heteroplasm.xyz Open in urlscan Pro
104.21.45.141 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://heteroplasm.xyz/?fb=567394578796898&utm_source=cr23&fbclid=IwAR21DbVkp4BubsnnkAphIyIZRtdyoArnWh95XJ_9uh6dTUEAm-M...
Submission: On May 10 via manual (May 10th 2023, 5:57:33 am UTC) from RO — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 104.21.45.141, located in and belongs to CLOUDFLARENET, US. The main domain is heteroplasm.xyz.
TLS certificate: Issued by GTS CA 1P5 on March 28th 2023. Valid for: 3 months.

This is the only time heteroplasm.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	104.21.45.141 104.21.45.141	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
11	3

3 104.21.45.141 (None, )

ASN13335 (CLOUDFLARENET, US)

heteroplasm.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	gstatic.com fonts.gstatic.com	271 KB
3	heteroplasm.xyz heteroplasm.xyz	90 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	2 KB
11	3

	Domain	Requested by
6	fonts.gstatic.com	fonts.googleapis.com
3	heteroplasm.xyz	heteroplasm.xyz
2	fonts.googleapis.com	heteroplasm.xyz
11	3

This site contains no links.

Subject Issuer	Validity	Valid
*.heteroplasm.xyz GTS CA 1P5	`2023-03-28` - `2023-06-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://heteroplasm.xyz/?fb=567394578796898&utm_source=cr23&fbclid=IwAR21DbVkp4BubsnnkAphIyIZRtdyoArnWh95XJ_9uh6dTUEAm-MuSnc0hnc
Frame ID: 5B11D6169F009B980AE11F1ABF388D8E
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cât trebuie să câștigi și ce bani să investești pentru a trăi bine fără să faci nimic. Galopând printre inflație, depozite, titluri de stat și randamente - HotNews.ro

Page Statistics

11
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

363 kB
Transfer

609 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
heteroplasm.xyz/ 139 KB
21 KB 152ms
107ms Document
text/html 104.21.45.141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heteroplasm.xyz/?fb=567394578796898&utm_source=cr23&fbclid=IwAR21DbVkp4BubsnnkAphIyIZRtdyoArnWh95XJ_9uh6dTUEAm-MuSnc0hnc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.45.141 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f442ccbb0bf88e1ec58012f225d05ca6e62b4331be4fa1c1383a8f96a2386136

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c4ff1d6aa2a1a86-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 10 May 2023 05:57:26 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Us7etng3xQZ%2FsFQ%2B%2FZGD2ZRwn8QiY4x6Hq3t7DKiwl2nIE0YOsWej5ggzMA2TsBDSTzSu9xk3IZFFeiFuXTtIDxfBKy5wHvuY3VQzKv25pwF6JML8q%2BBeXQPnokDTEMsVpI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 hn-758825230b6a5b51ae9e.css
heteroplasm.xyz/index_files/ 95 KB
14 KB 69ms
69ms Stylesheet
text/css 104.21.45.141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://heteroplasm.xyz/index_files/hn-758825230b6a5b51ae9e.css
Requested by: Host: heteroplasm.xyz
URL: https://heteroplasm.xyz/?fb=567394578796898&utm_source=cr23&fbclid=IwAR21DbVkp4BubsnnkAphIyIZRtdyoArnWh95XJ_9uh6dTUEAm-MuSnc0hnc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.45.141 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ea97134fed64d60ebdaff92164a3b3275e8fe4b062472834e82c2f3d89af4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heteroplasm.xyz/?fb=567394578796898&utm_source=cr23&fbclid=IwAR21DbVkp4BubsnnkAphIyIZRtdyoArnWh95XJ_9uh6dTUEAm-MuSnc0hnc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 05:57:26 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 09 May 2023 12:53:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qiiO2dvueTDJ%2BM3OHWuNSL8rb6wqrGxhblXWbbZjcsTm0W%2B4sQtLgXdq3WvOrgN3x8uEzPsb6tOleCCy0XM1ImRrXw%2B1UNFRl2xd37Z%2FP9V9Iqs2eRaGo6LOYes2JZupYQk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7c4ff1d75ae01a86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 image-2020-08-10-24222162-41-investitiile-randamentele-petru-trai-decent.jpg
heteroplasm.xyz/index_files/ 55 KB
55 KB 99ms
98ms Image
image/jpeg 104.21.45.141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heteroplasm.xyz/index_files/image-2020-08-10-24222162-41-investitiile-randamentele-petru-trai-decent.jpg
Requested by: Host: heteroplasm.xyz
URL: https://heteroplasm.xyz/?fb=567394578796898&utm_source=cr23&fbclid=IwAR21DbVkp4BubsnnkAphIyIZRtdyoArnWh95XJ_9uh6dTUEAm-MuSnc0hnc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.45.141 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c046aa52fe5dbe423c1a84975c9f773402216a8c0772c840527394074186c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heteroplasm.xyz/?fb=567394578796898&utm_source=cr23&fbclid=IwAR21DbVkp4BubsnnkAphIyIZRtdyoArnWh95XJ_9uh6dTUEAm-MuSnc0hnc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 05:57:26 GMT
cf-cache-status: MISS
last-modified: Wed, 10 May 2023 05:57:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ZGN6QkVtkj3NfvT%2BFNJveLf6d1PdDzHkrCaBRMmfj5mGgCk5nFPeTEpiTy481zRCWb9ToJ2ShCehYOf2akWEAyKSnxoPWAEapznpVn7q0EGDzTxWbdpDP65Hz4uWuEimE4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7c4ff1d76af31a86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55936

