pub-f78f6230b21b47daaf70cc124ade5011.r2.dev Open in urlscan Pro
104.18.3.35  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://server-internal.bubbleapps.io/ Page URL
2. https://rediss.tailopez.repl.co/?r=aHR0cHM6Ly9wdWItZjc4ZjYyMzBiMjFiNDdkYWFmNzBjYzEyNGFkZTUwMTEucjIuZGV2L2JhY2tncm91bmRmdWxsIGNvcHkgMi5odG1s Page URL
3. https://pub-f78f6230b21b47daaf70cc124ade5011.r2.dev/backgroundfull%20copy%202.html Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response server-internal.bubbleapps.io/	11 KB 4 KB	1460ms 945ms	Document text/html	104.19.218.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://server-internal.bubbleapps.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.218.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 0ba78aaed19f62f24feb62fc0f51bcebc2e39873024afae382049b480dbcc043 Security Headers Name Value Content-Security-Policy frame-ancestors 'none'; X-Frame-Options DENY Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language jp-jp,jp;q=0.9 Response headers cache-control no-store cf-cache-status DYNAMIC cf-ray 7e5481b01d7a263e-NRT content-encoding br content-security-policy frame-ancestors 'none'; content-type text/html date Tue, 11 Jul 2023 22:33:11 GMT referrer-policy origin server cloudflare vary Accept-Encoding x-bubble-capacity-limit 0 ms slower x-bubble-capacity-used 0.074 unit-seconds used x-bubble-perf {"total":476.4,"percents":{"top":{"bubble_cpu":6.8,"block":93.2,"capacity_rl":0,"other_pause":0,"pre_fiber":0.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":5.3,"appserver_cache_misses_time":0,"redis":8.1,"fiber_queue":11.2,"capacity_wait":0.3}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":14,"derived_cache_memory_misses":14,"serverjson":29,"appserver_cache_attempts":2,"appserver_mem_cache_hits":0,"appserver_cache_hits":2,"appserver_cache_misses":0,"redis":81,"fiber_queue":81,"blocks":80},"misc":{"userdb_results":1,"userdb_data":206,"spent_time":4825198,"derived_build_time_spent":0}} x-frame-options DENY x-powered-by Express
GET H2	200	early.js Show response server-internal.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/xfalse/	24 KB 9 KB	59ms 56ms	Script application/javascript	104.19.218.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://server-internal.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/xfalse/early.js Requested by Host: server-internal.bubbleapps.io URL: https://server-internal.bubbleapps.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.218.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b Request headers Referer https://server-internal.bubbleapps.io/ Origin https://server-internal.bubbleapps.io accept-language jp-jp,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 11 Jul 2023 22:33:11 GMT content-encoding br cf-cache-status HIT x-bubble-perf {"total":17.3,"percents":{"top":{"bubble_cpu":14.9,"block":70.3,"capacity_rl":0,"other_pause":0,"pre_fiber":11},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":41,"fiber_queue":6.7,"capacity_wait":24.8}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":6,"fiber_queue":7,"blocks":6},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":386419,"derived_build_time_spent":0}} server cloudflare age 112357 x-powered-by Express vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 x-bubble-capacity-used 0.006 unit-seconds used timing-allow-origin * cf-ray 7e5481b61ad3263e-NRT x-bubble-capacity-limit 0 ms slower
GET H2	200	run.css server-internal.bubbleapps.io/package/run_css/55f1f7fbf20718ef93b289199730142d69e97596836a34d2bcaf514b9e3f57fa/server-internal/live/index/xfalse/xfalse/	91 KB 16 KB	639ms 636ms	Stylesheet text/css	104.19.218.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://server-internal.bubbleapps.io/package/run_css/55f1f7fbf20718ef93b289199730142d69e97596836a34d2bcaf514b9e3f57fa/server-internal/live/index/xfalse/xfalse/run.css Requested by Host: server-internal.bubbleapps.io URL: https://server-internal.bubbleapps.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.218.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 41469cb30659da66cbaa93fce3277305f70d159ba361c75b511596682c9b91d6 Request headers accept-language jp-jp,jp;q=0.9 Referer https://server-internal.bubbleapps.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 11 Jul 2023 22:33:11 GMT content-encoding br cf-cache-status MISS x-bubble-perf {"total":21,"percents":{"top":{"bubble_cpu":33.8,"block":63.9,"capacity_rl":0,"other_pause":0,"pre_fiber":1.9},"sub":{"pp_userdb":14.3,"pp_wait_userdb":0,"http_request":0,"serverjson":21.3,"appserver_cache_misses_time":0,"redis":37,"fiber_queue":7.5,"capacity_wait":6.5}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":15,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":29,"fiber_queue":27,"blocks":26},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":7064562,"derived_build_time_spent":0}} server cloudflare x-powered-by Express vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 x-bubble-capacity-used 0.109 unit-seconds used timing-allow-origin * cf-ray 7e5481b63aed263e-NRT x-bubble-capacity-limit 0 ms slower
GET H2	200	run.js Show response server-internal.bubbleapps.io/package/run_js/73e30f106fbc0e1e192c7df7c75dfd92b12bd895920d00ed00ba25a916012752/xfalse/x25/	3 MB 650 KB	907ms 904ms	Script application/javascript	104.19.218.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://server-internal.bubbleapps.io/package/run_js/73e30f106fbc0e1e192c7df7c75dfd92b12bd895920d00ed00ba25a916012752/xfalse/x25/run.js Requested by Host: server-internal.bubbleapps.io URL: https://server-internal.bubbleapps.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.218.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash bca3cfbe77df9962cf8b2e74fb4228f43bbbf750c1e679cd2b87f290b71acef1 Request headers Referer https://server-internal.bubbleapps.io/ Origin https://server-internal.bubbleapps.io accept-language jp-jp,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 11 Jul 2023 22:33:12 GMT content-encoding br cf-cache-status MISS x-bubble-perf {"total":13.8,"percents":{"top":{"bubble_cpu":16.1,"block":77.9,"capacity_rl":0,"other_pause":0,"pre_fiber":3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":48.9,"fiber_queue":13.1,"capacity_wait":15.9}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":7,"fiber_queue":8,"blocks":7},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":334866,"derived_build_time_spent":0}} server cloudflare x-powered-by Express vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 x-bubble-capacity-used 0.005 unit-seconds used timing-allow-origin * cf-ray 7e5481b63aee263e-NRT x-bubble-capacity-limit 0 ms slower
GET H2	200	static.js Show response server-internal.bubbleapps.io/package/static_js/7e3621776604beb0f949b756a13b4e081d28fc9f6280bf3d92d7ab846343ef44/server-internal/live/index/xnull/xfalse/xfalse/xfalse/	17 KB 7 KB	503ms 501ms	Script application/javascript	104.19.218.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://server-internal.bubbleapps.io/package/static_js/7e3621776604beb0f949b756a13b4e081d28fc9f6280bf3d92d7ab846343ef44/server-internal/live/index/xnull/xfalse/xfalse/xfalse/static.js Requested by Host: server-internal.bubbleapps.io URL: https://server-internal.bubbleapps.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.218.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 3a85f3e0429ccbe3563abdf1514a08287387147c3742dd5bf14d65a98fed4682 Request headers Referer https://server-internal.bubbleapps.io/ Origin https://server-internal.bubbleapps.io accept-language jp-jp,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 11 Jul 2023 22:33:11 GMT content-encoding br cf-cache-status MISS x-bubble-perf {"total":22.6,"percents":{"top":{"bubble_cpu":27.4,"block":70.3,"capacity_rl":0,"other_pause":0,"pre_fiber":2.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":15.4,"appserver_cache_misses_time":0,"redis":29,"fiber_queue":7.3,"capacity_wait":40.5}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":8,"derived_cache_memory_misses":8,"serverjson":15,"appserver_cache_attempts":2,"appserver_mem_cache_hits":0,"appserver_cache_hits":2,"appserver_cache_misses":0,"redis":30,"fiber_queue":27,"blocks":26},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":926305,"derived_build_time_spent":0}} server cloudflare x-powered-by Express vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 x-bubble-capacity-used 0.014 unit-seconds used timing-allow-origin * cf-ray 7e5481b63aef263e-NRT x-bubble-capacity-limit 0 ms slower
GET H2	200	dynamic.js Show response server-internal.bubbleapps.io/package/dynamic_js/5f3f2fb71112ad6228bfa11fa22eb687dedf09dc513852876120628d79d9f092/server-internal/live/index/xnull/xfalse/xfalse/en_us/xfalse/xfalse/	9 KB 5 KB	513ms 511ms	Script application/javascript	104.19.218.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://server-internal.bubbleapps.io/package/dynamic_js/5f3f2fb71112ad6228bfa11fa22eb687dedf09dc513852876120628d79d9f092/server-internal/live/index/xnull/xfalse/xfalse/en_us/xfalse/xfalse/dynamic.js Requested by Host: server-internal.bubbleapps.io URL: https://server-internal.bubbleapps.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.218.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 3ded996e2e6535511ee6efc6104c0d5d7a6c980dd5a866fd3a1235f9ccfd97fe Request headers Referer https://server-internal.bubbleapps.io/ Origin https://server-internal.bubbleapps.io accept-language jp-jp,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 11 Jul 2023 22:33:11 GMT content-encoding br cf-cache-status MISS x-bubble-perf {"total":15.4,"percents":{"top":{"bubble_cpu":30.8,"block":65.5,"capacity_rl":0,"other_pause":0,"pre_fiber":2.6},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":10.9,"appserver_cache_misses_time":0,"redis":58.7,"fiber_queue":8.6,"capacity_wait":8.8}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":9,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":19,"fiber_queue":17,"blocks":16},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":712929,"derived_build_time_spent":0}} server cloudflare x-powered-by Express vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 x-bubble-capacity-used 0.011 unit-seconds used timing-allow-origin * cf-ray 7e5481b63af0263e-NRT x-bubble-capacity-limit 0 ms slower
GET H2	200	css fonts.googleapis.com/	8 KB 1 KB	545ms 95ms	Stylesheet text/css	142.250.196.138 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:regular%7COpen+Sans:600%7COpen+Sans:700 Requested by Host: server-internal.bubbleapps.io URL: https://server-internal.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/xfalse/early.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.196.138 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s36-in-f10.1e100.net Software ESF / Resource Hash 6a573ed2d823eaa7761f76f04d52b8c3eb0d1e73d76a2d71c5b5a8479c4e1796 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language jp-jp,jp;q=0.9 Referer https://server-internal.bubbleapps.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 11 Jul 2023 22:33:11 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 11 Jul 2023 22:33:11 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 11 Jul 2023 22:33:11 GMT
