urlscan.io logo urlscan.io
SecurityTrails logo

goreyhallucination.carrd.co Open in urlscan Pro
104.18.40.34  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://goreyhallucination.carrd.co/
Effective URL: https://goreyhallucination.carrd.co/
Submission: On March 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 11 domains to perform 26 HTTP transactions. The main IP is 104.18.40.34, located in and belongs to CLOUDFLARENET, US. The main domain is goreyhallucination.carrd.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 29th 2024. Valid for: 10 months.
This is the only time goreyhallucination.carrd.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.64.147.222 13335 (CLOUDFLAR...)
4 104.18.40.34 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
6 162.159.133.232 13335 (CLOUDFLAR...)
1 172.64.155.41 13335 (CLOUDFLAR...)
3 104.18.37.69 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 192.0.77.40 2635 (AUTOMATTIC)
1 2606:50c0:800... 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 2620:100:6022... 19679 (DROPBOX)
1 162.159.134.233 13335 (CLOUDFLAR...)
26 11
1    172.64.147.222 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
goreyhallucination.carrd.co
4    104.18.40.34 (None, )

ASN13335 (CLOUDFLARENET, US)
goreyhallucination.carrd.co
enchantments.carrd.co
maguro.carrd.co
3    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    162.159.133.232 (None, )

ASN13335 (CLOUDFLARENET, US)
media.discordapp.net
1    172.64.155.41 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
supplies.ju.mp
3    104.18.37.69 (None, )

ASN13335 (CLOUDFLARENET, US)
gifs.crd.co
literature.crd.co
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    192.0.77.40 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com
static.tumblr.com
1    2606:50c0:8002::153 (United States)

ASN54113 (FASTLY, US)
glenthemes.github.io
4    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2620:100:6022:15::a27d:420f (United States)

ASN19679 (DROPBOX, US)
dl.dropbox.com
dl.dropboxusercontent.com
1    162.159.134.233 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.discordapp.com
Apex Domain
Subdomains		 Transfer
6 discordapp.net
media.discordapp.net — Cisco Umbrella Rank: 5434
216 B
5 carrd.co
goreyhallucination.carrd.co
enchantments.carrd.co
maguro.carrd.co
53 KB
4 gstatic.com
fonts.gstatic.com
128 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
ajax.googleapis.com — Cisco Umbrella Rank: 368
36 KB
3 crd.co
gifs.crd.co
literature.crd.co
4 KB
1 discordapp.com
cdn.discordapp.com — Cisco Umbrella Rank: 2893
833 B
1 dropboxusercontent.com
dl.dropboxusercontent.com — Cisco Umbrella Rank: 17327
1 dropbox.com
dl.dropbox.com — Cisco Umbrella Rank: 61884
341 B
1 github.io
glenthemes.github.io — Cisco Umbrella Rank: 458663
2 KB
1 tumblr.com
static.tumblr.com — Cisco Umbrella Rank: 65092
16 KB
1 ju.mp
supplies.ju.mp
694 B
26 11
Domain Requested by
6 media.discordapp.net goreyhallucination.carrd.co
4 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com goreyhallucination.carrd.co
3 goreyhallucination.carrd.co 1 redirects goreyhallucination.carrd.co
2 literature.crd.co goreyhallucination.carrd.co
1 cdn.discordapp.com goreyhallucination.carrd.co
1 dl.dropboxusercontent.com goreyhallucination.carrd.co
1 dl.dropbox.com 1 redirects
1 glenthemes.github.io goreyhallucination.carrd.co
1 static.tumblr.com goreyhallucination.carrd.co
1 ajax.googleapis.com goreyhallucination.carrd.co
1 maguro.carrd.co goreyhallucination.carrd.co
1 gifs.crd.co goreyhallucination.carrd.co
1 supplies.ju.mp goreyhallucination.carrd.co
1 enchantments.carrd.co goreyhallucination.carrd.co
26 15

This site contains no links.

Subject Issuer Validity Valid
carrd.co
Cloudflare Inc ECC CA-3		 2024-02-29 -
2024-12-31		 10 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
discordapp.net
Cloudflare Inc ECC CA-3		 2023-09-03 -
2024-09-02		 a year crt.sh
ju.mp
GTS CA 1P5		 2024-01-17 -
2024-04-16		 3 months crt.sh
crd.co
Cloudflare Inc ECC CA-3		 2024-02-12 -
2024-12-31		 a year crt.sh
*.tumblr.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-15 -
2024-12-15		 a year crt.sh
*.github.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-21 -
2024-03-20		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
discordapp.com
Cloudflare Inc ECC CA-3		 2023-10-20 -
2024-10-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://goreyhallucination.carrd.co/
Frame ID: 6FE0777E15368C5EEE3CE9822A1EC7AE
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

this is my design.