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 41ms
16ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800;900

Requested by

Host: heteroplasm.xyz
URL: https://heteroplasm.xyz/index_files/hn-758825230b6a5b51ae9e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d7ed5cb2244b2151b01d8bdac5ccdebcc3b720abf89b6773b7f614f57f650dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heteroplasm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 May 2023 05:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 May 2023 04:55:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 May 2023 05:57:26 GMT

GET
H2 200 css2
fonts.googleapis.com/ 38 KB
1 KB 41ms
17ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Literata:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: heteroplasm.xyz
URL: https://heteroplasm.xyz/index_files/hn-758825230b6a5b51ae9e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2c60c0c76d064a9b6302d986b9d3f985b52daf700f23067d12f3f6723a123065

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://heteroplasm.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 May 2023 05:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 May 2023 04:45:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 May 2023 05:57:26 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
38 KB 35ms
9ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800;900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://heteroplasm.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 06:05:37 GMT
x-content-type-options: nosniff
age: 345109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 06:05:37 GMT

GET
H2 200 or38Q6P12-iJxAIgLa78DkrbXsDgk0oVDaDlbJ5W.woff2
fonts.gstatic.com/s/literata/v34/ 49 KB
50 KB 53ms
28ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/literata/v34/or38Q6P12-iJxAIgLa78DkrbXsDgk0oVDaDlbJ5W.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Literata:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90d020587c3ed2fe68f07bcde1872375b99258aee2594f4e3cb9a1bd0f86f671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://heteroplasm.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 22:45:12 GMT
x-content-type-options: nosniff
age: 285134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50612
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 20:58:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 22:45:12 GMT

GET
H2 200 or3yQ6P12-iJxAIgLYT1PLs1Zd0nfUwAbeGVKq5U5Ck.woff2
fonts.gstatic.com/s/literata/v34/ 51 KB
51 KB 55ms
30ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/literata/v34/or3yQ6P12-iJxAIgLYT1PLs1Zd0nfUwAbeGVKq5U5Ck.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55044b480da1b1191d6848ab95264e800d956050b88c09f18aacfcb4170ce5b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://heteroplasm.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 21:33:23 GMT
x-content-type-options: nosniff
age: 289443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51788
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 20:51:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 21:33:23 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2
fonts.gstatic.com/s/inter/v12/ 56 KB
56 KB 48ms
25ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800;900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45606f837ab8530c01f3602592ed7a118450be4ef3f629ca644d0543099e5c6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://heteroplasm.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 17:41:23 GMT
x-content-type-options: nosniff
age: 303363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56968
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 21:29:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 17:41:23 GMT

GET
H2 200 or38Q6P12-iJxAIgLa78DkrbXsDgk0oVDaDlYp5W_C0.woff2
fonts.gstatic.com/s/literata/v34/ 38 KB
38 KB 41ms
23ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/literata/v34/or38Q6P12-iJxAIgLa78DkrbXsDgk0oVDaDlYp5W_C0.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4bd07f40291063becb644771c51f7bdba68f565c98aafe50364058f8254302d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://heteroplasm.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 05 May 2023 08:38:53 GMT
x-content-type-options: nosniff
age: 422313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39256
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 20:40:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 May 2024 08:38:53 GMT

GET
H2 200 or3yQ6P12-iJxAIgLYT1PLs1Zd0nfUwAbeGVKq5a5ClqOw.woff2
fonts.gstatic.com/s/literata/v34/ 38 KB
39 KB 26ms
17ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/literata/v34/or3yQ6P12-iJxAIgLYT1PLs1Zd0nfUwAbeGVKq5a5ClqOw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

979486bd6ae32e93d4aef59603a7238f50fbcbc9c07d08d969e0d38a1fb9ca0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://heteroplasm.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 21:02:42 GMT
x-content-type-options: nosniff
age: 291284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39412
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 20:54:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 21:02:42 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			heteroplasm.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: 7aa972f1f2fe26ae83bda691cb152527

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
heteroplasm.xyz
104.21.45.141
2a00:1450:4001:810::200a
2a00:1450:4001:829::2003
1d7ed5cb2244b2151b01d8bdac5ccdebcc3b720abf89b6773b7f614f57f650dc
22ea97134fed64d60ebdaff92164a3b3275e8fe4b062472834e82c2f3d89af4f
2c60c0c76d064a9b6302d986b9d3f985b52daf700f23067d12f3f6723a123065
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
45606f837ab8530c01f3602592ed7a118450be4ef3f629ca644d0543099e5c6b
55044b480da1b1191d6848ab95264e800d956050b88c09f18aacfcb4170ce5b7
5c046aa52fe5dbe423c1a84975c9f773402216a8c0772c840527394074186c21
90d020587c3ed2fe68f07bcde1872375b99258aee2594f4e3cb9a1bd0f86f671
979486bd6ae32e93d4aef59603a7238f50fbcbc9c07d08d969e0d38a1fb9ca0e
f442ccbb0bf88e1ec58012f225d05ca6e62b4331be4fa1c1383a8f96a2386136
f4bd07f40291063becb644771c51f7bdba68f565c98aafe50364058f8254302d

heteroplasm.xyz Open in urlscan Pro 104.21.45.141 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

11 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

363 kBTransfer

609 kBSize

1 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

Indicators

heteroplasm.xyz Open in urlscan Pro
104.21.45.141 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

363 kB
Transfer

609 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions