemplates/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Requested by
Host: globalrestructuringreview.com
URL: https://globalrestructuringreview.com/article/foreign-banks-and-investors-accused-of-aiding-ftx-fraud-in-miami-suit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da9a77e15c8cbf2596563d3bc8020cc9e547d2b99976a0b77f5eeadf1c492feb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalrestructuringreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 25 Feb 2023 14:52:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
Ewgd1d1Vp0nFNYpIMiFTtA==
age
19943
x-ms-lease-status
unlocked
last-modified
Fri, 24 Feb 2023 02:32:33 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
34f2cf75-a01e-00b2-2a31-48c73c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
79f1437c5fcb9107-FRA
expires
Sun, 26 Feb 2023 14:52:14 GMT
grr-logo.svg
globalrestructuringreview.com/images/logos/ 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://globalrestructuringreview.com/images/logos/grr-logo.svg
Requested by
Host: globalrestructuringreview.com
URL: https://globalrestructuringreview.com/article/foreign-banks-and-investors-accused-of-aiding-ftx-fraud-in-miami-suit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1458 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d687e03be230d7bd809829e61c0f23e330ac43989a20b2a16d8f87d774359462
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalrestructuringreview.com/article/foreign-banks-and-investors-accused-of-aiding-ftx-fraud-in-miami-suit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 25 Feb 2023 14:52:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 17 Nov 2022 10:10:04 GMT
server
cloudflare
age
2595
etag
W/"234c-5eda7caf61700"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
79f1437d3d389189-FRA
x-xss-protection
1; mode=block
expires
Sat, 25 Feb 2023 18:52:14 GMT
grr-mobile-logo.svg
globalrestructuringreview.com/images/logos/ 		2 KB
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://globalrestructuringreview.com/images/logos/grr-mobile-logo.svg
Requested by
Host: globalrestructuringreview.com
URL: https://globalrestructuringreview.com/article/foreign-banks-and-investors-accused-of-aiding-ftx-fraud-in-miami-suit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1458 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59763012c572325becb8f5ec9ae8def7dc7b9908167523c53f7d265bfe1c2d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalrestructuringreview.com/article/foreign-banks-and-investors-accused-of-aiding-ftx-fraud-in-miami-suit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 25 Feb 2023 14:52:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 17 Nov 2022 10:10:04 GMT
server
cloudflare
age
2595
etag
W/"740-5eda7caf61700"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
79f1437d4d3e9189-FRA
x-xss-protection
1; mode=block
expires
Sat, 25 Feb 2023 18:52:14 GMT
ewoJICAgICAgICAgICAgICAgICJidWNrZXQiOiAiZmlsZXMubGJyLmNsb3VkIiwKCSAgICAgICAgICAgICAgICAia2V5IjogInB1YmxpYy8yMDIzLTAxL3NodXR0ZXJzdG9ja18yMTE3NDQ3NDIwLmpwZyIsCgkgICAgICAgICAgICAgICAgImVkaXRzIjogewoJI...
d2qu5xmcgmzxnb.cloudfront.net/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2qu5xmcgmzxnb.cloudfront.net/ewoJICAgICAgICAgICAgICAgICJidWNrZXQiOiAiZmlsZXMubGJyLmNsb3VkIiwKCSAgICAgICAgICAgICAgICAia2V5IjogInB1YmxpYy8yMDIzLTAxL3NodXR0ZXJzdG9ja18yMTE3NDQ3NDIwLmpwZyIsCgkgICAgICAgICAgICAgICAgImVkaXRzIjogewoJICAgICAgICAgICAgICAgICAgInJlc2l6ZSI6IHsKCSAgICAgICAgICAgICAgICAgICAgIndpZHRoIjogOTQ1LAoJICAgICAgICAgICAgICAgICAgICAiaGVpZ2h0IjogNTI2LAoJICAgICAgICAgICAgICAgICAgICAiZml0IjogImNvdmVyIgoJICAgICAgICAgICAgICAgICAgfQoJICAgICAgICAgICAgICAgIH0KCSAgICAgICAgICAgIH0=
Requested by
Host: globalrestructuringreview.com
URL: https://globalrestructuringreview.com/article/foreign-banks-and-investors-accused-of-aiding-ftx-fraud-in-miami-suit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ea00:19:5eba:c5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6e830f9ddde2f45e93422bb3015b70bee366f29768c09a5f12c323d5c830642e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalrestructuringreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 18:06:21 GMT
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
161153
x-amzn-requestid
2494c42e-d34e-4c09-8acd-b08cf11c37ce
x-cache
Hit from cloudfront
x-amz-apigw-id
AzesqFMdrPEFe5g=
content-length
48403
last-modified
Fri, 20 Jan 2023 18:25:33 GMT
x-amzn-trace-id
Root=1-63f7ab1d-5bbf508e6f71bb54151fcdd0
access-control-allow-methods
GET
content-type
image/jpeg
cache-control
max-age=31536000,public
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
LwC48iBCQydr64vQuNupbZ0aKlDexnXl6lMbmQziU4lNdXeY1f_Y3w==
email-decode.min.js
globalrestructuringreview.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
814 B 		Script
General
Check archive.org
Download Go to
Full URL
https://globalrestructuringreview.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: globalrestructuringreview.com
URL: https://globalrestructuringreview.com/article/foreign-banks-and-investors-accused-of-aiding-ftx-fraud-in-miami-suit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1458 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalrestructuringreview.com/article/foreign-banks-and-investors-accused-of-aiding-ftx-fraud-in-miami-suit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 25 Feb 2023 14:52:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 22 Feb 2023 10:50:59 GMT
server
cloudflare
etag
W/"63f5f393-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
79f1437c5bb19189-FRA
expires
Mon, 27 Feb 2023 14:52:14 GMT
grr.js
globalrestructuringreview.com/scripts/ 		1 MB
339 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://globalrestructuringreview.com/scripts/grr.js?id=be28482e40a4b9c142073b0d15a33a52
Requested by
Host: globalrestructuringreview.com
URL: https://globalrestructuringreview.com/article/foreign-banks-and-investors-accused-of-aiding-ftx-fraud-in-miami-suit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1458 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa7415a6c9b45462cbc49aa911f1860a33a98e6d502422816a860df6f7fa4519
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalrestructuringreview.com/article/foreign-banks-and-investors-accused-of-aiding-ftx-fraud-in-miami-suit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 25 Feb 2023 14:52:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 21 Feb 2023 09:47:50 GMT
server
cloudflare
age
2595
etag
W/"11bd7d-5f532ac36dd80"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
79f1437d3d379189-FRA
x-xss-protection
1; mode=block
expires
Sat, 25 Feb 2023 18:52:14 GMT
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,400i,600,600i,700,700i,900,900i&display=swap
Requested by
Host: globalrestructuringreview.com
URL: https://globalrestructuringreview.com/styles/grr.css?id=091031ccf0e7b219e2c8f668bdb5fa8f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
66283f21993d835944b48a06e4a6345e64969dc42463faba348d2f30e200c082
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalrestructuringreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 25 Feb 2023 14:52:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 25 Feb 2023 14:52:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 25 Feb 2023 14:52:14 GMT
css
fonts.googleapis.com/ 		5 KB
708 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito+Sans:400,400i,700&display=swap
Requested by
Host: globalrestructuringreview.com
URL: https://globalrestructuringreview.com/styles/grr.css?id=091031ccf0e7b219e2c8f668bdb5fa8f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3a8c68fc98f7bef1d4024f08f9db74cc67848ae8849f65e107a21156bf8f66c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalrestructuringreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 25 Feb 2023 14:52:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 25 Feb 2023 14:52:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 25 Feb 2023 14:52:14 GMT
37ddd241-5ed8-4c42-a227-9d58ff606044.json
cookie-cdn.cookiepro.com/consent/37ddd241-5ed8-4c42-a227-9d58ff606044/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/consent/37ddd241-5ed8-4c42-a227-9d58ff606044/37ddd241-5ed8-4c42-a227-9d58ff606044.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bce29a6c88cfbe8484d832537166f77d9dec80bcd0a60ddc07a6707914c68f58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalrestructuringreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 25 Feb 2023 14:52:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
j65Fc3+xCEO+zivl1AdpkQ==
age
21265
x-ms-lease-status
unlocked
last-modified
Thu, 11 Feb 2021 12:24:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b7efb44c-b01e-00ae-3ff7-47955c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
79f1437d58232bee-FRA
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,600,600i,700,700i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://globalrestructuringreview.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:04:54 GMT
x-content-type-options
nosniff
age
110840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Feb 2024 08:04:54 GMT
pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,400i,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://globalrestructuringreview.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 09:49:14 GMT
x-content-type-options
nosniff
age
104580
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17116
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:31:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Feb 2024 09:49:14 GMT
JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v25/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,600,600i,700,700i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://globalrestructuringreview.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:00:09 GMT
x-content-type-options
nosniff
age
168725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31760
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:54:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 16:00:09 GMT
otBannerSdk.js
cookie-cdn.cookiepro.com/scripttemplates/6.13.0/ 		366 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/6.13.0/otBannerSdk.js
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
078981fc821f3cf39ab491128cca5f9e9f9aeda1987a4baf81ce5ddc3bbe860c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalrestructuringreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 25 Feb 2023 14:52:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
pY8Rr438h7Vb2adEFDW1VA==
age
19939
x-ms-lease-status
unlocked
last-modified
Thu, 28 Jan 2021 07:32:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a343c80c-c01e-0032-4e67-47383a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
79f1437da9579107-FRA
expires
Sun, 26 Feb 2023 14:52:14 GMT
aperture.js
cdn.perfdrive.com/aperture/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.perfdrive.com/aperture/aperture.js
Requested by
Host: globalrestructuringreview.com
URL: https://globalrestructuringreview.com/article/foreign-banks-and-investors-accused-of-aiding-ftx-fraud-in-miami-suit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.29.114 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
114.29.211.130.bc.googleusercontent.com
Software
nginx/1.22.1 /
Resource Hash
1ef89c6057c63e1fd2bda3054817b95cb244d353dc1dafd2736e0ad49ca97924

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalrestructuringreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 25 Feb 2023 14:06:08 GMT
content-encoding
gzip
via
1.1 google
last-modified
Thu, 05 Jan 2023 11:09:21 GMT
server
nginx/1.22.1
age
2766
etag
W/"63b6afe1-ae3a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13453
invisible.js
globalrestructuringreview.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 2F19 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://globalrestructuringreview.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677326400
Requested by
Host: globalrestructuringreview.com
URL: https://globalrestructuringreview.com/article/foreign-banks-and-investors-accused-of-aiding-ftx-fraud-in-miami-suit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1458 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74891877f5f2cf1082af1adf8945a92eb890ee215e5a98493855658a7450c38e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 25 Feb 2023 14:52:14 GMT
content-encoding
gzip
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
79f1437f284b9189-FRA
en.json
cookie-cdn.cookiepro.com/consent/37ddd241-5ed8-4c42-a227-9d58ff606044/43de76d3-2947-46ea-be10-59e08ffffb30/ 		29 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/consent/37ddd241-5ed8-4c42-a227-9d58ff606044/43de76d3-2947-46ea-be10-59e08ffffb30/en.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e378fdaed76a78c516abaf981c3433cabcf082ee5455a03e741eff2f32994cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalrestructuringreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 25 Feb 2023 14:52:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
tCsF82IjDLkw5xfUUMNaXA==
age
21261
x-ms-lease-status
unlocked
last-modified
Thu, 11 Feb 2021 12:24:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
709c98a7-e01e-0057-2968-47967e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
79f1437f2b7b2bee-FRA
jsdata
cas.avalon.perfdrive.com/ 		228 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash
d160ed99f97803517c71ff382954c3119e4fc6953cd291375b6aababac62db00

Request headers

Referer
https://globalrestructuringreview.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
0ms
date
Sat, 25 Feb 2023 14:52:14 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
228
content-type
text/plain; charset=UTF-8
jsdata
cas.avalon.perfdrive.com/ 		211 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash
97a084db02f464f6405ff4905840da75f735bb037077a6b4579f9c03031bd881

Request headers

Referer
https://globalrestructuringreview.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
0ms
date
Sat, 25 Feb 2023 14:52:14 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
211
content-type
text/plain; charset=UTF-8
jsdata
cas.avalon.perfdrive.com/ 		211 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash
0996ca51cd06230d95c863cc0481c78b57e40be8e757b1fb9eb51ba76dfa57dd

Request headers

Referer
https://globalrestructuringreview.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
10ms
date
Sat, 25 Feb 2023 14:52:14 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
211
content-type
text/plain; charset=UTF-8
otFlat.json
cookie-cdn.cookiepro.com/scripttemplates/6.13.0/assets/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/6.13.0/assets/otFlat.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8388718f670ddb4c773f542fef40257fd020ae066966c2ca33b0814eab04a74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalrestructuringreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 25 Feb 2023 14:52:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
/ODZFpGAnQ0xgLGN+/xOCg==
age
21261
x-ms-lease-status
unlocked
last-modified
Thu, 28 Jan 2021 07:31:51 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
5e0dbeb0-e01e-00b3-3268-4798e0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
79f1437ffcc12bee-FRA
expires
Sun, 26 Feb 2023 14:52:14 GMT
otPcTab.json
cookie-cdn.cookiepro.com/scripttemplates/6.13.0/assets/v2/ 		45 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/6.13.0/assets/v2/otPcTab.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2894 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
480889002777fd46e82ea77533779500bc7f363e9a30abcf282392ecf58780e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalrestructuringreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 25 Feb 2023 14:52:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
content-md5
tOIVP7aQMx8KuQM3FUQnFw==
age
21261
x-ms-lease-status
unlocked
last-modified
Thu, 28 Jan 2021 07:31:55 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
3729cb7a-901e-0062-5868-47fa6a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
79f1437ffcc52bee-FRA
expires
Sun, 26 Feb 2023 14:52:14 GMT
pica.js
globalrestructuringreview.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 2F19 		21 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://globalrestructuringreview.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1458 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fbfae4d12be3b04f70c5eed8710d98d4f6d511eef87af0becfbbf3973c731e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 25 Feb 2023 14:52:14 GMT
content-encoding
gzip
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
79f1437ff9ec9189-FRA
79f14373cd129189
globalrestructuringreview.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 2F19 		2 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://globalrestructuringreview.com/cdn-cgi/challenge-platform/h/g/cv/result/79f14373cd129189
Requested by
Host: globalrestructuringreview.com
URL: https://globalrestructuringreview.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677326400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1458 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 25 Feb 2023 14:52:15 GMT
content-encoding
gzip
server
cloudflare
cf-ray
79f143828e729189-FRA
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| OneTrustStub function| OptanonWrapper object| vueMixins string| baseUrl string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| webpackChunk object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| FontAwesomeConfig object| ___FONT_AWESOME___ function| vueRecaptchaApiLoaded function| _ function| Popper function| jQuery function| $ function| axios function| Vue function| openSharePopup object| SSJSConnectorObj object| ssTimeLogs object| BrowserStyle string| j function| ssJSActionTaker function| ssJSConnWriteCookies number| __sstemp object| ssEventCollectorFunctions string| eventName object| Optanon object| OneTrust

