urlscan.io logo urlscan.io
SecurityTrails logo

downloads.littlebinsforlittlehands.com Open in urlscan Pro
34.196.123.147  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.convertkit-mail.com/27ur29qrn5cohvgze8ph3/48hl069oseh04k37lmsx/aHR0cHM6Ly9kb3dubG9hZHMubGl0dGxlYmluc2ZvcmxpdHRsZWhhb...
Effective URL: https://downloads.littlebinsforlittlehands.com/sf/0c2249d8
Submission: On October 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 13 domains to perform 32 HTTP transactions. The main IP is 34.196.123.147, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is downloads.littlebinsforlittlehands.com. The Cisco Umbrella rank of the primary domain is 564994.
TLS certificate: Issued by R3 on October 1st 2022. Valid for: 3 months.
This is the only time downloads.littlebinsforlittlehands.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    18.220.226.84 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: el2.convertkit-mail.com
click.convertkit-mail.com
3    34.196.123.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-123-147.compute-1.amazonaws.com
downloads.littlebinsforlittlehands.com
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2600:9000:20eb:8600:f:c772:f080:93a1 (United States)

ASN16509 (AMAZON-02, US)
d308fhmgxc52gy.cloudfront.net
1    2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
4    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    54.208.71.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-71-159.compute-1.amazonaws.com
api.bucket.io
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2600:9000:21f3:f000:8:19e3:a500:21 (United States)

ASN16509 (AMAZON-02, US)
d1wssizvfpltp0.cloudfront.net
Apex Domain
Subdomains		 Transfer
6 cloudfront.net
d308fhmgxc52gy.cloudfront.net
d1wssizvfpltp0.cloudfront.net
476 KB
5 bucket.io
api.bucket.io
29 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
199 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
237 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
3 littlebinsforlittlehands.com
downloads.littlebinsforlittlehands.com — Cisco Umbrella Rank: 564994
27 KB
2 gstatic.com
fonts.gstatic.com
67 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
2 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
454 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
42 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
70 KB
1 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4078
22 KB
1 convertkit-mail.com
click.convertkit-mail.com — Cisco Umbrella Rank: 68942
555 B
32 13
Domain Requested by
5 api.bucket.io d308fhmgxc52gy.cloudfront.net
4 connect.facebook.net downloads.littlebinsforlittlehands.com
connect.facebook.net
4 d308fhmgxc52gy.cloudfront.net downloads.littlebinsforlittlehands.com
3 www.facebook.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 downloads.littlebinsforlittlehands.com downloads.littlebinsforlittlehands.com
2 d1wssizvfpltp0.cloudfront.net
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com downloads.littlebinsforlittlehands.com
d308fhmgxc52gy.cloudfront.net
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com d308fhmgxc52gy.cloudfront.net
1 pagead2.googlesyndication.com downloads.littlebinsforlittlehands.com
1 browser.sentry-cdn.com downloads.littlebinsforlittlehands.com
1 click.convertkit-mail.com 1 redirects
32 14

This site contains no links.

Subject Issuer Validity Valid
downloads.littlebinsforlittlehands.com
R3		 2022-10-01 -
2022-12-30		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-28 -
2023-10-30		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-27 -
2022-10-25		 3 months crt.sh
*.bucket.io
Amazon		 2022-01-30 -
2023-02-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://downloads.littlebinsforlittlehands.com/sf/0c2249d8
Frame ID: 3795EDE34214B79A22A87EC06A818827
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Halloween Tetris Puzzle

Page URL History Show full URLs

  1. https://click.convertkit-mail.com/27ur29qrn5cohvgze8ph3/48hl069oseh04k37lmsx/aHR0cHM6Ly9kb3dubG9hZHMubGl0dGxlY... HTTP 302
    https://downloads.littlebinsforlittlehands.com/sf/0c2249d8 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

32
Requests

100 %
HTTPS

79 %
IPv6

13
Domains

14
Subdomains

13
IPs

3
Countries

955 kB
Transfer

2546 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.convertkit-mail.com/27ur29qrn5cohvgze8ph3/48hl069oseh04k37lmsx/aHR0cHM6Ly9kb3dubG9hZHMubGl0dGxlYmluc2ZvcmxpdHRsZWhhbmRzLmNvbS9zZi8wYzIyNDlkOA== HTTP 302
    https://downloads.littlebinsforlittlehands.com/sf/0c2249d8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 0c2249d8
downloads.littlebinsforlittlehands.com/sf/
Redirect Chain
  • https://click.convertkit-mail.com/27ur29qrn5cohvgze8ph3/48hl069oseh04k37lmsx/aHR0cHM6Ly9kb3dubG9hZHMubGl0dGxlYmluc2ZvcmxpdHRsZWhhbmRzLmNvbS9zZi8wYzIyNDlkOA==
  • https://downloads.littlebinsforlittlehands.com/sf/0c2249d8
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://downloads.littlebinsforlittlehands.com/sf/0c2249d8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.196.123.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-123-147.compute-1.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
16c0bd547d604b977dd642bd6d97269d8ab23703735dfa08faa98a26531aec33

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 17 Oct 2022 17:15:40 GMT
Last-Modified
Sat, 13 Feb 2021 10:04:55 GMT
Server
nginx/1.4.6 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Mon, 17 Oct 2022 17:15:39 GMT
Location
https://downloads.littlebinsforlittlehands.com/sf/0c2249d8
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
ca0eecbf-df0d-4908-8f45-7173118924f4
X-Runtime
0.020823
X-XSS-Protection
1; mode=block
icon
fonts.googleapis.com/ 		569 B
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: downloads.littlebinsforlittlehands.com
URL: https://downloads.littlebinsforlittlehands.com/sf/0c2249d8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downloads.littlebinsforlittlehands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Oct 2022 17:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 17:15:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Oct 2022 17:15:40 GMT
lib-2b31e73a50.css
d308fhmgxc52gy.cloudfront.net/style/ 		111 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d308fhmgxc52gy.cloudfront.net/style/lib-2b31e73a50.css
Requested by
Host: downloads.littlebinsforlittlehands.com
URL: https://downloads.littlebinsforlittlehands.com/sf/0c2249d8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8600:f:c772:f080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
688bb8107c7846f1ef4a06a367d15dd5a62db87b1ba6269d78125c2778b02ab1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downloads.littlebinsforlittlehands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 03:50:46 GMT
Content-Encoding
gzip
Via
1.1 24c299c0a6423c6f96984a85fb014108.cloudfront.net (CloudFront)
Last-Modified
Sat, 13 Feb 2021 10:04:55 GMT
Server
nginx/1.4.6 (Ubuntu)
X-Amz-Cf-Pop
FRA2-C1
Age
48618
ETag
W/"6027a447-1ba24"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
0k5baUfue-OpNr6jmoZOBrbUaBDyI5_MTwoRkbKNbtzztyokIyUo3A==
app-9fab0e11a2.css
d308fhmgxc52gy.cloudfront.net/style/ 		89 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d308fhmgxc52gy.cloudfront.net/style/app-9fab0e11a2.css
Requested by
Host: downloads.littlebinsforlittlehands.com
URL: https://downloads.littlebinsforlittlehands.com/sf/0c2249d8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8600:f:c772:f080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
053af57ac3cb099c90a8da68ea8bb911144e0797e4e3aa834cfa7c15e4d0f757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downloads.littlebinsforlittlehands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 02:20:39 GMT
Content-Encoding
gzip
Via
1.1 24c299c0a6423c6f96984a85fb014108.cloudfront.net (CloudFront)
Last-Modified
Sat, 13 Feb 2021 10:04:55 GMT
Server
nginx/1.4.6 (Ubuntu)
X-Amz-Cf-Pop
FRA2-C1
Age
53979
ETag
W/"6027a447-16509"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
v7WCOWEEIBQHKhOtIlor6WxW6JjvxJkvdTkPtRvE3Tgmai23uS3HeQ==
round-warning-24px.svg
downloads.littlebinsforlittlehands.com/images/ 		888 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://downloads.littlebinsforlittlehands.com/images/round-warning-24px.svg
Requested by
Host: downloads.littlebinsforlittlehands.com
URL: https://downloads.littlebinsforlittlehands.com/sf/0c2249d8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.196.123.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-123-147.compute-1.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
d3d8cd0e7252f23d7e9e907842ed3c3929b37c2eb3a6d7ba5ac2fe66ec63cdc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downloads.littlebinsforlittlehands.com/sf/0c2249d8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 17:15:40 GMT
Last-Modified
Sat, 13 Feb 2021 10:04:55 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"6027a447-378"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
888
lib-e23fd70a58.js
d308fhmgxc52gy.cloudfront.net/js/ 		911 KB
280 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d308fhmgxc52gy.cloudfront.net/js/lib-e23fd70a58.js
Requested by
Host: downloads.littlebinsforlittlehands.com
URL: https://downloads.littlebinsforlittlehands.com/sf/0c2249d8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8600:f:c772:f080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
0a1c9f15c780944c6a41f4a25ba47fdc46fc9c91c227ab59de40dd013bb564c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downloads.littlebinsforlittlehands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 03:59:57 GMT
Content-Encoding
gzip
Via
1.1 24c299c0a6423c6f96984a85fb014108.cloudfront.net (CloudFront)
Last-Modified
Sat, 13 Feb 2021 10:04:55 GMT
Server
nginx/1.4.6 (Ubuntu)
X-Amz-Cf-Pop
FRA2-C1
Age
47803
ETag
W/"6027a447-e3b2d"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
oUasLdfY_x8KIiIr5BPCIgomz4IjEqTRbdWaa1rmfMxb5w9jjqpKHw==
bundle.min.js
browser.sentry-cdn.com/4.6.3/ 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/4.6.3/bundle.min.js
Requested by
Host: downloads.littlebinsforlittlehands.com
URL: https://downloads.littlebinsforlittlehands.com/sf/0c2249d8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
d5e9f28d921e0c30f10893f0c20faa7e125c5ec12099d31bfa1018133717fb2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://downloads.littlebinsforlittlehands.com/
Origin
https://downloads.littlebinsforlittlehands.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 17:15:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 20 Feb 2019 14:17:11 GMT
server
Fastly
age
4171412
etag
"81b0a795cafb793e28e4bfccec591417"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
22654
expires
Wed, 30 Aug 2023 10:32:08 GMT
app-979948f2cf.js
d308fhmgxc52gy.cloudfront.net/js/ 		154 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d308fhmgxc52gy.cloudfront.net/js/app-979948f2cf.js
Requested by
Host: downloads.littlebinsforlittlehands.com
URL: https://downloads.littlebinsforlittlehands.com/sf/0c2249d8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8600:f:c772:f080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
dfec176ec12ae88e3d5f2af1da5a5d918c4508a6ba6c8b361ce3e98ad5bed8a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downloads.littlebinsforlittlehands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 01:58:11 GMT
Content-Encoding
gzip
Via
1.1 24c299c0a6423c6f96984a85fb014108.cloudfront.net (CloudFront)
Last-Modified
Sat, 13 Feb 2021 10:04:55 GMT
Server
nginx/1.4.6 (Ubuntu)
X-Amz-Cf-Pop
FRA2-C1
Age
55092
ETag
W/"6027a447-268a4"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
2eGfF-Iz5DbTdXnyKirKOMRyyorDV_yN6jEDiS4GliPqlx1J5i-Gfg==
css
fonts.googleapis.com/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cabin:400,700|Exo:400,700|Lato:400,700|Montserrat:400,700|Noto+Sans:400,700|Open+Sans:400,700|Raleway:400,700|Roboto:400,700
Requested by
Host: d308fhmgxc52gy.cloudfront.net
URL: https://d308fhmgxc52gy.cloudfront.net/style/app-9fab0e11a2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a67dda59e200cceac6aa71d16b3b560b9c42c90092f7b43784e27201c8689620
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d308fhmgxc52gy.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Oct 2022 17:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 17:15:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Oct 2022 17:15:40 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: downloads.littlebinsforlittlehands.com
URL: https://downloads.littlebinsforlittlehands.com/sf/0c2249d8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
79a8e85ae0504712592313cfee5f29df064d93ed06a5e7313aaed17d5565c40a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downloads.littlebinsforlittlehands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Oct 2022 17:15:40 GMT
content-md5
60T6A6Kwg+A6BiOZmdja8Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
JBBWwSkZXtJrjaUTW0QwdglWJmEJKelQWh9uy0CBZ/1zecrgc8+Bi44TfosDJb3GVQYuRQIaEtAb3BX3nsz94A==
x-fb-trip-id
686109401
x-fb-content-md5
3882a6f44cf35c09cc23e6cf9731d293
cross-origin-opener-policy
same-origin-allow-popups
etag
"c80688554decf639b4d8f32f96a1972c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 17 Oct 2022 17:29:01 GMT
sdk.js
connect.facebook.net/en_US/ 		306 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=8ec77c9709b7ec7c00c9bbf81b77e074
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cf1ef2f446e6f8631a8525742e5a3b37f9c39caa0a191f81a5c728a25a81f909
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://downloads.littlebinsforlittlehands.com/
Origin
https://downloads.littlebinsforlittlehands.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Oct 2022 17:15:40 GMT
content-md5
Tji8fQD+4rIwlBqNUjQFOw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88413
x-fb-rlafr
