urlscan.io logo urlscan.io
SecurityTrails logo

kexy.carrd.co Open in urlscan Pro
172.64.147.222  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kexy.carrd.co/
Effective URL: https://kexy.carrd.co/
Submission: On October 23 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 24 HTTP transactions. The main IP is 172.64.147.222, located in United States and belongs to CLOUDFLARENET, US. The main domain is kexy.carrd.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 31st 2023. Valid for: a year.
This is the only time kexy.carrd.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.18.40.34 13335 (CLOUDFLAR...)
10 172.64.147.222 13335 (CLOUDFLAR...)
3 172.217.18.10 15169 (GOOGLE)
1 142.250.186.138 15169 (GOOGLE)
1 192.0.77.40 2635 (AUTOMATTIC)
1 192.0.77.3 2635 (AUTOMATTIC)
3 96.43.128.66 19969 (JOESDATAC...)
4 142.250.186.99 15169 (GOOGLE)
1 1 142.250.186.78 15169 (GOOGLE)
1 142.250.185.193 15169 (GOOGLE)
24 9
1    104.18.40.34 (None, )

ASN13335 (CLOUDFLARENET, US)
kexy.carrd.co
10    172.64.147.222 (United States)

ASN13335 (CLOUDFLARENET, US)
kexy.carrd.co
3    172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f10.1e100.net
fonts.googleapis.com
1    142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net
ajax.googleapis.com
1    192.0.77.40 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com
static.tumblr.com
1    192.0.77.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
64.media.tumblr.com
3    96.43.128.66 (United States)

ASN19969 (JOESDATACENTER, US)
cur.cursors-4u.net
4    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
fonts.gstatic.com
1    142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net
drive.google.com
1    142.250.185.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f1.1e100.net
doc-0s-24-docs.googleusercontent.com
Apex Domain
Subdomains		 Transfer
11 carrd.co
kexy.carrd.co
10 MB
4 gstatic.com
fonts.gstatic.com
70 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
ajax.googleapis.com — Cisco Umbrella Rank: 405
64 KB
3 cursors-4u.net
cur.cursors-4u.net — Cisco Umbrella Rank: 779394
15 KB
2 tumblr.com
static.tumblr.com — Cisco Umbrella Rank: 44938
64.media.tumblr.com — Cisco Umbrella Rank: 13353
4 KB
1 googleusercontent.com
doc-0s-24-docs.googleusercontent.com — Cisco Umbrella Rank: 679774
1 google.com
drive.google.com — Cisco Umbrella Rank: 347
1 KB
24 7
Domain Requested by
11 kexy.carrd.co 1 redirects kexy.carrd.co
4 fonts.gstatic.com fonts.googleapis.com
3 cur.cursors-4u.net kexy.carrd.co
3 fonts.googleapis.com kexy.carrd.co
1 doc-0s-24-docs.googleusercontent.com kexy.carrd.co
1 drive.google.com 1 redirects
1 64.media.tumblr.com kexy.carrd.co
1 static.tumblr.com kexy.carrd.co
1 ajax.googleapis.com kexy.carrd.co
24 9
Subject Issuer Validity Valid
carrd.co
Cloudflare Inc ECC CA-3		 2023-03-31 -
2024-03-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.tumblr.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-14 -
2023-12-15		 a year crt.sh
*.media.tumblr.com
Sectigo ECC Domain Validation Secure Server CA		 2022-12-29 -
2024-01-29		 a year crt.sh
ani.cursors-4u.net
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://kexy.carrd.co/
Frame ID: A4BDD0681A259A524C91EAABDF2AF216
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

they/the

Page URL History Show full URLs

  1. http://kexy.carrd.co/ HTTP 301
    https://kexy.carrd.co/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

96 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

9
IPs

2
Countries

10582 kB
Transfer

12657 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kexy.carrd.co/ HTTP 301
    https://kexy.carrd.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://drive.google.com/uc?export=download&id=11cL74HQWLRED_cpOuOpTTZJXHmZHYw28 HTTP 303
  • https://doc-0s-24-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/v049dfs3bd8epnia4ctncrn46b9ih542/1698020175000/04827292136109071249/*/11cL74HQWLRED_cpOuOpTTZJXHmZHYw28?e=download&uuid=815d911b-e452-44b7-a9d3-d037a08ac6a3

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
kexy.carrd.co/
Redirect Chain
  • http://kexy.carrd.co/
  • https://kexy.carrd.co/
117 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kexy.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.147.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
161087a8a68958b5d525ac89627a2bbd4cfe2f413bb6266e389a31d0501ad9ef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0
cf-cache-status
DYNAMIC
cf-ray
81a5cb24cf5e1957-FRA
content-encoding
gzip
content-type
text/html
date
Mon, 23 Oct 2023 00:16:49 GMT
expires
Mon, 23 Oct 2023 00:16:49 GMT
last-modified
Mon, 18 Sep 2023 01:57:17 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
81a5cb1f7ad45d39-FRA
Cache-Control
max-age=0
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 23 Oct 2023 00:16:48 GMT
Expires
Mon, 23 Oct 2023 00:16:48 GMT
Location
https://kexy.carrd.co/
Server
cloudflare
Transfer-Encoding
chunked
css2
fonts.googleapis.com/ 		128 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?display=swap&family=Fredoka+One:ital,wght@0,400;1,400&family=Patua+One:ital,wght@0,400;1,400&family=Muli:ital,wght@0,200;0,400;1,200;1,400&family=Lora:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&family=Cabin:ital,wght@0,500;0,700;1,500;1,700&family=Sawarabi+Gothic:ital,wght@0,400;1,400
Requested by
Host: kexy.carrd.co
URL: https://kexy.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f10.1e100.net
Software
ESF /
Resource Hash
b32b0b2d6512f71e198ef0d3410758ca5a7caa8cdf6a5424bb283e24c5a60bc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kexy.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 23 Oct 2023 00:16:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 00:16:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Oct 2023 00:16:50 GMT
truncated
/ 		185 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e13973e54e6c78d81d49c0674304e02324543463deaba0d13bf91231d4029d4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
image05.gif
kexy.carrd.co/assets/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kexy.carrd.co/assets/images/image05.gif?v=b4105e37
Requested by
Host: kexy.carrd.co
URL: https://kexy.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.147.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75b0c4a00c7c1d1d3c990425de3edfa678983ae5927b634b60057a3be37d465c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kexy.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 00:16:50 GMT
cf-cache-status
MISS
last-modified
Mon, 18 Sep 2023 01:57:17 GMT
server
cloudflare
etag
"a23-60598763fda80"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
81a5cb2758b41957-FRA
content-length
2595
expires
Mon, 30 Oct 2023 00:16:50 GMT
truncated
/ 		181 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24d203acaaf91ab1328e5152c648ca9704c311422f71191875536d852eb7746d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		185 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3dd2b6806a650035c07db2193f095c62dfd0d4c4db3f9301b915b963ecb825cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
ca24adc6.gif
kexy.carrd.co/assets/images/gallery02/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kexy.carrd.co/assets/images/gallery02/ca24adc6.gif?v=b4105e37
Requested by
Host: kexy.carrd.co
URL: https://kexy.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.147.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75f1a570810e9ad490d35ff152904672f60b2708e2e3949bfe3723f08bdfb774

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kexy.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 00:16:50 GMT
cf-cache-status
MISS
last-modified
Mon, 18 Sep 2023 01:57:17 GMT
server
cloudflare
etag
"1e25-6059876403458"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
81a5cb2768c21957-FRA
content-length
7717
expires
Mon, 30 Oct 2023 00:16:50 GMT
image03.gif
kexy.carrd.co/assets/images/ 		550 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kexy.carrd.co/assets/images/image03.gif?v=b4105e37
Requested by
Host: kexy.carrd.co
URL: https://kexy.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.147.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba1013177294ef7d2c252393613a7d7eb8cd2689b6c648fd79029f5c147d2492

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kexy.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 00:16:50 GMT
cf-cache-status
MISS
last-modified
Mon, 18 Sep 2023 01:57:17 GMT
server
cloudflare
etag
"226-6059876407aa8"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
81a5cb2768c31957-FRA
content-length
550
expires
Mon, 30 Oct 2023 00:16:50 GMT
image04.png
kexy.carrd.co/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kexy.carrd.co/assets/images/image04.png?v=b4105e37
Requested by
Host: kexy.carrd.co
URL: https://kexy.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.147.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b22f27a16bc6918bfce34a6b0aee4ee50e86e4e625f2f425f14802fa766f574a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kexy.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 00:16:50 GMT
cf-cache-status
MISS
last-modified
Mon, 18 Sep 2023 01:57:17 GMT
server
cloudflare
etag
"8da-605987645cdf0"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
81a5cb2768c51957-FRA
content-length
2266
expires
Mon, 30 Oct 2023 00:16:50 GMT
truncated
/ 		181 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c126cea3cb1a79aaefda436f663e19cc17524f610e0cf7dd9057ec2e2ea7d35

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7/ 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7/jquery.min.js
Requested by
Host: kexy.carrd.co
URL: https://kexy.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kexy.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 04:49:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
415670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33845
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 04:49:00 GMT
css
fonts.googleapis.com/ 		758 B
462 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Karla
Requested by
Host: kexy.carrd.co
URL: https://kexy.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f10.1e100.net
Software
ESF /
Resource Hash
898928b209be925c637c25dbff08f42a74700d87a67c6266a20f4a6cf9adf5a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kexy.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 23 Oct 2023 00:16:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 00:00:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Oct 2023 00:16:50 GMT
icon
fonts.googleapis.com/ 		569 B
416 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: kexy.carrd.co
URL: https://kexy.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f10.1e100.net
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kexy.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 23 Oct 2023 00:16:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 00:16:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Oct 2023 00:16:50 GMT
glenplayer02.js
static.tumblr.com/gtjt4bo/QRmphdsdv/ 		874 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tumblr.com/gtjt4bo/QRmphdsdv/glenplayer02.js
Requested by
Host: kexy.carrd.co
URL: https://kexy.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
e3ac527cd57cc7de7204d4a7c5bd7a2bc8407ed8bbab28c914e216312d1896d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kexy.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Mon, 23 Oct 2023 00:16:50 GMT
strict-transport-security
max-age=31536000; preload
last-modified
Mon, 29 Oct 2018 22:13:08 GMT
server
nginx
etag
"0c72d69900626725bd7d730e5d46a141"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=315360000
accept-ranges
bytes
content-length
874
expires
Thu, 31 Dec 2037 23:55:55 GMT
tumblr_lu2dd4ocjj1qfoi4t.gif
64.media.tumblr.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://64.media.tumblr.com/tumblr_lu2dd4ocjj1qfoi4t.gif
Requested by
Host: kexy.carrd.co
URL: https://kexy.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
0a142726afa5e558ad618c4cb3d48c913766a1dd31d7bd4470bbf4d6192e0e70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kexy.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 00:16:50 GMT
strict-transport-security
max-age=31536000; preload
content-disposition
inline; filename="tumblr_lu2dd4ocjj1qfoi4t540.gif"
server-timing
dc;desc=ams, cache;desc=HIT;dur=1.0
content-length
2237
x-nc
HIT ams 5
last-modified
Tue, 17 Apr 2018 04:00:00 GMT
server
nginx
etag
"fd8051080d23177853cc8d7a855e3038-1523937600-876ad91"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
cursor.png
cur.cursors-4u.net/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cur.cursors-4u.net/cursor.png
Requested by
Host: kexy.carrd.co
URL: https://kexy.carrd.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
96.43.128.66 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
9f4185f44c07da894dee2b3f016585769af454b43bd06376e13804d88cfc3a54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kexy.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Mon, 23 Oct 2023 00:16:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Feb 2013 17:33:08 GMT
Server
nginx/1.16.1
ETag
W/"512e4354-4d5"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
Connection
keep-alive
container02.gif
kexy.carrd.co/assets/images/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kexy.carrd.co/assets/images/container02.gif?v=b4105e37
Requested by
Host: kexy.carrd.co
URL: https://kexy.carrd.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.147.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6f3030d063bdd699975880e101aa0f474892dad8406c42b627fad948460478

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kexy.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 00:16:50 GMT
cf-cache-status
MISS
last-modified
Mon, 18 Sep 2023 01:57:17 GMT
server
cloudflare
etag
"1a7fbe-60598763d4658"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
81a5cb29ca0a1957-FRA
content-length
1736638
expires
Mon, 30 Oct 2023 00:16:50 GMT
truncated
/ 		397 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19bcd591b90b35bd6e42c7eae795906cf308f5831b04dbc6d88bfee0fb475011

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		245 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b37c093789aa43169b69ddc457c884d4aea718c523a78760ac07a74945bec863

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2
fonts.gstatic.com/s/fredokaone/v14/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/fredokaone/v14/k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Fredoka+One:ital,wght@0,400;1,400&family=Patua+One:ital,wght@0,400;1,400&family=Muli:ital,wght@0,200;0,400;1,200;1,400&family=Lora:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&family=Cabin:ital,wght@0,500;0,700;1,500;1,700&family=Sawarabi+Gothic:ital,wght@0,400;1,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
e9986c62b19bce3791c4c103a4aa87c91d22d9e1c9f252f7f802ea26d3405769
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kexy.carrd.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 08:02:36 GMT
x-content-type-options
nosniff
age
144854
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15596
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 20:35:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Oct 2024 08:02:36 GMT
0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v32/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lora/v32/0QIvMX1D_JOuMwr7Iw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Fredoka+One:ital,wght@0,400;1,400&family=Patua+One:ital,wght@0,400;1,400&family=Muli:ital,wght@0,200;0,400;1,200;1,400&family=Lora:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&family=Cabin:ital,wght@0,500;0,700;1,500;1,700&family=Sawarabi+Gothic:ital,wght@0,400;1,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kexy.carrd.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 07:19:52 GMT
x-content-type-options
nosniff
age
233818
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35888
x-xss-protection
0
last-modified
Tue, 21 Feb 2023 21:45:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Oct 2024 07:19:52 GMT
x3d4ckfVaqqa-BEj-I9mE65u3k3NAEEnEXdX7R_PTqgHT45rMBfyeoYQJ5w.118.woff2
fonts.gstatic.com/s/sawarabigothic/v12/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sawarabigothic/v12/x3d4ckfVaqqa-BEj-I9mE65u3k3NAEEnEXdX7R_PTqgHT45rMBfyeoYQJ5w.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Fredoka+One:ital,wght@0,400;1,400&family=Patua+One:ital,wght@0,400;1,400&family=Muli:ital,wght@0,200;0,400;1,200;1,400&family=Lora:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&family=Cabin:ital,wght@0,500;0,700;1,500;1,700&family=Sawarabi+Gothic:ital,wght@0,400;1,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
ac372ee841642f8574bf1fa4520ed17f940128808ac666e5c034515df51e8745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kexy.carrd.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 10:49:00 GMT
x-content-type-options
nosniff
age
221270
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6376
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:46:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Oct 2024 10:49:00 GMT
x3d4ckfVaqqa-BEj-I9mE65u3k3NAEEnEXdX7R_PTqgHT45rMBfyeoYQJ5w.119.woff2
fonts.gstatic.com/s/sawarabigothic/v12/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sawarabigothic/v12/x3d4ckfVaqqa-BEj-I9mE65u3k3NAEEnEXdX7R_PTqgHT45rMBfyeoYQJ5w.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Fredoka+One:ital,wght@0,400;1,400&family=Patua+One:ital,wght@0,400;1,400&family=Muli:ital,wght@0,200;0,400;1,200;1,400&family=Lora:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&family=Cabin:ital,wght@0,500;0,700;1,500;1,700&family=Sawarabi+Gothic:ital,wght@0,400;1,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
4771fe4da3e298827f0806ea67597f77a47892b65d780c03e5833362e4045266
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kexy.carrd.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 02:48:57 GMT
x-content-type-options
nosniff
age
422873
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12996
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:54:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 02:48:57 GMT
nat852.ani
cur.cursors-4u.net/nature/nat-9/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cur.cursors-4u.net/nature/nat-9/nat852.ani
Requested by
Host: kexy.carrd.co
URL: https://kexy.carrd.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
96.43.128.66 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kexy.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Mon, 23 Oct 2023 00:16:50 GMT
Last-Modified
Wed, 27 Feb 2013 18:20:34 GMT
Server
nginx/1.16.1
ETag
"512e4e72-335c"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13148
nat852.png
cur.cursors-4u.net/nature/nat-9/ 		293 B
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cur.cursors-4u.net/nature/nat-9/nat852.png
Requested by
Host: kexy.carrd.co
URL: https://kexy.carrd.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
96.43.128.66 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
2d4d04cc25a4d64986ae25297e455575f86f0289f34983afd218d6f3c4185d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kexy.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Mon, 23 Oct 2023 00:16:50 GMT
Last-Modified
Wed, 27 Feb 2013 18:20:32 GMT
Server
nginx/1.16.1
ETag
"512e4e70-125"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
293
11cL74HQWLRED_cpOuOpTTZJXHmZHYw28
doc-0s-24-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/v049dfs3bd8epnia4ctncrn46b9ih542/1698020175000/04827292136109071249/*/
Redirect Chain
  • https://drive.google.com/uc?export=download&id=11cL74HQWLRED_cpOuOpTTZJXHmZHYw28
  • https://doc-0s-24-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/v049dfs3bd8epnia4ctncrn46b9ih542/1698020175000/04827292136109071249/*/11cL74HQWLRED_cpOuOpTTZJXHmZHYw28?e...
2 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://doc-0s-24-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/v049dfs3bd8epnia4ctncrn46b9ih542/1698020175000/04827292136109071249/*/11cL74HQWLRED_cpOuOpTTZJXHmZHYw28?e=download&uuid=815d911b-e452-44b7-a9d3-d037a08ac6a3
Requested by
Host: kexy.carrd.co
URL: https://kexy.carrd.co/
Protocol
H2
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
UploadServer /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kexy.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 00:16:52 GMT
x-content-type-options
nosniff
x-guploader-uploadid
ABPtcPozkZNRCjrSK4rQdYKHOcbE-KifycQWm3svfvVXL__zZ_7AYPSD5kWQUDP88QpIjh4S9SSVmM2r57_8FbOAorXFWTEajJKV
Content-Range
bytes 0-2365569/2365570
content-disposition
attachment; filename="Daniel_Seavey_-_Runaway.mp3"; filename*=UTF-8''Daniel_Seavey_-_Runaway.mp3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
2365570
last-modified
Sat, 03 Jun 2023 02:59:57 GMT
server
UploadServer
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
x-goog-hash
crc32c=XgyZQw==
cache-control
private, max-age=0
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, X-Google-EOM, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-353267353-bin, x-goog-ext-353267353-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, x-goog-ext-359275022-bin, x-goog-ext-328800237-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Request-Time, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, x-goog-maps-api-salt, x-goog-maps-api-signature, x-goog-maps-client-id, X-Goog-Api-Key, x-goog-spanner-database-role, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Android-Cert, X-Ariane-Xsrf-Token, X-YouTube-Bootstrap-Logged-In, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-OidcIdToken, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token, x-rfui-request-context
expires
Mon, 23 Oct 2023 00:16:52 GMT

