urlscan.io logo urlscan.io
SecurityTrails logo

iwishiwereheather.com Open in urlscan Pro
104.40.222.81  Public Scan

Go To Rescan Add Verdict Report
URL: http://iwishiwereheather.com/
Submission: On December 08 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 9 domains to perform 35 HTTP transactions. The main IP is 104.40.222.81, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is iwishiwereheather.com.
This is the only time iwishiwereheather.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 104.40.222.81 8075 (MICROSOFT...)
10 2606:2800:233... 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 51.107.59.180 8075 (MICROSOFT...)
2 45.60.87.21 19551 (INCAPSULA)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
6 23.67.140.99 20940 (AKAMAI-ASN1)
3 35.171.13.153 14618 (AMAZON-AES)
35 11
4    104.40.222.81 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
iwishiwereheather.com
api.crowdcat.co
10    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
cdn-resources.crowdcat.co
1    2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    51.107.59.180 (Zurich, Switzerland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
2    45.60.87.21 (United States)

ASN19551 (INCAPSULA, US)
consent.umusic.com
uat-consent.umusic.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700:20::681a:33c (United States)

ASN13335 (CLOUDFLARENET, US)
glitch.ge
6    23.67.140.99 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-67-140-99.deploy.static.akamaitechnologies.com
c.evidon.com
3    35.171.13.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
l.evidon.com
Domain Requested by
10 cdn-resources.crowdcat.co iwishiwereheather.com
6 c.evidon.com consent.umusic.com
c.evidon.com
4 dc.services.visualstudio.com cdn-resources.crowdcat.co
3 l.evidon.com
3 api.crowdcat.co cdn-resources.crowdcat.co
2 connect.facebook.net connect.facebook.net
1 uat-consent.umusic.com
1 glitch.ge cdn-resources.crowdcat.co
1 consent.umusic.com cdn-resources.crowdcat.co
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com cdn-resources.crowdcat.co
1 iwishiwereheather.com
35 12

This site contains links to these domains. Also see Links.

Domain
privacy.umusic.com
Subject Issuer Validity Valid
sni62begl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-04 -
2021-12-08		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.crowdcat.co
Go Daddy Secure Certificate Authority - G2		 2020-09-03 -
2021-09-03		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
in.applicationinsights.azure.com
Microsoft IT TLS CA 4		 2020-04-30 -
2022-04-30		 2 years crt.sh
*.umusic.com
DigiCert SHA2 High Assurance Server CA		 2019-08-29 -
2021-11-08		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-11-02 -
2021-01-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-11 -
2021-07-11		 a year crt.sh
*.evidon.com
DigiCert Secure Site ECC CA-1		 2020-04-29 -
2021-07-29		 a year crt.sh

This page contains 3 frames:

Primary Page: http://iwishiwereheather.com/
Frame ID: 5AAD36BAA1C37CC5BC04C1F841028630
Requests: 30 HTTP requests in this frame

Frame: https://glitch.ge/campaigns/conangray/heather
Frame ID: 90FE38230608A335F586F054643A31C8
Requests: 1 HTTP requests in this frame

Frame: https://glitch.ge/campaigns/conangray/heather
Frame ID: 6DFDE4BD60536207129B71EDB9A793B5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<[^>]+ ng-version="([\d.]+)"/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Page Statistics

35
Requests

86 %
HTTPS

50 %
IPv6

9
Domains

12
Subdomains

11
IPs

5
Countries

843 kB
Transfer

2709 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • http://connect.facebook.net/en_US/sdk.js HTTP 307
  • https://connect.facebook.net/en_US/sdk.js

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
iwishiwereheather.com/ 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://iwishiwereheather.com/
Protocol
HTTP/1.1
Server
104.40.222.81 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
512c0509febb5f3e91aef7381d347d0693e7b63a439c64a8bdbeaa573184678d