0
x-fb-debug
WY7ltm6OoL8sXhRuQK4nYnU85SZ2uvBaaTnloV1nJDZuGGf9Pe/A39lCPbjimzAEiERdnjOHRDNXxqjqdzIj6Q==
x-fb-content-md5
a0998458f88bec22a8c4f230513a6868
cross-origin-opener-policy
same-origin-allow-popups
etag
"77a476e333729c2d6a245aba24ce26c7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 17 Oct 2023 16:44:58 GMT
/
api.bucket.io/v1/outputs/0c2249d8/ 		27 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.bucket.io/v1/outputs/0c2249d8/?t=sf
Requested by
Host: d308fhmgxc52gy.cloudfront.net
URL: https://d308fhmgxc52gy.cloudfront.net/js/lib-e23fd70a58.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.71.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-71-159.compute-1.amazonaws.com
Software
nginx/1.14.0 + Phusion Passenger 5.3.1 / Phusion Passenger 5.3.1
Resource Hash
6152a23c291cce3de4f87cad4f1f7f3c945a23a75a6786e1588cbc8f3ada3aa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://downloads.littlebinsforlittlehands.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 17:15:41 GMT
x-content-type-options
nosniff
x-powered-by
Phusion Passenger 5.3.1
status
200 OK
x-xss-protection
1; mode=block
x-request-id
79d8a3f5-1a84-4732-aa99-a9b493a2f49f
x-runtime
0.174238
server
nginx/1.14.0 + Phusion Passenger 5.3.1
etag
W/"a8ddced8fb60e804e738ec2377d1c6db"
access-control-max-age
1728000
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://downloads.littlebinsforlittlehands.com
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: downloads.littlebinsforlittlehands.com
URL: https://downloads.littlebinsforlittlehands.com/sf/0c2249d8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downloads.littlebinsforlittlehands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 17:15:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54258
x-xss-protection
0
server
cafe
etag
17723101508716594383
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 17 Oct 2022 17:15:40 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400,700|Exo:400,700|Lato:400,700|Montserrat:400,700|Noto+Sans:400,700|Open+Sans:400,700|Raleway:400,700|Roboto:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://downloads.littlebinsforlittlehands.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 17:07:14 GMT
x-content-type-options
nosniff
age
518907
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Oct 2023 17:07:14 GMT
fbevents.js
connect.facebook.net/en_US/ 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: downloads.littlebinsforlittlehands.com
URL: https://downloads.littlebinsforlittlehands.com/sf/0c2249d8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
df95c359e3559c219087fcb7d390b577cbd6577c0338d18644bd275149c62a86
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downloads.littlebinsforlittlehands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 17 Oct 2022 17:15:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
27029
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
p1wVu07x4uAynbqYBnuma2eYTbo4X8etcrjmkbVvio3t8uBTPvHazuwx9G0Gib9a01nD9COnU1BTyTSxOUgeZQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-55428296-1
Requested by
Host: d308fhmgxc52gy.cloudfront.net
URL: https://d308fhmgxc52gy.cloudfront.net/js/lib-e23fd70a58.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
437c7c64e010d77b10f4ea3919ed12dadafd0ce9d5ad83a343c02372f6bf9955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downloads.littlebinsforlittlehands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 17:15:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42399
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 16:09:44 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Oct 2022 17:15:41 GMT
takers
api.bucket.io/v1/ 		467 B
1003 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.bucket.io/v1/takers
Requested by
Host: d308fhmgxc52gy.cloudfront.net
URL: https://d308fhmgxc52gy.cloudfront.net/js/lib-e23fd70a58.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.71.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-71-159.compute-1.amazonaws.com
Software
nginx/1.14.0 + Phusion Passenger 5.3.1 / Phusion Passenger 5.3.1
Resource Hash
7dc9d0d710d1265b7694ed21484a94a7e358498db8b076f285d45b03ecfa9341
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://downloads.littlebinsforlittlehands.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 17 Oct 2022 17:15:41 GMT
x-content-type-options
nosniff
x-powered-by
Phusion Passenger 5.3.1
status
201 Created
x-xss-protection
1; mode=block
x-request-id
6c888ee7-b163-423e-9bfe-99ce326c3893
x-runtime
0.078217
server
nginx/1.14.0 + Phusion Passenger 5.3.1
etag
W/"86d0be2a3918e12792d7aaf1153bfa61"
access-control-max-age
1728000
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://downloads.littlebinsforlittlehands.com
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
takers
api.bucket.io/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.bucket.io/v1/takers
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.71.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-71-159.compute-1.amazonaws.com
Software
nginx/1.14.0 + Phusion Passenger 5.3.1 / Phusion Passenger 5.3.1
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://downloads.littlebinsforlittlehands.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin
https://downloads.littlebinsforlittlehands.com
access-control-max-age
1728000
content-type
text/plain
date
Mon, 17 Oct 2022 17:15:41 GMT
server
nginx/1.14.0 + Phusion Passenger 5.3.1
status
200 OK
x-powered-by
Phusion Passenger 5.3.1
173715770003632
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/173715770003632?v=2.9.85&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6e7e43199e0dfbb13a78dfc5021c1dea749a0bf735a16ddca284cd0f277262ff
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downloads.littlebinsforlittlehands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 17 Oct 2022 17:15:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
wyo8t/samXskER7oQ5m3jINjKk6iFxktreO2k3fKn8LQKGJRPKok9hHwg2UO5OUFdmou0wl9ANgSCrrEso9v8g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-55428296-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downloads.littlebinsforlittlehands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Oct 2022 17:01:59 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
822
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 17 Oct 2022 19:01:59 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=862796599&t=pageview&_s=1&dl=https%3A%2F%2Fdownloads.littlebinsforlittlehands.com%2Fsf%2F0c2249d8&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1997601367&gjid=1963096930&cid=1284065908.1666026942&tid=UA-55428296-1&_gid=1683338050.1666026942&_r=1&gtm=2ouaa0&z=607234156
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://downloads.littlebinsforlittlehands.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Oct 2022 17:15:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://downloads.littlebinsforlittlehands.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=173715770003632&ev=PageView&dl=https%3A%2F%2Fdownloads.littlebinsforlittlehands.com%2Fsf%2F0c2249d8&rl=&if=false&ts=1666026941623&sw=1600&sh=1200&v=2.9.85&r=stable&ec=0&o=30&fbp=fb.1.1666026941622.1101396186&it=1666026941457&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downloads.littlebinsforlittlehands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 17 Oct 2022 17:15:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
collect
stats.g.doubleclick.net/j/ 		1 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-55428296-1&cid=1284065908.1666026942&jid=1997601367&gjid=1963096930&_gid=1683338050.1666026942&_u=YEBAAUAAAAAAACAAI~&z=1767390934
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://downloads.littlebinsforlittlehands.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 17 Oct 2022 17:15:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://downloads.littlebinsforlittlehands.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
register_participant_view
api.bucket.io/v1/question_participants/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.bucket.io/v1/question_participants/register_participant_view
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.71.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-71-159.compute-1.amazonaws.com
Software
nginx/1.14.0 + Phusion Passenger 5.3.1 / Phusion Passenger 5.3.1
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-taker-token
Access-Control-Request-Method
POST
Origin
https://downloads.littlebinsforlittlehands.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-taker-token
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin
https://downloads.littlebinsforlittlehands.com
access-control-max-age
1728000
content-type
text/plain
date
Mon, 17 Oct 2022 17:15:41 GMT
server
nginx/1.14.0 + Phusion Passenger 5.3.1
status
200 OK
x-powered-by
Phusion Passenger 5.3.1
register_participant_view
api.bucket.io/v1/question_participants/ 		165 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.bucket.io/v1/question_participants/register_participant_view
Requested by
Host: d308fhmgxc52gy.cloudfront.net
URL: https://d308fhmgxc52gy.cloudfront.net/js/lib-e23fd70a58.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.208.71.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-208-71-159.compute-1.amazonaws.com
Software
nginx/1.14.0 + Phusion Passenger 5.3.1 / Phusion Passenger 5.3.1
Resource Hash
d6620c91cbee4772ed8fd6aae4adf1f777475cd0483dcb52c90a196043dfa7f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Referer
https://downloads.littlebinsforlittlehands.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
X-Taker-Token
xqBTns235cQ5bXi81sSo

Response headers

date
Mon, 17 Oct 2022 17:15:41 GMT
x-content-type-options
nosniff
x-powered-by
Phusion Passenger 5.3.1
status
201 Created
x-xss-protection
1; mode=block
x-request-id
3582d8c0-5843-4f95-8ce9-52cd0b44ca21
x-runtime
0.025433
server
nginx/1.14.0 + Phusion Passenger 5.3.1
etag
W/"490c9d0e32cf00703360b6e8707c3c0a"
access-control-max-age
1728000
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://downloads.littlebinsforlittlehands.com
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=173715770003632&ev=ViewContent&dl=https%3A%2F%2Fdownloads.littlebinsforlittlehands.com%2Fsf%2F0c2249d8&rl=&if=false&ts=1666026941705&cd[halloween_tetris_puzzle]=halloween_tetris_puzzle&sw=1600&sh=1200&v=2.9.85&r=stable&ec=1&o=30&fbp=fb.1.1666026941622.1101396186&it=1666026941457&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downloads.littlebinsforlittlehands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 17 Oct 2022 17:15:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=862796599&t=event&_s=2&dl=https%3A%2F%2Fdownloads.littlebinsforlittlehands.com%2Fsf%2F0c2249d8&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=halloween_tetris_puzzle&ea=Viewed%20Content&el=halloween_tetris_puzzle&ev=0&_u=aEBAAUABAAAAACAAI~&jid=&gjid=&cid=1284065908.1666026942&tid=UA-55428296-1&_gid=1683338050.1666026942&gtm=2ouaa0&z=1918233955
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downloads.littlebinsforlittlehands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Oct 2022 21:20:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
71717
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
loading-results.svg
downloads.littlebinsforlittlehands.com/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://downloads.littlebinsforlittlehands.com/images/loading-results.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.196.123.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-123-147.compute-1.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
418e9adb3291a201d03b91c45713ce9266a81b6488ebc72eca0c635ffe4a800e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downloads.littlebinsforlittlehands.com/sf/0c2249d8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 17:15:41 GMT
Last-Modified
Sat, 13 Feb 2021 10:04:55 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"6027a447-5ed4"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24276
44805844_196206727945740_7730438406878003200_n.jpg
d1wssizvfpltp0.cloudfront.net/uploads/segmentation_funnels/images/20190109220921/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1wssizvfpltp0.cloudfront.net/uploads/segmentation_funnels/images/20190109220921/44805844_196206727945740_7730438406878003200_n.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f000:8:19e3:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b394f1f8ffe55a48c91e8d32dcfa79f67be98381288a6af39c8ec877636e5c50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downloads.littlebinsforlittlehands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 07:08:14 GMT
x-amz-version-id
od6CxLi6.ahcDdu.gjTEnEZOkSqNT3pK
via
1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified
Wed, 09 Jan 2019 22:09:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
3492448
etag
"53806a3116fb714f908d48d48118626d"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
10270
x-amz-cf-id
Ln2t_gSteV7BEPRDtkDDBlaYVI12V2SCcaEqeIYGR3QVGVZi0ZGCaQ==
5__1_.jpg
d1wssizvfpltp0.cloudfront.net/uploads/segmentation_funnels/images/20211011044105/ 		124 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1wssizvfpltp0.cloudfront.net/uploads/segmentation_funnels/images/20211011044105/5__1_.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f000:8:19e3:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66374c6315fc3eca85dbbb060ff11db0df4797d76ed43700f55e9bc3889e3640

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downloads.littlebinsforlittlehands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 18:23:32 GMT
x-amz-version-id
lgw8dRimdNcWVaXNe8ffCKCZXAjfff51
via
1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified
Mon, 11 Oct 2021 04:41:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
82330
etag
"12ff3949eb2b573845046554425cab62"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
126990
x-amz-cf-id
1O-ssJHbX_9R_tX0OAshyk6xRt5sowSQ9dM8aFXZSLUdsXy2pljXgQ==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400,700|Exo:400,700|Lato:400,700|Montserrat:400,700|Noto+Sans:400,700|Open+Sans:400,700|Raleway:400,700|Roboto:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://downloads.littlebinsforlittlehands.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 18:50:24 GMT
x-content-type-options
nosniff
age
599117
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Oct 2023 18:50:24 GMT
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=173715770003632&ev=Microdata&dl=https%3A%2F%2Fdownloads.littlebinsforlittlehands.com%2Fsf%2F0c2249d8&rl=&if=false&ts=1666026942126&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Halloween%20Tetris%20Puzzle%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Halloween%20Tetris%20Puzzle%22%2C%22og%3Adescription%22%3A%22No%20description%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fd1wssizvfpltp0.cloudfront.net%2Fuploads%2Fsegmentation_funnels%2Fimages%2F20211011044139%2F5__1_.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fdownloads.littlebinsforlittlehands.com%2Fsf%2F0c2249d8%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.85&r=stable&ec=2&o=30&fbp=fb.1.1666026941622.1101396186&it=1666026941457&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://downloads.littlebinsforlittlehands.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 17 Oct 2022 17:15:42 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| jQuery function| Vel function| $ object| angular function| moment function| _ function| Hammer object| Materialize object| Waves function| Picker object| reTree object| returnExports object| Sentry object| FB object| dataLayer function| validate_field object| __buffer function| fbq function| _fbq function| gtag object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.littlebinsforlittlehands.com/ Name: _ga
Value: GA1.2.1284065908.1666026942
.littlebinsforlittlehands.com/ Name: _gid
Value: GA1.2.1683338050.1666026942
.littlebinsforlittlehands.com/ Name: _gat_gtag_UA_55428296_1
Value: 1
.littlebinsforlittlehands.com/ Name: _fbp
Value: fb.1.1666026941622.1101396186

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.bucket.io
browser.sentry-cdn.com
click.convertkit-mail.com
connect.facebook.net
d1wssizvfpltp0.cloudfront.net
d308fhmgxc52gy.cloudfront.net
downloads.littlebinsforlittlehands.com
fonts.googleapis.com
fonts.gstatic.com
pagead2.googlesyndication.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
18.220.226.84
2001:4860:4802:38::178
2600:9000:20eb:8600:f:c772:f080:93a1
2600:9000:21f3:f000:8:19e3:a500:21
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2008
2a00:1450:400c:c00::9d
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42::729
34.196.123.147
54.208.71.159
053af57ac3cb099c90a8da68ea8bb911144e0797e4e3aa834cfa7c15e4d0f757
0a1c9f15c780944c6a41f4a25ba47fdc46fc9c91c227ab59de40dd013bb564c8
16c0bd547d604b977dd642bd6d97269d8ab23703735dfa08faa98a26531aec33
418e9adb3291a201d03b91c45713ce9266a81b6488ebc72eca0c635ffe4a800e
437c7c64e010d77b10f4ea3919ed12dadafd0ce9d5ad83a343c02372f6bf9955
6152a23c291cce3de4f87cad4f1f7f3c945a23a75a6786e1588cbc8f3ada3aa8
66374c6315fc3eca85dbbb060ff11db0df4797d76ed43700f55e9bc3889e3640
688bb8107c7846f1ef4a06a367d15dd5a62db87b1ba6269d78125c2778b02ab1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e7e43199e0dfbb13a78dfc5021c1dea749a0bf735a16ddca284cd0f277262ff
79a8e85ae0504712592313cfee5f29df064d93ed06a5e7313aaed17d5565c40a
7dc9d0d710d1265b7694ed21484a94a7e358498db8b076f285d45b03ecfa9341
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a67dda59e200cceac6aa71d16b3b560b9c42c90092f7b43784e27201c8689620
b394f1f8ffe55a48c91e8d32dcfa79f67be98381288a6af39c8ec877636e5c50
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
cf1ef2f446e6f8631a8525742e5a3b37f9c39caa0a191f81a5c728a25a81f909
d3d8cd0e7252f23d7e9e907842ed3c3929b37c2eb3a6d7ba5ac2fe66ec63cdc0
d5e9f28d921e0c30f10893f0c20faa7e125c5ec12099d31bfa1018133717fb2a
d6620c91cbee4772ed8fd6aae4adf1f777475cd0483dcb52c90a196043dfa7f7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df95c359e3559c219087fcb7d390b577cbd6577c0338d18644bd275149c62a86
dfec176ec12ae88e3d5f2af1da5a5d918c4508a6ba6c8b361ce3e98ad5bed8a7
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855