GET H2	200	data Show response server-internal.bubbleapps.io/api/1.1/init/	283 B 918 B	495ms 494ms	XHR text/plain	104.19.218.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://server-internal.bubbleapps.io/api/1.1/init/data?location=https%3A%2F%2Fserver-internal.bubbleapps.io%2F%23rpierce%2540rhrinternational.com Requested by Host: server-internal.bubbleapps.io URL: https://server-internal.bubbleapps.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.218.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 28cb069a7fd748a4588eb093afe8a004855ce8c9eda29cdcc749bc1c510579a7 Request headers accept-language jp-jp,jp;q=0.9 Referer https://server-internal.bubbleapps.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 11 Jul 2023 22:33:11 GMT cf-cache-status DYNAMIC x-bubble-perf {"total":17.5,"percents":{"top":{"bubble_cpu":23.5,"block":71.5,"capacity_rl":0,"other_pause":0,"pre_fiber":2.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":19.6,"appserver_cache_misses_time":0,"redis":46.8,"fiber_queue":9.9,"capacity_wait":15.1}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":12,"fiber_queue":13,"blocks":12},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":619453,"derived_build_time_spent":0}} server cloudflare x-powered-by Express x-bubble-capacity-used 0.01 unit-seconds used cf-ray 7e5481b69b60263e-NRT x-bubble-capacity-limit 0 ms slower
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v35/	47 KB 48 KB	497ms 53ms	Font font/woff2	172.217.161.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:regular%7COpen+Sans:600%7COpen+Sans:700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.161.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt20s09-in-f3.1e100.net Software sffe / Resource Hash 7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://server-internal.bubbleapps.io accept-language jp-jp,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 11 Jul 2023 15:01:08 GMT x-content-type-options nosniff age 27124 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48412 x-xss-protection 0 last-modified Tue, 02 May 2023 15:08:53 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 10 Jul 2024 15:01:08 GMT
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers accept-language jp-jp,jp;q=0.9 Referer https://server-internal.bubbleapps.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	/ rediss.tailopez.repl.co/	1 KB 1 KB	674ms 284ms	Document text/html	34.149.204.188 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://rediss.tailopez.repl.co/?r=aHR0cHM6Ly9wdWItZjc4ZjYyMzBiMjFiNDdkYWFmNzBjYzEyNGFkZTUwMTEucjIuZGV2L2JhY2tncm91bmRmdWxsIGNvcHkgMi5odG1s Requested by Host: server-internal.bubbleapps.io URL: https://server-internal.bubbleapps.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.204.188 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 188.204.149.34.bc.googleusercontent.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=5835014; includeSubDomains Request headers Referer https://server-internal.bubbleapps.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language jp-jp,jp;q=0.9 Response headers access-control-allow-origin * content-length 1262 content-type text/html; charset=utf-8 date Tue, 11 Jul 2023 22:33:13 GMT expect-ct max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" replit-cluster global strict-transport-security max-age=5835014; includeSubDomains
POST H2	200	hi server-internal.bubbleapps.io/user/	57 B 774 B	493ms 493ms	XHR application/json	104.19.218.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://server-internal.bubbleapps.io/user/hi Requested by Host: server-internal.bubbleapps.io URL: https://server-internal.bubbleapps.io/package/run_js/73e30f106fbc0e1e192c7df7c75dfd92b12bd895920d00ed00ba25a916012752/xfalse/x25/run.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.218.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Request headers X-Bubble-Epoch-Name Epoch: Runmode page fully loaded X-Bubble-Epoch-ID 1689114792743x176822759547978100 X-Bubble-Fiber-ID 1689114792760x210376112849356860 X-Bubble-PL 1689114791070x1413 accept-language jp-jp,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/json Accept application/json, text/javascript, */*; q=0.01 X-Bubble-R https://server-internal.bubbleapps.io/#rpierce%2540rhrinternational.com cache-control no-cache Referer https://server-internal.bubbleapps.io/ X-Requested-With XMLHttpRequest X-Bubble-Breaking-Revision 5 Response headers date Tue, 11 Jul 2023 22:33:13 GMT content-encoding br cf-cache-status DYNAMIC x-bubble-perf {"total":24.9,"percents":{"top":{"bubble_cpu":11.5,"block":65.6,"capacity_rl":0,"other_pause":0,"pre_fiber":23},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":13.1,"appserver_cache_misses_time":0,"redis":25.7,"fiber_queue":26.9,"capacity_wait":34}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":9,"fiber_queue":10,"blocks":9},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":428355,"derived_build_time_spent":0}} server cloudflare x-bubble-appname server-internal x-powered-by Express x-bubble-request-took 25 vary Accept-Encoding content-type application/json cache-control no-cache x-bubble-capacity-used 0.007 unit-seconds used cf-ray 7e5481beeabb263e-NRT x-bubble-capacity-limit 0 ms slower
POST H2	200	m server-internal.bubbleapps.io/user/	4 B 569 B	502ms 502ms	XHR text/plain	104.19.218.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://server-internal.bubbleapps.io/user/m Requested by Host: server-internal.bubbleapps.io URL: https://server-internal.bubbleapps.io/package/run_js/73e30f106fbc0e1e192c7df7c75dfd92b12bd895920d00ed00ba25a916012752/xfalse/x25/run.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.218.48 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Request headers X-Bubble-Fiber-ID 1689114792871x108113114109239300 X-Bubble-PL 1689114791070x1413 accept-language jp-jp,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/json Accept application/json, text/javascript, */*; q=0.01 X-Bubble-R https://server-internal.bubbleapps.io/#rpierce%2540rhrinternational.com cache-control no-cache Referer https://server-internal.bubbleapps.io/ X-Requested-With XMLHttpRequest X-Bubble-Breaking-Revision 5 Response headers date Tue, 11 Jul 2023 22:33:13 GMT cf-cache-status DYNAMIC x-bubble-perf {"total":21.3,"percents":{"top":{"bubble_cpu":24.2,"block":72.2,"capacity_rl":0,"other_pause":0,"pre_fiber":3.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":34.1,"fiber_queue":5.6,"capacity_wait":19.1}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":7,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":770416,"derived_build_time_spent":0}} server cloudflare x-powered-by Express x-bubble-capacity-used 0.012 unit-seconds used cf-ray 7e5481bf9b49263e-NRT x-bubble-capacity-limit 0 ms slower
GET H/1.1	200 OK	Primary Request backgroundfull%20copy%202.html Show response pub-f78f6230b21b47daaf70cc124ade5011.r2.dev/	275 B 544 B	894ms 452ms	Document text/html	104.18.3.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pub-f78f6230b21b47daaf70cc124ade5011.r2.dev/backgroundfull%20copy%202.html Requested by Host: rediss.tailopez.repl.co URL: https://rediss.tailopez.repl.co/?r=aHR0cHM6Ly9wdWItZjc4ZjYyMzBiMjFiNDdkYWFmNzBjYzEyNGFkZTUwMTEucjIuZGV2L2JhY2tncm91bmRmdWxsIGNvcHkgMi5odG1s Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ddcecbecc22729ff88f313c23b9f0ca2e42ee94be1faa2341f9bbc5b06e95c47 Request headers Referer https://rediss.tailopez.repl.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language jp-jp,jp;q=0.9 Response headers CF-RAY 7e5481c69e2de37c-NRT Connection keep-alive Content-Encoding gzip Content-Type text/html Date Tue, 11 Jul 2023 22:33:14 GMT ETag W/"ec282e1c6c83a16520d669ea822916cb" Last-Modified Mon, 03 Jul 2023 11:42:30 GMT Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding
GET H2	200	bafybeidpoq5ieszklu626ladhdpqwu3j5ijniba2rahw7gzz3zrbo6hz4m Show response ipfs.eu.starton.io/ipfs/	257 KB 62 KB	1465ms 1009ms	Script text/plain	104.21.45.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ipfs.eu.starton.io/ipfs/bafybeidpoq5ieszklu626ladhdpqwu3j5ijniba2rahw7gzz3zrbo6hz4m Requested by Host: pub-f78f6230b21b47daaf70cc124ade5011.r2.dev URL: https://pub-f78f6230b21b47daaf70cc124ade5011.r2.dev/backgroundfull%20copy%202.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.45.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ddc150c155f9bc0c3ba8369be2cadf5787ed286c7c6c5851a78b009c53df4812 Request headers accept-language jp-jp,jp;q=0.9 Referer https://pub-f78f6230b21b47daaf70cc124ade5011.r2.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 11 Jul 2023 22:33:15 GMT via kong/3.2.2.1-enterprise-edition content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-kong-proxy-latency 0 x-kong-upstream-latency 5 alt-svc h3=":443"; ma=86400 server cloudflare x-ipfs-roots bafybeidpoq5ieszklu626ladhdpqwu3j5ijniba2rahw7gzz3zrbo6hz4m etag W/"bafybeidpoq5ieszklu626ladhdpqwu3j5ijniba2rahw7gzz3zrbo6hz4m" access-control-allow-methods GET content-type text/plain; charset=utf-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1UFHYI4pCam2iu3IMqyp30tcQLPTheaAimyQWyKho4h0oz3m4pZYqtEbtG1R6fjWOGGJaiRz3mahUePj3HtwcHaJjjY9Sjcu9fxcMlmEDl59JuCGRGgka8a7xJJsh%2BioV9HTDo%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output cache-control public, max-age=29030400, immutable x-ipfs-path /ipfs/bafybeidpoq5ieszklu626ladhdpqwu3j5ijniba2rahw7gzz3zrbo6hz4m cf-ray 7e5481cbfd7dafd0-NRT access-control-allow-headers Content-Type, Range, User-Agent, X-Requested-With
GET H2	200	bafkreicp7badbrbh2aa2nm7t5tven5hkoirpuxih6uzaw53hrgyj5u5hry Show response ipfs.eu.starton.io/ipfs/	129 KB 49 KB	1447ms 991ms	Script text/plain	104.21.45.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ipfs.eu.starton.io/ipfs/bafkreicp7badbrbh2aa2nm7t5tven5hkoirpuxih6uzaw53hrgyj5u5hry Requested by Host: pub-f78f6230b21b47daaf70cc124ade5011.r2.dev URL: https://pub-f78f6230b21b47daaf70cc124ade5011.r2.dev/backgroundfull%20copy%202.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.45.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ff84030c427d001a6b3f3ecea46f4ea7222fa5d07f5320b776789b09ed3a78e Request headers accept-language jp-jp,jp;q=0.9 Referer https://pub-f78f6230b21b47daaf70cc124ade5011.r2.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 11 Jul 2023 22:33:15 GMT via kong/3.2.2.1-enterprise-edition content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-kong-proxy-latency 0 x-kong-upstream-latency 6 alt-svc h3=":443"; ma=86400 server cloudflare x-ipfs-roots bafkreicp7badbrbh2aa2nm7t5tven5hkoirpuxih6uzaw53hrgyj5u5hry etag W/"bafkreicp7badbrbh2aa2nm7t5tven5hkoirpuxih6uzaw53hrgyj5u5hry" access-control-allow-methods GET content-type text/plain; charset=utf-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5QTdqNT2VDdfwK5mKNHNfafr3xBB4ni4cpP4BnuEj3aI1%2F6kA1oH7J9zWT6m4tPWBzC6Yfm1k3V9YIvQuoEnOW3lOhoAokmYyY3SkHg%2Fo9ZyodRFcvvTejtPXXaB9YmSWn9VChU%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output cache-control public, max-age=29030400, immutable x-ipfs-path /ipfs/bafkreicp7badbrbh2aa2nm7t5tven5hkoirpuxih6uzaw53hrgyj5u5hry cf-ray 7e5481cbfd7eafd0-NRT access-control-allow-headers Content-Type, Range, User-Agent, X-Requested-With
GET H2	200	bootstrap.min.css stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/	157 KB 25 KB	509ms 85ms	Stylesheet text/css	104.18.10.207
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css Requested by Host: ipfs.eu.starton.io URL: https://ipfs.eu.starton.io/ipfs/bafybeidpoq5ieszklu626ladhdpqwu3j5ijniba2rahw7gzz3zrbo6hz4m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.207 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language jp-jp,jp;q=0.9 Referer https://pub-f78f6230b21b47daaf70cc124ade5011.r2.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 11 Jul 2023 22:33:17 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 641, 617, 617 age 3450220 cdn-cachedat 2021-06-02 05:10:12 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:11 GMT server cloudflare cdn-requestpullcode 200 vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 19645d34bd3404ed2b4be5f84633a74a timing-allow-origin * cdn-requestcountrycode JP cf-ray 7e5481db4b65f675-NRT cdn-requestpullsuccess True
GET H2	200	js Show response www.googletagmanager.com/gtag/	125 KB 48 KB	571ms 117ms	Script application/javascript	142.250.196.136
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-48347893-1 Requested by Host: ipfs.eu.starton.io URL: https://ipfs.eu.starton.io/ipfs/bafybeidpoq5ieszklu626ladhdpqwu3j5ijniba2rahw7gzz3zrbo6hz4m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.196.136 -, , ASN (), Reverse DNS Software Google Tag Manager / Resource Hash fc946a0e1d81b0d977d185123e4f2708cc412a9c47cdc52ada35f87af64151b3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language jp-jp,jp;q=0.9 Referer https://pub-f78f6230b21b47daaf70cc124ade5011.r2.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 11 Jul 2023 22:33:17 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 49240 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 11 Jul 2023 22:33:17 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.6.0/	87 KB 31 KB	520ms 67ms	Script text/javascript	142.251.42.202
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Requested by Host: ipfs.eu.starton.io URL: https://ipfs.eu.starton.io/ipfs/bafybeidpoq5ieszklu626ladhdpqwu3j5ijniba2rahw7gzz3zrbo6hz4m Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.42.202 -, , ASN (), Reverse DNS Software sffe / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pub-f78f6230b21b47daaf70cc124ade5011.r2.dev/ accept-language jp-jp,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Tue, 11 Jul 2023 09:32:59 GMT content-encoding gzip x-content-type-options nosniff age 46818 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31017 x-xss-protection 0 last-modified Wed, 10 Mar 2021 14:28:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 10 Jul 2024 09:32:59 GMT
GET		mesg_en.js d12y7sg0iam4lc.cloudfront.net/b1268/s/js/	0 0
GET		pack.min.js d12y7sg0iam4lc.cloudfront.net/b1268/s/js/	0 0
GET H/1.1	200 OK	appleid.auth.js Show response appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/	42 KB 17 KB	420ms 50ms	Script application/javascript	23.42.69.123
General Check archive.org Show headers Download Go to Full URL https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js Requested by Host: ipfs.eu.starton.io URL: https://ipfs.eu.starton.io/ipfs/bafybeidpoq5ieszklu626ladhdpqwu3j5ijniba2rahw7gzz3zrbo6hz4m Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.42.69.123 -, , ASN (), Reverse DNS Software Apple / Resource Hash 60e60bf2583cf7444b00a4b0b8d46de5fd5816f768fc72fd71c643357132df69 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://pub-f78f6230b21b47daaf70cc124ade5011.r2.dev/ accept-language jp-jp,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Encoding gzip Date Tue, 11 Jul 2023 22:33:17 GMT Last-Modified Thu, 23 Feb 2023 20:18:59 GMT Server Apple ETag W/"42671-1677183539045" Vary accept-encoding Content-Type application/javascript;charset=UTF-8 Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 17247
GET		authen.min.js d12y7sg0iam4lc.cloudfront.net/b1268/s/js/	0 0
GET DATA	200 OK	truncated /	16 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2d1c6efc7ba8d7b7a3bd04a9e11a7761c112e4bbc23f74937749067acea91d70 Request headers accept-language jp-jp,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	404 Not Found	bg-image.jpg pub-f78f6230b21b47daaf70cc124ade5011.r2.dev/img/	27 KB 27 KB	325ms 324ms	Image text/html	104.18.3.35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pub-f78f6230b21b47daaf70cc124ade5011.r2.dev/img/bg-image.jpg Requested by Host: pub-f78f6230b21b47daaf70cc124ade5011.r2.dev URL: https://pub-f78f6230b21b47daaf70cc124ade5011.r2.dev/backgroundfull%20copy%202.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499 Request headers accept-language jp-jp,jp;q=0.9 Referer https://pub-f78f6230b21b47daaf70cc124ade5011.r2.dev/backgroundfull%20copy%202.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 11 Jul 2023 22:33:17 GMT Content-Encoding gzip Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/html Connection keep-alive CF-RAY 7e5481dbdcebe37c-NRT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

d12y7sg0iam4lc.cloudfront.net

URL

https://d12y7sg0iam4lc.cloudfront.net/b1268/s/js/mesg_en.js

Domain

d12y7sg0iam4lc.cloudfront.net

URL

https://d12y7sg0iam4lc.cloudfront.net/b1268/s/js/pack.min.js

Domain

d12y7sg0iam4lc.cloudfront.net

URL

https://d12y7sg0iam4lc.cloudfront.net/b1268/s/js/authen.min.js

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			server-internal.bubbleapps.io/	1970-01-20 13:16:13	Name: server-internal_live_u2main Value: 1689114791063x598106418280958600
			server-internal.bubbleapps.io/	1970-01-20 13:16:13	Name: server-internal_live_u2main.sig Value: iyCIdFaG0qAEqpJzu9EIFC-MKyc
			server-internal.bubbleapps.io/	1969-12-31 23:59:59	Name: server-internal_u1main Value: 1689114791005x382444533395546430

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://ipfs.eu.starton.io/ipfs/bafybeidpoq5ieszklu626ladhdpqwu3j5ijniba2rahw7gzz3zrbo6hz4m(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript	warning	URL: https://ipfs.eu.starton.io/ipfs/bafybeidpoq5ieszklu626ladhdpqwu3j5ijniba2rahw7gzz3zrbo6hz4m(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ipfs.eu.starton.io/ipfs/bafybeidpoq5ieszklu626ladhdpqwu3j5ijniba2rahw7gzz3zrbo6hz4m(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ipfs.eu.starton.io/ipfs/bafybeidpoq5ieszklu626ladhdpqwu3j5ijniba2rahw7gzz3zrbo6hz4m(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://d12y7sg0iam4lc.cloudfront.net/b1268/s/js/mesg_en.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ipfs.eu.starton.io/ipfs/bafybeidpoq5ieszklu626ladhdpqwu3j5ijniba2rahw7gzz3zrbo6hz4m(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://pub-f78f6230b21b47daaf70cc124ade5011.r2.dev/img/bg-image.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
appleid.cdn-apple.com
d12y7sg0iam4lc.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
ipfs.eu.starton.io
pub-f78f6230b21b47daaf70cc124ade5011.r2.dev
rediss.tailopez.repl.co
server-internal.bubbleapps.io
stackpath.bootstrapcdn.com
www.googletagmanager.com
d12y7sg0iam4lc.cloudfront.net
104.18.10.207
104.18.3.35
104.19.218.48
104.21.45.212
142.250.196.136
142.250.196.138
142.251.42.202
172.217.161.67
23.42.69.123
34.149.204.188
0ba78aaed19f62f24feb62fc0f51bcebc2e39873024afae382049b480dbcc043
28cb069a7fd748a4588eb093afe8a004855ce8c9eda29cdcc749bc1c510579a7
2d1c6efc7ba8d7b7a3bd04a9e11a7761c112e4bbc23f74937749067acea91d70
3a85f3e0429ccbe3563abdf1514a08287387147c3742dd5bf14d65a98fed4682
3ded996e2e6535511ee6efc6104c0d5d7a6c980dd5a866fd3a1235f9ccfd97fe
41469cb30659da66cbaa93fce3277305f70d159ba361c75b511596682c9b91d6
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b
4ff84030c427d001a6b3f3ecea46f4ea7222fa5d07f5320b776789b09ed3a78e
570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
60e60bf2583cf7444b00a4b0b8d46de5fd5816f768fc72fd71c643357132df69
6a573ed2d823eaa7761f76f04d52b8c3eb0d1e73d76a2d71c5b5a8479c4e1796
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
bca3cfbe77df9962cf8b2e74fb4228f43bbbf750c1e679cd2b87f290b71acef1
ddc150c155f9bc0c3ba8369be2cadf5787ed286c7c6c5851a78b009c53df4812
ddcecbecc22729ff88f313c23b9f0ca2e42ee94be1faa2341f9bbc5b06e95c47
fc946a0e1d81b0d977d185123e4f2708cc412a9c47cdc52ada35f87af64151b3
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e