Request headers

Host
iwishiwereheather.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
private,no-transform
Content-Length
4469
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-AspNetMvc-Version
5.2
X-AspNet-Version
4.0.30319
Request-Context
appId=cid-v1:23e27b55-c534-4575-a720-70d6bb953c01
Access-Control-Expose-Headers
Request-Context
X-Powered-By
ASP.NET
Date
Tue, 08 Dec 2020 17:05:35 GMT
75596b10-820d-4805-ae18-57337401eb6a.css
cdn-resources.crowdcat.co/layouts/styles/ 		89 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-resources.crowdcat.co/layouts/styles/75596b10-820d-4805-ae18-57337401eb6a.css?v=1607102125000
Requested by
Host: iwishiwereheather.com
URL: http://iwishiwereheather.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8EA0) /
Resource Hash
704e147608509d7d9b79d256992eac3c3a9859bd722af9f23b2669308fd86c4b

Request headers

Referer
http://iwishiwereheather.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:05:36 GMT
content-encoding
gzip
last-modified
Fri, 04 Dec 2020 17:15:25 GMT
server
ECAcc (frc/8EA0)
age
345007
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
21682
request-context
appId=cid-v1:49a7a42a-48f4-4795-9c92-72ae3b9ed589
styles.css
cdn-resources.crowdcat.co/player/js/crowdcat_player/ 		16 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-resources.crowdcat.co/player/js/crowdcat_player/styles.css?v=0.9-20201005.1
Requested by
Host: iwishiwereheather.com
URL: http://iwishiwereheather.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F6F) /
Resource Hash
1f5f29032b4aa96b61a87712bd4f4d745ff63a3553848c1fa9fc2c45c2b2c0e3

Request headers

Referer
http://iwishiwereheather.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:05:36 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 13:55:24 GMT
server
ECAcc (frc/8F6F)
age
11212
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
4925
request-context
appId=cid-v1:49a7a42a-48f4-4795-9c92-72ae3b9ed589
jquery-1.11.3.min.js
cdn-resources.crowdcat.co/player/js/ 		94 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-resources.crowdcat.co/player/js/jquery-1.11.3.min.js?v=0.9-20201005.1
Requested by
Host: iwishiwereheather.com
URL: http://iwishiwereheather.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FC6) /
Resource Hash
20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104

Request headers

Referer
http://iwishiwereheather.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:05:36 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 13:55:24 GMT
server
ECAcc (frc/8FC6)
age
10996
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
42852
request-context
appId=cid-v1:49a7a42a-48f4-4795-9c92-72ae3b9ed589
widget.js
cdn-resources.crowdcat.co/widgets/core/basewidget/v2/ 		376 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-resources.crowdcat.co/widgets/core/basewidget/v2/widget.js?v=0.9-20201005.1
Requested by
Host: iwishiwereheather.com
URL: http://iwishiwereheather.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F23) /
Resource Hash
d557fa5131e639a74e052fa01ab1d15b153b96d6c865fb14e0e4ad364e5c7780

Request headers

Referer
http://iwishiwereheather.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:05:36 GMT
content-encoding
gzip
last-modified
Wed, 02 Dec 2020 10:15:13 GMT
server
ECAcc (frc/8F23)
age
130151
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
127045
request-context
appId=cid-v1:49a7a42a-48f4-4795-9c92-72ae3b9ed589
richtext.js
cdn-resources.crowdcat.co/widgets/types/richtext/v1/ 		383 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-resources.crowdcat.co/widgets/types/richtext/v1/richtext.js?v=1606904085000
Requested by
Host: iwishiwereheather.com
URL: http://iwishiwereheather.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F95) /
Resource Hash
c7f8ebff69c758f19ce15714139cca4dab4a6958b5409a123ed3052702da6f61

Request headers

Referer
http://iwishiwereheather.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:05:36 GMT
content-encoding
gzip
last-modified
Wed, 02 Dec 2020 10:14:45 GMT
server
ECAcc (frc/8F95)
age
531096
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
129200
request-context
appId=cid-v1:49a7a42a-48f4-4795-9c92-72ae3b9ed589
evidon_cookie_consent.js
cdn-resources.crowdcat.co/widgets/types/evidon_cookie_consent/v1/ 		383 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-resources.crowdcat.co/widgets/types/evidon_cookie_consent/v1/evidon_cookie_consent.js?v=1606904083000
Requested by
Host: iwishiwereheather.com
URL: http://iwishiwereheather.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F61) /
Resource Hash
570b04331bfd63ae3f501eb1e3a15c4604e086736e337c50089e1fa06bccc9b0

Request headers

Referer
http://iwishiwereheather.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:05:36 GMT
content-encoding
gzip
last-modified
Wed, 02 Dec 2020 10:14:43 GMT
server
ECAcc (frc/8F61)
age
531006
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
129474
request-context
appId=cid-v1:49a7a42a-48f4-4795-9c92-72ae3b9ed589
runtime.js
cdn-resources.crowdcat.co/player/js/crowdcat_player/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-resources.crowdcat.co/player/js/crowdcat_player/runtime.js?v=0.9-20201005.1
Requested by
Host: iwishiwereheather.com
URL: http://iwishiwereheather.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F2A) /
Resource Hash
ff4354af4e52bef06b5b02360c42b8cb43a844b535abfb123f15ab720e18da01

Request headers

Referer
http://iwishiwereheather.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:05:36 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 13:55:24 GMT
server
ECAcc (frc/8F2A)
age
10996
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
972
request-context
appId=cid-v1:49a7a42a-48f4-4795-9c92-72ae3b9ed589
polyfills.js
cdn-resources.crowdcat.co/player/js/crowdcat_player/ 		150 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-resources.crowdcat.co/player/js/crowdcat_player/polyfills.js?v=0.9-20201005.1
Requested by
Host: iwishiwereheather.com
URL: http://iwishiwereheather.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FC9) /
Resource Hash
953c453572f8687e039d93b7f5252ffdb7ed488c1feda40e89ec69aba935bea9

Request headers

Referer
http://iwishiwereheather.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:05:36 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 13:55:24 GMT
server
ECAcc (frc/8FC9)
age
10996
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
65780
request-context
appId=cid-v1:49a7a42a-48f4-4795-9c92-72ae3b9ed589
scripts.js
cdn-resources.crowdcat.co/player/js/crowdcat_player/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-resources.crowdcat.co/player/js/crowdcat_player/scripts.js?v=0.9-20201005.1
Requested by
Host: iwishiwereheather.com
URL: http://iwishiwereheather.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F6B) /
Resource Hash
08263c392ddc6370d8cb50d9e2c4e0210a1917a22a3011dab4645aa474687a99

Request headers

Referer
http://iwishiwereheather.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:05:36 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 13:55:24 GMT
server
ECAcc (frc/8F6B)
age
10996
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
2193
request-context
appId=cid-v1:49a7a42a-48f4-4795-9c92-72ae3b9ed589
main.js
cdn-resources.crowdcat.co/player/js/crowdcat_player/ 		571 KB
194 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-resources.crowdcat.co/player/js/crowdcat_player/main.js?v=0.9-20201005.1
Requested by
Host: iwishiwereheather.com
URL: http://iwishiwereheather.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FBB) /
Resource Hash
d837bb364668067819e72524d870652e092859e48b692e30a0c150ad87556ed3