9 Cookies

Domain/Path Name / Value
globalrestructuringreview.com/ Name: globalrestructuringreviewcom_session
Value: eyJpdiI6IkEvM2QrNWZnellRWXRjQTRLUkN1TUE9PSIsInZhbHVlIjoiYTBLTm9ZcnBLYndsTE1OTjUzdVBMUVdhbDZydTFnc3FVRHJITkVCc2s2c0JNRy9vUnVUcXVZMW1Zb05zL0Y3WnFLTDMvTjNHZ1ZYYnhTWlNpZ00rbFRPRlFMQkxpYlcyVFNtbU9rcExXb2Jkckt4b0JBZmIyV0RML0Y4TEhvME0iLCJtYWMiOiI1NjE5ODRiZjIwOTQ0MWZiNDY5ZmE0NDM5OTA2NDc2NWE1ZTcyYzE3NGM3YTJhY2EzOWQ3MzFiZmM3OTUxN2MxIiwidGFnIjoiIn0%3D
.globalrestructuringreview.com/ Name: __ssds
Value: 2
.globalrestructuringreview.com/ Name: __ssuzjsr2
Value: a9be0cd8e
.globalrestructuringreview.com/ Name: __uzmaj2
Value: 697ae93c-2bf8-4618-9bc5-ebdc022d7bca
.globalrestructuringreview.com/ Name: __uzmbj2
Value: 1677336734
.globalrestructuringreview.com/ Name: __uzmcj2
Value: 581291048826
.globalrestructuringreview.com/ Name: __uzmdj2
Value: 1677336734
.globalrestructuringreview.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Sat+Feb+25+2023+14%3A52%3A14+GMT%2B0000+(GMT)&version=6.13.0&hosts=&consentId=2df43fc9-50b5-432e-9266-5ef15191a60d&interactionCount=0&landingPath=https%3A%2F%2Fglobalrestructuringreview.com%2Farticle%2Fforeign-banks-and-investors-accused-of-aiding-ftx-fraud-in-miami-suit&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.globalrestructuringreview.com/ Name: __cf_bm
Value: 39VPVFQFTMM4e2pfM7KSvpUE9DNzhlU0x0mdiYSSw6g-1677336735-0-AeDx7H2vt4lsLjVXncrLDxE6m+3F/oBe+gDQ2VeYD7hTPpvhsEgMJgHg1FVkim0KAJGxAFZhZi4ZVzc5p76jmvMbXJmMSghj3/tc45hKjPVE8opIbWAACKTn0utdFC4FUiFWW/gY4hPTOxEFYqCnAZEohiqezWKgAMWNmLBiT97owUFRRZbTMjTIX90qrgP1kg==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cas.avalon.perfdrive.com
cdn.perfdrive.com
cookie-cdn.cookiepro.com
d2qu5xmcgmzxnb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
globalrestructuringreview.com
130.211.29.114
2600:9000:21f3:ea00:19:5eba:c5c0:21
2606:4700:4400::6812:2894
2606:4700::6812:1458
2a00:1450:4001:831::2003
2a00:1450:400d:80c::200a
35.241.15.240
024d79f6b90ac7915f8de7405aa97b9d6ef6e8ff543c3f8e39311234d15cdfa8
078981fc821f3cf39ab491128cca5f9e9f9aeda1987a4baf81ce5ddc3bbe860c
0996ca51cd06230d95c863cc0481c78b57e40be8e757b1fb9eb51ba76dfa57dd
0fbfae4d12be3b04f70c5eed8710d98d4f6d511eef87af0becfbbf3973c731e4
1ef89c6057c63e1fd2bda3054817b95cb244d353dc1dafd2736e0ad49ca97924
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
480889002777fd46e82ea77533779500bc7f363e9a30abcf282392ecf58780e5
59763012c572325becb8f5ec9ae8def7dc7b9908167523c53f7d265bfe1c2d48
66283f21993d835944b48a06e4a6345e64969dc42463faba348d2f30e200c082
6e830f9ddde2f45e93422bb3015b70bee366f29768c09a5f12c323d5c830642e
74891877f5f2cf1082af1adf8945a92eb890ee215e5a98493855658a7450c38e
8e378fdaed76a78c516abaf981c3433cabcf082ee5455a03e741eff2f32994cc
97a084db02f464f6405ff4905840da75f735bb037077a6b4579f9c03031bd881
9f94b07b7d8d96c6e544d29d36de5163f80ce3cc11b3d1a3f5444d93aef5df68
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b8388718f670ddb4c773f542fef40257fd020ae066966c2ca33b0814eab04a74
bce29a6c88cfbe8484d832537166f77d9dec80bcd0a60ddc07a6707914c68f58
d160ed99f97803517c71ff382954c3119e4fc6953cd291375b6aababac62db00
d687e03be230d7bd809829e61c0f23e330ac43989a20b2a16d8f87d774359462
da9a77e15c8cbf2596563d3bc8020cc9e547d2b99976a0b77f5eeadf1c492feb
e3a8c68fc98f7bef1d4024f08f9db74cc67848ae8849f65e107a21156bf8f66c
fa7415a6c9b45462cbc49aa911f1860a33a98e6d502422816a860df6f7fa4519