Page URL History Show full URLs

  1. http://goreyhallucination.carrd.co/ HTTP 301
    https://goreyhallucination.carrd.co/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

96 %
HTTPS

42 %
IPv6

11
Domains

15
Subdomains

11
IPs

3
Countries

239 kB
Transfer

512 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://goreyhallucination.carrd.co/ HTTP 301
    https://goreyhallucination.carrd.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://dl.dropbox.com/scl/fi/vflr362i2ncaseou6nb6i/Tool-Sober-Lyrics.mp3?rlkey=9ys8icdffsqokoqwjva67pmk3&dl=0 HTTP 302
  • https://dl.dropboxusercontent.com/scl/fi/vflr362i2ncaseou6nb6i/Tool-Sober-Lyrics.mp3?rlkey=9ys8icdffsqokoqwjva67pmk3&dl=0

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
goreyhallucination.carrd.co/
Redirect Chain
  • http://goreyhallucination.carrd.co/
  • https://goreyhallucination.carrd.co/
66 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://goreyhallucination.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9998653cd0c949547caeb377a14b32a9575efc7e36e18d490fa0f30d445d24f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0
cf-cache-status
DYNAMIC
cf-ray
86291e7c28b54d95-FRA
content-encoding
gzip
content-type
text/html
date
Mon, 11 Mar 2024 05:24:36 GMT
expires
Mon, 11 Mar 2024 05:24:36 GMT
last-modified
Mon, 12 Feb 2024 07:09:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
86291e7a7ba671d6-FRA
Cache-Control
max-age=0
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 11 Mar 2024 05:24:35 GMT
Expires
Mon, 11 Mar 2024 05:24:35 GMT
Location
https://goreyhallucination.carrd.co/
Server
cloudflare
Transfer-Encoding
chunked
css2
fonts.googleapis.com/ 		2 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?display=swap&family=Mansalva:ital,wght@0,400;1,400&family=Comic+Neue:ital,wght@0,700;1,700
Requested by
Host: goreyhallucination.carrd.co
URL: https://goreyhallucination.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
40dce14fbafaccf4dfc6a35baa56e6cff360fcac70c7340588c04f93f86627be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goreyhallucination.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 11 Mar 2024 05:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 05:24:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Mar 2024 05:24:36 GMT
image01.jpg
goreyhallucination.carrd.co/assets/images/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://goreyhallucination.carrd.co/assets/images/image01.jpg?v=74ee1aba
Requested by
Host: goreyhallucination.carrd.co
URL: https://goreyhallucination.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f511065e5987fdcf9d3a505cae89baec23edf79ba08f39aed924b8bd1d6e8fd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goreyhallucination.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 05:24:36 GMT
cf-cache-status
MISS
last-modified
Thu, 08 Feb 2024 19:22:59 GMT
server
cloudflare
etag
"9a18-610e3bd4afdc8"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
86291e7eaba34d95-FRA
content-length
39448
expires
Mon, 18 Mar 2024 05:24:36 GMT
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter&display=swap
Requested by
Host: goreyhallucination.carrd.co
URL: https://goreyhallucination.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
134d30ed9c825909dd32af40d469aaafedfe1b17447abee0ed6c43c7254d2a48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goreyhallucination.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 11 Mar 2024 05:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 04:32:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Mar 2024 05:24:36 GMT
IMG_8088.gif
media.discordapp.net/attachments/1095578021433458708/1095616831546474526/ 		36 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.discordapp.net/attachments/1095578021433458708/1095616831546474526/IMG_8088.gif
Requested by
Host: goreyhallucination.carrd.co
URL: https://goreyhallucination.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3fa59901d56ce8a95a303b22fd119cb94abf4f43c4f6d60a81fd78b7d00fa65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goreyhallucination.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 05:24:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ha9S5xmM4rMk1e5t4WWu1CCgP%2BBG9JJ%2F9qLPlqX%2FUXMluBMiRj9GETNDsJMjjl2eiNw%2Fgm21cIfHZkZZSjHkEqxrepJfg85zFYUW8UXdcenuL4X%2BgmETcRJkr3sl%2FECws07Wybis"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray
86291e7eda0b3a86-FRA
content-length
36
alt-svc
h3=":443"; ma=86400
IMG_9934.gif
media.discordapp.net/attachments/1095914392417226792/1099246318599294976/ 		36 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.discordapp.net/attachments/1095914392417226792/1099246318599294976/IMG_9934.gif
Requested by
Host: goreyhallucination.carrd.co
URL: https://goreyhallucination.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3fa59901d56ce8a95a303b22fd119cb94abf4f43c4f6d60a81fd78b7d00fa65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goreyhallucination.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 05:24:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWaEs4ACU3AV1lwJmhAqmdRFvfdIHqj8TV7%2FpurJw5007KZsfxxQXZrMT8GzO8w9U9wYs%2B7zwkr%2Fr3pX2EFNXIndWOAyLARXp8LURz2FbsungY6RFAYXRdDzZjN66HnV%2FrHoPD8g"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray
86291e7eda0d3a86-FRA
content-length
36
alt-svc
h3=":443"; ma=86400
e4e26362.gif
enchantments.carrd.co/assets/images/gallery01/ 		605 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://enchantments.carrd.co/assets/images/gallery01/e4e26362.gif?v=82b4b006
Requested by
Host: goreyhallucination.carrd.co
URL: https://goreyhallucination.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21778d4b6e5a0d8d92f69e0839594121fa491b01c037379bd22bed2685bf77bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goreyhallucination.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 05:24:36 GMT
cf-cache-status
MISS
last-modified
Thu, 14 Apr 2022 04:55:22 GMT
server
cloudflare
etag
"25d-5dc9619f184e8"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
86291e7ebbc64d95-FRA
content-length
605
expires
Mon, 18 Mar 2024 05:24:36 GMT
d4578e20_original.gif
supplies.ju.mp/assets/images/gallery04/ 		474 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supplies.ju.mp/assets/images/gallery04/d4578e20_original.gif?v=71d9b67b
Requested by
Host: goreyhallucination.carrd.co
URL: https://goreyhallucination.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.41 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7015cf0330fa49ba79b60f194dc2c3df326b68b10fd2012cb0f1cd8004e81f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goreyhallucination.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 05:24:36 GMT
cf-cache-status
MISS
last-modified
Thu, 08 Sep 2022 04:15:04 GMT
server
cloudflare
etag
"1da-5e822ac859140"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
86291e7eec8a0476-FRA
content-length
474
expires
Mon, 18 Mar 2024 05:24:36 GMT
92f44df8.gif
gifs.crd.co/assets/images/gallery24/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gifs.crd.co/assets/images/gallery24/92f44df8.gif?v=d417d32b
Requested by
Host: goreyhallucination.carrd.co
URL: https://goreyhallucination.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6c48cd431b3d9156e7ea617e88a6b98d26d344d4863ca814bb3bd96a984fdfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goreyhallucination.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 05:24:36 GMT
cf-cache-status
MISS
last-modified
Sat, 24 Dec 2022 03:46:13 GMT
server
cloudflare
etag
"615-5f08abe5b5920"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
86291e7eded93665-FRA
content-length
1557
expires
Mon, 18 Mar 2024 05:24:36 GMT
02134E32-2E8F-4CF7-BD54-E5AD2198E003.gif
media.discordapp.net/attachments/1022237480872857742/1026925398266761300/ 		36 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.discordapp.net/attachments/1022237480872857742/1026925398266761300/02134E32-2E8F-4CF7-BD54-E5AD2198E003.gif
Requested by
Host: goreyhallucination.carrd.co
URL: https://goreyhallucination.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3fa59901d56ce8a95a303b22fd119cb94abf4f43c4f6d60a81fd78b7d00fa65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goreyhallucination.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 05:24:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2Fa%2Fg8n23bePwmcHKed0h1%2BeP7GYMdEHThcthLHYqD16lTvp1oopebKsZi%2BrKwGUKUWJiRsBe92Ota7tYaUiab6KBmAbbPFQvP92lxuz0MODi45iYZGwSqsL2rY8wmVwYiZDN7do"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray
86291e7eea193a86-FRA
content-length
36
alt-svc
h3=":443"; ma=86400
F72512F1-5A79-4515-925F-09D0A232C4B9.gif
media.discordapp.net/attachments/1022237480872857742/1026925396861653032/ 		36 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.discordapp.net/attachments/1022237480872857742/1026925396861653032/F72512F1-5A79-4515-925F-09D0A232C4B9.gif
Requested by
Host: goreyhallucination.carrd.co
URL: https://goreyhallucination.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3fa59901d56ce8a95a303b22fd119cb94abf4f43c4f6d60a81fd78b7d00fa65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goreyhallucination.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 05:24:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W91L%2B7hWwVrb9PVku2lygrP7ez8rHMWP85OPBK%2BgjVleNCRWM3YM%2FgOtUBkni48aMGn5jwukYusyTln0WBYlaEDhyjhPwfwbFXypmRegl2Ku%2FjeGJssSQNtfAomdzEMcCuRUE6zM"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray
86291e7eea1a3a86-FRA
content-length
36
alt-svc
h3=":443"; ma=86400
IMG_0383.gif
media.discordapp.net/attachments/1095914392417226792/1125306062044667904/ 		36 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.discordapp.net/attachments/1095914392417226792/1125306062044667904/IMG_0383.gif
Requested by
Host: goreyhallucination.carrd.co
URL: https://goreyhallucination.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3fa59901d56ce8a95a303b22fd119cb94abf4f43c4f6d60a81fd78b7d00fa65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goreyhallucination.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 05:24:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tAUobOz%2Bcw3zz4c0C9itSzcLf9KOvoHNqWghFS7C1mA3GjVQhE80g18aUyl%2FNxHZp8V4eUruqNaEsz%2F713drMiXro02GlHIEkNimxON01jLiRDQdhbnjVaxgBpoP2lgi4NlW7OZ"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray
86291e7eea1b3a86-FRA
content-length
36
alt-svc
h3=":443"; ma=86400
IMG_8090.gif
media.discordapp.net/attachments/1095578021433458708/1095616676063613038/ 		36 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.discordapp.net/attachments/1095578021433458708/1095616676063613038/IMG_8090.gif
Requested by
Host: goreyhallucination.carrd.co
URL: https://goreyhallucination.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3fa59901d56ce8a95a303b22fd119cb94abf4f43c4f6d60a81fd78b7d00fa65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goreyhallucination.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 05:24:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xPQ2Im2%2BFh6TKKZLhQpHZkdNxo%2BWihYCR5P6ceNtJDxbR1KBK7UflnOgL3jxydin96NK7XzEHUxGOYGL5BFWGCBi63mIygl7Syc9G0bRW4qDyhsgPal5NaRLC42EWlAuEkidg84K"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray
86291e7eea1c3a86-FRA
content-length
36
alt-svc
h3=":443"; ma=86400
066c30ea.gif
literature.crd.co/assets/images/gallery05/ 		605 B
682 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://literature.crd.co/assets/images/gallery05/066c30ea.gif?v=0b76180b
Requested by
Host: goreyhallucination.carrd.co
URL: https://goreyhallucination.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8acc136f2681278603a76c889fd042763a0791f327b3933aeece049cc9a25b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goreyhallucination.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 05:24:36 GMT
cf-cache-status
MISS
last-modified
Wed, 05 Apr 2023 18:57:47 GMT
server
cloudflare
etag
"25d-5f89b5e2a5448"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
86291e7f1efd3665-FRA
content-length
605
expires
Mon, 18 Mar 2024 05:24:36 GMT
0605435a.gif
literature.crd.co/assets/images/gallery05/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://literature.crd.co/assets/images/gallery05/0605435a.gif?v=0b76180b
Requested by
Host: goreyhallucination.carrd.co
URL: https://goreyhallucination.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.37.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2260af10d3e50dc70138cf7176129a0cbcf5e6d42ff6cfe376e03509b6192e99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goreyhallucination.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 05:24:36 GMT
cf-cache-status
MISS
last-modified
Wed, 05 Apr 2023 18:57:47 GMT
server
cloudflare
etag
"409-5f89b5e2c6f58"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
86291e7f1efe3665-FRA
content-length
1033
expires
Mon, 18 Mar 2024 05:24:36 GMT
026d1580.gif
maguro.carrd.co/assets/images/gallery08/ 		411 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maguro.carrd.co/assets/images/gallery08/026d1580.gif?v=10a293e5
Requested by
Host: goreyhallucination.carrd.co
URL: https://goreyhallucination.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
956a8b6213a3aa0cc2cab6945ddaa93abc26905ce2aa3157e0fffb2a5150f428

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goreyhallucination.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 05:24:36 GMT
cf-cache-status
HIT
last-modified
Fri, 19 May 2023 01:48:13 GMT
server
cloudflare
age
110893
etag
"19b-5fc021d351328"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
86291e7efbf54d95-FRA
content-length
411
expires
Mon, 18 Mar 2024 05:24:36 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7/ 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7/jquery.min.js
Requested by
Host: goreyhallucination.carrd.co
URL: https://goreyhallucination.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goreyhallucination.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 08:53:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
505883
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33845
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Mar 2025 08:53:13 GMT
css
fonts.googleapis.com/ 		1 KB
658 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans
Requested by
Host: goreyhallucination.carrd.co
URL: https://goreyhallucination.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
940931f0ba25fcac9201b6265c4b10480f65b5645a845fd90c91e2a38dca20ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goreyhallucination.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 11 Mar 2024 05:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 05:12:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Mar 2024 05:24:36 GMT
feathericons.js
static.tumblr.com/2pnwama/DLppehqvd/ 		63 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tumblr.com/2pnwama/DLppehqvd/feathericons.js
Requested by
Host: goreyhallucination.carrd.co
URL: https://goreyhallucination.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
996faa1e43fea0697991446f5eaaa57c6246d4b00e0bfed5234494a3511d1f57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goreyhallucination.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Mon, 11 Mar 2024 05:24:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload
last-modified
Mon, 03 Sep 2018 17:50:02 GMT
server
nginx
etag
W/"7a037081c08b58d9227edc0af84f9455"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
glenplayer06.js
glenthemes.github.io/-music-/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://glenthemes.github.io/-music-/glenplayer06.js
Requested by
Host: goreyhallucination.carrd.co
URL: https://goreyhallucination.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
e1eeda0d0c61d39df0776c3f0065ebb9d1aacddceb97ad96881c7cf2c08a617f
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goreyhallucination.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-fastly-request-id
93a716499f4dbad3e341ddd505aef596afbe5f7e
strict-transport-security
max-age=31556952
content-encoding
gzip
via
1.1 varnish
date
Mon, 11 Mar 2024 05:24:36 GMT
age
0
x-cache
HIT
x-cache-hits
1
x-proxy-cache
MISS
content-length
1226
x-served-by
cache-fra-eddf8230123-FRA
last-modified
Wed, 16 Feb 2022 10:08:41 GMT
server
GitHub.com
x-github-request-id
8E44:31AD2B:78A481C:7AB0774:65EE562D
x-timer
S1710134676.284387,VS0,VE96
etag
W/"620ccd29-b2b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Mon, 11 Mar 2024 01:04:05 GMT
aWB4m0aacbtDfvq5NKliKY8.woff2
fonts.gstatic.com/s/mansalva/v14/ 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mansalva/v14/aWB4m0aacbtDfvq5NKliKY8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Mansalva:ital,wght@0,400;1,400&family=Comic+Neue:ital,wght@0,700;1,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94de6f24ad20f7cdc83bb539aed4f9b61abaa96f0cca7dbb820e388f21705cef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://goreyhallucination.carrd.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 11:51:37 GMT
x-content-type-options
nosniff
age
322379
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69568
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:41:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 07 Mar 2025 11:51:37 GMT
4UaErEJDsxBrF37olUeD_xHM8pxULg.woff2
fonts.gstatic.com/s/comicneue/v8/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/comicneue/v8/4UaErEJDsxBrF37olUeD_xHM8pxULg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Mansalva:ital,wght@0,400;1,400&family=Comic+Neue:ital,wght@0,700;1,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c1d3e1eaa4f7b42cd9db94b4dd66ad552f827b2fe008956cbea53775448ba82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://goreyhallucination.carrd.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 13:20:04 GMT
x-content-type-options
nosniff
age
489872
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18772
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 17:23:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Mar 2025 13:20:04 GMT
UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2
fonts.gstatic.com/s/inter/v13/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2301bb030a2bcaa9c763cc4771bd717aac16709c29eaba00673fcbe7cdf99a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://goreyhallucination.carrd.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 14:21:25 GMT
x-content-type-options
nosniff
age
486191
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21564
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Mar 2025 14:21:25 GMT
Tool-Sober-Lyrics.mp3
dl.dropboxusercontent.com/scl/fi/vflr362i2ncaseou6nb6i/
Redirect Chain
  • https://dl.dropbox.com/scl/fi/vflr362i2ncaseou6nb6i/Tool-Sober-Lyrics.mp3?rlkey=9ys8icdffsqokoqwjva67pmk3&dl=0
  • https://dl.dropboxusercontent.com/scl/fi/vflr362i2ncaseou6nb6i/Tool-Sober-Lyrics.mp3?rlkey=9ys8icdffsqokoqwjva67pmk3&dl=0
112 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://dl.dropboxusercontent.com/scl/fi/vflr362i2ncaseou6nb6i/Tool-Sober-Lyrics.mp3?rlkey=9ys8icdffsqokoqwjva67pmk3&dl=0
Requested by
Host: goreyhallucination.carrd.co
URL: https://goreyhallucination.carrd.co/
Protocol
H2
Server
2620:100:6022:15::a27d:420f , United States, ASN19679 (DROPBOX, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://goreyhallucination.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
date
Mon, 11 Mar 2024 05:24:36 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-dropbox-request-id
472b442a37f749e08a22d56ade58f2f2
Content-Range
bytes 0-7287672/7287673
x-dropbox-response-origin
far_remote
content-disposition
inline; filename="Tool - Sober (Lyrics).mp3"; filename*=UTF-8''Tool%20-%20Sober%20%28Lyrics%29.mp3
Content-Length
7287673
pragma
public
server
envoy
etag
1707441347939376n
content-type
audio/mpeg
cache-control
max-age=60
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noimageindex

Redirect headers

content-security-policy
sandbox
date
Mon, 11 Mar 2024 05:24:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
envoy
vary
Accept-Encoding
content-type
text/html; charset=utf-8
location
https://dl.dropboxusercontent.com/scl/fi/vflr362i2ncaseou6nb6i/Tool-Sober-Lyrics.mp3?rlkey=9ys8icdffsqokoqwjva67pmk3&dl=0
x-dropbox-request-id
de969bfe61c440a98272e263cd5099b9
cache-control
no-cache
x-dropbox-response-origin
far_remote
x-robots-tag
noindex, nofollow, noimageindex
Moonlit_Night.mp3
cdn.discordapp.com/attachments/900670626774265886/900968992708100106/ 		36 B
833 B 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.discordapp.com/attachments/900670626774265886/900968992708100106/Moonlit_Night.mp3
Requested by
Host: goreyhallucination.carrd.co
URL: https://goreyhallucination.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3fa59901d56ce8a95a303b22fd119cb94abf4f43c4f6d60a81fd78b7d00fa65

Request headers

Referer
https://goreyhallucination.carrd.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 11 Mar 2024 05:24:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZN5knvsAeRSr2ckxLNcJzWi5d%2Bk5bF%2ByLaOad2D8p0WrNpAEa6L3V6mSMtC55zuKImTMwJP1jqvemXq9QFSP2aFMCCg4L7FJ1I21HuNP2gF8YxImCo%2BTl1RHr67raKF3wSBYQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray
86291e7f98c437e3-FRA
content-length
36
alt-svc
h3=":443"; ma=86400
QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2
fonts.gstatic.com/s/worksans/v19/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v19/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
996d2f01acc82f075e4de4980849bc80c64fb3756054b5265977636a978728f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://goreyhallucination.carrd.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 20:44:41 GMT
x-content-type-options
nosniff
age
549595
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20000
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:54:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Mar 2025 20:44:41 GMT

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| core object| __core-js_shared__ object| feather object| colours number| bubbles string| over_or_under number| swide number| shigh object| bubb object| bubbx object| bubby object| bubbs object| boddie boolean| ie_version function| addLoadEvent function| bubba function| bubble function| update_bubb function| set_width function| createDiv function| _scrollToTop function| _nextScrollPoint function| _previousScrollPoint function| _firstScrollPoint function| _lastScrollPoint function| _nextSection function| _previousSection function| _firstSection function| _lastSection