Request headers

Referer
http://iwishiwereheather.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:05:36 GMT
content-encoding
gzip
last-modified
Tue, 06 Oct 2020 13:55:24 GMT
server
ECAcc (frc/8FBB)
age
306533
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
198673
request-context
appId=cid-v1:49a7a42a-48f4-4795-9c92-72ae3b9ed589
css
fonts.googleapis.com/ 		2 KB
596 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rubik
Requested by
Host: cdn-resources.crowdcat.co
URL: https://cdn-resources.crowdcat.co/player/js/crowdcat_player/styles.css?v=0.9-20201005.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
293239735472b93fc0f1be43fed21d04abbe2c0d6872ab92c9ee962c6b0bd357
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn-resources.crowdcat.co/player/js/crowdcat_player/styles.css?v=0.9-20201005.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 08 Dec 2020 16:57:53 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Tue, 08 Dec 2020 17:05:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Tue, 08 Dec 2020 17:05:36 GMT
play
api.crowdcat.co/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://api.crowdcat.co/play
Protocol
HTTP/1.1
Server
104.40.222.81 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://iwishiwereheather.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
Microsoft-IIS/10.0
Access-Control-Allow-Origin
http://iwishiwereheather.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Max-Age
600
Request-Context
appId=cid-v1:3b853e67-5ded-4de9-8429-c84b2ab5d529
Access-Control-Expose-Headers
Request-Context
X-Powered-By
ASP.NET
Date
Tue, 08 Dec 2020 17:05:35 GMT
Content-Length
0
play
api.crowdcat.co/ 		52 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.crowdcat.co/play
Requested by
Host: cdn-resources.crowdcat.co
URL: https://cdn-resources.crowdcat.co/player/js/crowdcat_player/polyfills.js?v=0.9-20201005.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.40.222.81 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
640401938ed1c934e951d809a093077d294d656b79c662bff12d04a4ffce3026

Request headers

Accept
application/json, text/plain, */*
Referer
http://iwishiwereheather.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Tue, 08 Dec 2020 17:05:35 GMT
Content-Encoding
gzip
Expires
-1
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://iwishiwereheather.com
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Content-Length
173
Request-Context
appId=cid-v1:3b853e67-5ded-4de9-8429-c84b2ab5d529
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0UzdYPFkZVO.woff
fonts.gstatic.com/s/rubik/v11/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v11/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0UzdYPFkZVO.woff
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47f568aa91ffb756af69523453b21e18adeb97adffcc4085e1f13120597be28d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://iwishiwereheather.com
Referer
https://fonts.googleapis.com/css?family=Rubik
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Dec 2020 09:16:35 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 2020 22:20:15 GMT
server
sffe
age
200941
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23024
x-xss-protection
0
expires
Mon, 06 Dec 2021 09:16:35 GMT
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Server
51.107.59.180 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,sdk-context
Origin
http://iwishiwereheather.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-methods
POST
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin
*
access-control-max-age
3600
x-content-type-options
nosniff
date
Tue, 08 Dec 2020 17:05:35 GMT
content-length
0
track
dc.services.visualstudio.com/v2/ 		96 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: cdn-resources.crowdcat.co
URL: https://cdn-resources.crowdcat.co/player/js/crowdcat_player/polyfills.js?v=0.9-20201005.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.107.59.180 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8be2e0594c1190f847dbce7183ba539805f85b61fdee2e475151e87948cf5fec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://iwishiwereheather.com/
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
D764D1FA-0F9A-4686-8FB9-17BA930D5B85
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Tue, 08 Dec 2020 17:05:36 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length
96
load.js
consent.umusic.com/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.umusic.com/load.js
Requested by
Host: cdn-resources.crowdcat.co
URL: https://cdn-resources.crowdcat.co/widgets/types/evidon_cookie_consent/v1/evidon_cookie_consent.js?v=1606904083000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.21 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2098c9468b73b522ad8da21b117bf6b48f2e7950c0228d78fbe9dc4eaaa520b5

Request headers

Referer
http://iwishiwereheather.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 08 Dec 2020 17:05:36 GMT
Content-Encoding
gzip
ETag
"0d7649686c9d61:0"
Last-Modified
Thu, 03 Dec 2020 15:11:34 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Iinfo
13-4405541-4405545 NNNN CT(86 80 0) RT(1607447135983 18) q(0 0 1 3) r(2 2) U5
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6977
X-CDN
Incapsula
sdk.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/sdk.js
  • https://connect.facebook.net/en_US/sdk.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f9e747af7a7858573abccfd18fb3d220d540f531f123a4f2c894e520f165995c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://iwishiwereheather.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
MsIgusy+XDULKFu14mWO3g==
cross-origin-resource-policy
cross-origin
expires
Tue, 08 Dec 2020 17:14:25 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1779
etag
"f2916d2468a916ede3d205ff45c8c124"
x-fb-debug
gnNKdk5+DgHXWLq/OaHvb35ehK4i6bkg/gUO7hZPwO59pAfytXnW2noD01gTPRvQADus3wbBgYQbRTVAN7sVnQ==
x-fb-trip-id
603378373
x-fb-content-md5
1a9a01c6070995e637938b0fa7eace16
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 08 Dec 2020 17:05:36 GMT
x-frame-options
DENY
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5

Redirect headers

Location
https://connect.facebook.net/en_US/sdk.js
Non-Authoritative-Reason
HSTS
heather
glitch.ge/campaigns/conangray/ Frame 90FE 		0
0
heather
glitch.ge/campaigns/conangray/ Frame 6DFD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://glitch.ge/campaigns/conangray/heather
Requested by
Host: cdn-resources.crowdcat.co
URL: https://cdn-resources.crowdcat.co/widgets/types/richtext/v1/richtext.js?v=1606904085000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:33c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash

Request headers

:method
GET
:authority
glitch.ge
:scheme
https
:path
/campaigns/conangray/heather
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://iwishiwereheather.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://iwishiwereheather.com/

Response headers

date
Tue, 08 Dec 2020 17:05:36 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=da861183b8617f6cb44cf889e01d4eaee1607447136; expires=Thu, 07-Jan-21 17:05:36 GMT; path=/; domain=.glitch.ge; HttpOnly; SameSite=Lax; Secure
x-powered-by
Next.js
access-control-allow-origin
https://yellowbus.ge
vary
Origin, Accept-Encoding
via
1.1 vegur
cf-cache-status
DYNAMIC
cf-request-id
06e4e9e0db0000d711420ec000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j5l5V5lCa0mYWKhJmDUFeI9dVhLNNXzkNLb5mQmRN20r%2BNFPdhovtcWnpjzQTMhd4qFhWjg0oBuXu1Cg50tZrzuvx8Wk1XkhHyuvPtW8z%2BkKori8COw%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5fe8127ae86bd711-FRA
content-encoding
br
sdk.js
connect.facebook.net/en_US/ 		195 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=96cecef9ba1681672171b7fef888c817&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
58e035bdc8f3da51960cc6999e88008d4f14e142a23663f108120b7a0eee575f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
http://iwishiwereheather.com
Referer
http://iwishiwereheather.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
aSGSciUyoqVQahtX5JFybQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
60138
etag
"95c3fbfe64844a0967c76b385e3c3ab7"
x-fb-debug
bzWpBd11i4KEcejAqTVtZMZd0b27mhoS8KN02ILvNtp+m4gYJW3ryK+zLsNAn6YMtzGgHxvMU8luka6uZlImnA==
x-fb-trip-id
603378373
x-fb-content-md5
ac3495c873501dea64b85238685e0e50
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 08 Dec 2020 17:05:36 GMT
vary
Accept-Encoding
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Wed, 08 Dec 2021 15:33:39 GMT
evidon-sitenotice-tag.js
c.evidon.com/sitenotice/ 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js?1607447136708
Requested by
Host: consent.umusic.com
URL: https://consent.umusic.com/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.67.140.99 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-67-140-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
612c97f03d18e49fade68bee8209491382fab8aaed6fdb3e9f2d600762817717

Request headers

Referer
http://iwishiwereheather.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:05:36 GMT
content-encoding
gzip
last-modified
Tue, 20 Oct 2020 19:35:34 GMT
server
AkamaiNetStorage
etag
"00c6080ca1a01c38c0a14c8b7f46c4b6:1603222534.839903"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
14862
expires
Thu, 10 Dec 2020 17:05:36 GMT
country.js
c.evidon.com/geo/ 		294 B
485 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/geo/country.js?1607447136708
Requested by
Host: consent.umusic.com
URL: https://consent.umusic.com/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.67.140.99 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-67-140-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
39699ef2ff7f4cfc54b00ba69dbc53473370396c94a44cb770e2e6fb09310168