4 Cookies

Domain/Path Name / Value
.discordapp.net/ Name: __cfruid
Value: b2651a81332c206baae12afc4e55f3be3a9caf8f-1710134676
.discordapp.com/ Name: __cf_bm
Value: VKm.27RCqlOvP6G1.dcIJSE_8HxEYQf2PwFTq.HceuA-1710134676-1.0.1.1-AX6XzUbTzPAgZRdtXZ1BIRYQYAwat1uOWah35NOewy336em04I6ZWYYNghsQYWgF_gMyxAP2u1PTrZh26cAzCw
.discordapp.com/ Name: _cfuvid
Value: 08ZG483sW6coYNrkmlc.Qvg9KTFb2d_SPhURXT9zjvY-1710134676433-0.0.1.1-604800000
.dropboxusercontent.com/ Name: uc_session
Value: L2CrJHK9HwakHmHknHs1ujlPwvxgb8DvE9QDmjnKmjDOJYxYhUHsjfy80bRMhsGv

16 Console Messages

Source Level URL
Text
network error URL: https://media.discordapp.net/attachments/1095914392417226792/1125306062044667904/IMG_0383.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://media.discordapp.net/attachments/1022237480872857742/1026925396861653032/F72512F1-5A79-4515-925F-09D0A232C4B9.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://media.discordapp.net/attachments/1095914392417226792/1099246318599294976/IMG_9934.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://media.discordapp.net/attachments/1022237480872857742/1026925398266761300/02134E32-2E8F-4CF7-BD54-E5AD2198E003.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://media.discordapp.net/attachments/1095578021433458708/1095616831546474526/IMG_8088.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://media.discordapp.net/attachments/1095578021433458708/1095616676063613038/IMG_8090.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://goreyhallucination.carrd.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://goreyhallucination.carrd.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://goreyhallucination.carrd.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://goreyhallucination.carrd.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://goreyhallucination.carrd.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://goreyhallucination.carrd.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://goreyhallucination.carrd.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://goreyhallucination.carrd.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://cdn.discordapp.com/attachments/900670626774265886/900968992708100106/Moonlit_Night.mp3
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://goreyhallucination.carrd.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.discordapp.com
dl.dropbox.com
dl.dropboxusercontent.com
enchantments.carrd.co
fonts.googleapis.com
fonts.gstatic.com
gifs.crd.co
glenthemes.github.io
goreyhallucination.carrd.co
literature.crd.co
maguro.carrd.co
media.discordapp.net
static.tumblr.com
supplies.ju.mp
104.18.37.69
104.18.40.34
162.159.133.232
162.159.134.233
172.64.147.222
172.64.155.41
192.0.77.40
2606:50c0:8002::153
2620:100:6022:15::a27d:420f
2a00:1450:4001:80f::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:828::200a
0c1d3e1eaa4f7b42cd9db94b4dd66ad552f827b2fe008956cbea53775448ba82
134d30ed9c825909dd32af40d469aaafedfe1b17447abee0ed6c43c7254d2a48
21778d4b6e5a0d8d92f69e0839594121fa491b01c037379bd22bed2685bf77bb
2260af10d3e50dc70138cf7176129a0cbcf5e6d42ff6cfe376e03509b6192e99
2301bb030a2bcaa9c763cc4771bd717aac16709c29eaba00673fcbe7cdf99a59
40dce14fbafaccf4dfc6a35baa56e6cff360fcac70c7340588c04f93f86627be
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
940931f0ba25fcac9201b6265c4b10480f65b5645a845fd90c91e2a38dca20ef
94de6f24ad20f7cdc83bb539aed4f9b61abaa96f0cca7dbb820e388f21705cef
956a8b6213a3aa0cc2cab6945ddaa93abc26905ce2aa3157e0fffb2a5150f428
996d2f01acc82f075e4de4980849bc80c64fb3756054b5265977636a978728f4
996faa1e43fea0697991446f5eaaa57c6246d4b00e0bfed5234494a3511d1f57
c3fa59901d56ce8a95a303b22fd119cb94abf4f43c4f6d60a81fd78b7d00fa65
d6c48cd431b3d9156e7ea617e88a6b98d26d344d4863ca814bb3bd96a984fdfa
e1eeda0d0c61d39df0776c3f0065ebb9d1aacddceb97ad96881c7cf2c08a617f
f511065e5987fdcf9d3a505cae89baec23edf79ba08f39aed924b8bd1d6e8fd0
f7015cf0330fa49ba79b60f194dc2c3df326b68b10fd2012cb0f1cd8004e81f1
f8acc136f2681278603a76c889fd042763a0791f327b3933aeece049cc9a25b2
f9998653cd0c949547caeb377a14b32a9575efc7e36e18d490fa0f30d445d24f