Request headers

Referer
http://iwishiwereheather.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:05:36 GMT
content-encoding
gzip
last-modified
Sat, 14 Mar 2020 23:38:16 GMT
server
AkamaiNetStorage
etag
"5dbb6cae5cbc58bc9b615e88f73e0b65:1584229096.969986"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
accept-ranges
bytes
access-control-allow-headers
*
content-length
200
snthemes.js
c.evidon.com/sitenotice/5116/ 		171 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/5116/snthemes.js?1607447136709
Requested by
Host: consent.umusic.com
URL: https://consent.umusic.com/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.67.140.99 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-67-140-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c162ba818a53fb831f804127b7f183a0c055890eefea464e547811f016a891ae

Request headers

Referer
http://iwishiwereheather.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:05:36 GMT
content-encoding
gzip
last-modified
Wed, 21 Oct 2020 15:42:37 GMT
server
AkamaiNetStorage
etag
"85214d477be074fd786be36a30e3a6cd:1603294957.586769"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
6043
expires
Thu, 10 Dec 2020 17:05:36 GMT
settings.js
c.evidon.com/sitenotice/5116/iwishiwereheather/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/5116/iwishiwereheather/settings.js?1607447136709
Requested by
Host: consent.umusic.com
URL: https://consent.umusic.com/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.67.140.99 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-67-140-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
07f2e04fdcee3b6103b8d82f7c3867098cc6099dee8a2809002f7734bf4af2e3

Request headers

Referer
http://iwishiwereheather.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:05:36 GMT
content-encoding
gzip
last-modified
Sat, 05 Dec 2020 01:16:57 GMT
server
AkamaiNetStorage
etag
"f5fe35b8ea232936cf23d7db0ac02ab1:1607131017.076774"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
1200
expires
Thu, 10 Dec 2020 17:05:36 GMT
whitelist.gif
uat-consent.umusic.com/ 		43 B
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uat-consent.umusic.com/whitelist.gif?domain=iwishiwereheather.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.21 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://iwishiwereheather.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 08 Dec 2020 17:05:37 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-Iinfo
6-15499858-15499859 NNNN CT(99 206 0) RT(1607447136537 27) q(0 0 3 1) r(4 4) U5
Connection
keep-alive
Content-Length
43
X-CDN
Incapsula
track
dc.services.visualstudio.com/v2/ 		96 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: cdn-resources.crowdcat.co
URL: https://cdn-resources.crowdcat.co/player/js/crowdcat_player/polyfills.js?v=0.9-20201005.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.107.59.180 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8be2e0594c1190f847dbce7183ba539805f85b61fdee2e475151e87948cf5fec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://iwishiwereheather.com/
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
B0AC1A61-70BF-40D0-BB4B-08BF469278DE
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Tue, 08 Dec 2020 17:05:36 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length
96
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Server
51.107.59.180 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,sdk-context
Origin
http://iwishiwereheather.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-methods
POST
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin
*
access-control-max-age
3600
x-content-type-options
nosniff
date
Tue, 08 Dec 2020 17:05:35 GMT
content-length
0
en.js
c.evidon.com/sitenotice/5116/translations/ 		130 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/5116/translations/en.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js?1607447136708
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.67.140.99 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-67-140-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
69824a6c9dfedee22fe0e334858fc4dfac5966ce1cf202a6a9e155628796b0e2

Request headers

Referer
http://iwishiwereheather.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:05:36 GMT
content-encoding
gzip
last-modified
Wed, 21 Oct 2020 15:43:38 GMT
server
AkamaiNetStorage
etag
"e72f9e330334e3b671e41bfe0529176b:1603295018.517608"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
7879
expires
Thu, 10 Dec 2020 17:05:36 GMT
evidon-banner.js
c.evidon.com/sitenotice/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/evidon-banner.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js?1607447136708
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.67.140.99 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-67-140-99.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
37245c9e63df1fb0eeb1c862ce7f7347eed8e598439fb535aab32d917bf35a09

Request headers

Referer
http://iwishiwereheather.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:05:36 GMT
content-encoding
gzip
last-modified
Tue, 20 Oct 2020 19:35:35 GMT
server
AkamaiNetStorage
etag
"8ca458279ecbcfe38c8488d652154a97:1603222535.778156"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
cache-control
max-age=172800, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
3030
expires
Thu, 10 Dec 2020 17:05:36 GMT
2
l.evidon.com/site/v3/5116/49466/1/1/2/ 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://l.evidon.com/site/v3/5116/49466/1/1/2/2?consent=0&regulationid=0&regulationconsenttypeid=1
Protocol
HTTP/1.1
Server
35.171.13.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://iwishiwereheather.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 08 Dec 2020 17:05:36 GMT
Content-Encoding
gzip
Connection
keep-alive
X-Powered-By
Express
ETag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
32541
l.evidon.com/site/v3/5116/49466/1/1/2/2/ 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://l.evidon.com/site/v3/5116/49466/1/1/2/2/32541?consent=0&regulationid=0&regulationconsenttypeid=1
Protocol
HTTP/1.1
Server
35.171.13.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://iwishiwereheather.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 08 Dec 2020 17:05:36 GMT
Content-Encoding
gzip
Connection
keep-alive
X-Powered-By
Express
ETag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
32541
l.evidon.com/site/v3/5116/49466/1/4/2/2/ 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://l.evidon.com/site/v3/5116/49466/1/4/2/2/32541?consent=0&regulationid=0&regulationconsenttypeid=1
Protocol
HTTP/1.1
Server
35.171.13.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://iwishiwereheather.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 08 Dec 2020 17:05:36 GMT
Content-Encoding
gzip
Connection
keep-alive
X-Powered-By
Express
ETag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
0f630fe7-0b31-4df6-b2ab-88fa6de53aab
api.crowdcat.co/play/ 		81 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.crowdcat.co/play/0f630fe7-0b31-4df6-b2ab-88fa6de53aab
Requested by
Host: cdn-resources.crowdcat.co
URL: https://cdn-resources.crowdcat.co/player/js/crowdcat_player/polyfills.js?v=0.9-20201005.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.40.222.81 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
48753eacea9af2b36156d0aa5e4d14e8cf7256ec129c180a7e7003fb45678850

Request headers

Accept
application/json, text/plain, */*
Referer
http://iwishiwereheather.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 08 Dec 2020 17:05:36 GMT
Content-Encoding
gzip
Expires
-1
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://iwishiwereheather.com
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Content-Length
193
Request-Context
appId=cid-v1:3b853e67-5ded-4de9-8429-c84b2ab5d529

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
glitch.ge
URL
https://glitch.ge/campaigns/conangray/heather

Verdicts & Comments Add Verdict or Comment

176 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| SocialPromote object| promotion object| runtimeSettings object| analyticsProperties object| webpackJsonp function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__fetch function| __zone_symbol__legacyPatch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched object| JSON_delta function| __assign function| __extends object| __zone_symbol__onlinefalse object| __zone_symbol__offlinefalse object| ng object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__CookiebotOnLoadfalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers function| __zone_symbol__ON_PROPERTYerror object| __zone_symbol__errorfalse object| __zone_symbol__locationchangefalse object| __zone_symbol__beforeunloadfalse object| __zone_symbol__pagehidefalse object| __zone_symbol__messagefalse object| FB object| umggdpr boolean| _umgload string| _acd undefined| _umggdprcss object| umg_gdpr_wl undefined| gdpr function| appendStyle object| evidon object| __zone_symbol__resizefalse function| __zone_symbol__ON_PROPERTYbeforeprint object| __zone_symbol__beforeprintfalse function| __zone_symbol__ON_PROPERTYafterprint object| __zone_symbol__afterprintfalse object| __zone_symbol__scrollfalse object| __zone_symbol__clickfalse function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

2 Cookies

Domain/Path Name / Value
iwishiwereheather.com/ Name: ai_session
Value: Ypuc0|1607447136376.76|1607447136376.76
iwishiwereheather.com/ Name: ai_user
Value: qW+W3|2020-12-08T17:05:36.219Z

2 Console Messages

Source Level URL
Text
console-api log URL: https://consent.umusic.com/load.js(Line 3)
Message:
-- UMG: Consent script loaded (ver 9.05)
console-api log URL: https://consent.umusic.com/load.js(Line 446)
Message:
-- UMG: Launching Evidon script for iwishiwereheather.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.crowdcat.co
c.evidon.com
cdn-resources.crowdcat.co
connect.facebook.net
consent.umusic.com
dc.services.visualstudio.com
fonts.googleapis.com
fonts.gstatic.com
glitch.ge
iwishiwereheather.com
l.evidon.com
uat-consent.umusic.com
glitch.ge
104.40.222.81
23.67.140.99
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:20::681a:33c
2a00:1450:4001:814::2003
2a00:1450:4001:814::200a
2a03:2880:f01c:8012:face:b00c:0:3
35.171.13.153
45.60.87.21
51.107.59.180
07f2e04fdcee3b6103b8d82f7c3867098cc6099dee8a2809002f7734bf4af2e3
08263c392ddc6370d8cb50d9e2c4e0210a1917a22a3011dab4645aa474687a99
1f5f29032b4aa96b61a87712bd4f4d745ff63a3553848c1fa9fc2c45c2b2c0e3
2098c9468b73b522ad8da21b117bf6b48f2e7950c0228d78fbe9dc4eaaa520b5
20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104
293239735472b93fc0f1be43fed21d04abbe2c0d6872ab92c9ee962c6b0bd357
37245c9e63df1fb0eeb1c862ce7f7347eed8e598439fb535aab32d917bf35a09
39699ef2ff7f4cfc54b00ba69dbc53473370396c94a44cb770e2e6fb09310168
47f568aa91ffb756af69523453b21e18adeb97adffcc4085e1f13120597be28d
48753eacea9af2b36156d0aa5e4d14e8cf7256ec129c180a7e7003fb45678850
512c0509febb5f3e91aef7381d347d0693e7b63a439c64a8bdbeaa573184678d
570b04331bfd63ae3f501eb1e3a15c4604e086736e337c50089e1fa06bccc9b0
58e035bdc8f3da51960cc6999e88008d4f14e142a23663f108120b7a0eee575f
612c97f03d18e49fade68bee8209491382fab8aaed6fdb3e9f2d600762817717
640401938ed1c934e951d809a093077d294d656b79c662bff12d04a4ffce3026
69824a6c9dfedee22fe0e334858fc4dfac5966ce1cf202a6a9e155628796b0e2
704e147608509d7d9b79d256992eac3c3a9859bd722af9f23b2669308fd86c4b
8be2e0594c1190f847dbce7183ba539805f85b61fdee2e475151e87948cf5fec
953c453572f8687e039d93b7f5252ffdb7ed488c1feda40e89ec69aba935bea9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c162ba818a53fb831f804127b7f183a0c055890eefea464e547811f016a891ae
c7f8ebff69c758f19ce15714139cca4dab4a6958b5409a123ed3052702da6f61
d557fa5131e639a74e052fa01ab1d15b153b96d6c865fb14e0e4ad364e5c7780
d837bb364668067819e72524d870652e092859e48b692e30a0c150ad87556ed3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f9e747af7a7858573abccfd18fb3d220d540f531f123a4f2c894e520f165995c
ff4354af4e52bef06b5b02360c42b8cb43a844b535abfb123f15ab720e18da01