Redirect headers

date
Mon, 23 Oct 2023 00:16:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport, script-src 'report-sample' 'nonce-ucyiy7Tuckwx2651h1nOcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/binary
location
https://doc-0s-24-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/v049dfs3bd8epnia4ctncrn46b9ih542/1698020175000/04827292136109071249/*/11cL74HQWLRED_cpOuOpTTZJXHmZHYw28?e=download&uuid=815d911b-e452-44b7-a9d3-d037a08ac6a3
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
image01.gif
kexy.carrd.co/assets/images/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kexy.carrd.co/assets/images/image01.gif?v=b4105e37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.147.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
306664aa99a1fb560601c26aa4d85c425e58c384d3d4a77e332ee28684d75cc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kexy.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 00:16:53 GMT
cf-cache-status
MISS
last-modified
Mon, 18 Sep 2023 01:57:17 GMT
server
cloudflare
etag
"2ebcba-60598763f49f8"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
81a5cb382a811957-FRA
content-length
3062970
expires
Mon, 30 Oct 2023 00:16:52 GMT
20d6005a.gif
kexy.carrd.co/assets/images/gallery01/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kexy.carrd.co/assets/images/gallery01/20d6005a.gif?v=b4105e37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.147.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6003e54fe33a1f1a3d4351380db9a2b13fcba1f074d3c129244b345dedd3a31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kexy.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 00:16:52 GMT
cf-cache-status
MISS
last-modified
Mon, 18 Sep 2023 01:57:17 GMT
server
cloudflare
etag
"100e92-6059876438400"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
81a5cb382a821957-FRA
content-length
1052306
expires
Mon, 30 Oct 2023 00:16:52 GMT
9efe555e.gif
kexy.carrd.co/assets/images/gallery01/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kexy.carrd.co/assets/images/gallery01/9efe555e.gif?v=b4105e37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.147.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
638f93eb5a93a74f6dba0b1c70f0e90802e6f8bce092e9377ed61fac2e468342

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kexy.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 00:16:52 GMT
cf-cache-status
MISS
last-modified
Mon, 18 Sep 2023 01:57:17 GMT
server
cloudflare
etag
"1eda09-60598764550f0"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
81a5cb382a831957-FRA
content-length
2021897
expires
Mon, 30 Oct 2023 00:16:52 GMT
image02.gif
kexy.carrd.co/assets/images/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kexy.carrd.co/assets/images/image02.gif?v=b4105e37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.147.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1832be878a1f26264c59f7ffc00bb3cb2164a9e65de06e3a4a931fdc317a5b50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kexy.carrd.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 00:16:53 GMT
cf-cache-status
MISS
last-modified
Mon, 18 Sep 2023 01:57:17 GMT
server
cloudflare
etag
"2a0fce-6059876422470"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
81a5cb382a851957-FRA
content-length
2756558
expires
Mon, 30 Oct 2023 00:16:52 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| _scrollToTop function| _nextScrollPoint function| _previousScrollPoint function| _firstScrollPoint function| _lastScrollPoint function| _nextSection function| _previousSection function| _firstSection function| _lastSection function| $ function| jQuery function| songstart function| tb8_makeArray number| tb8_counter number| tb8_currMsg string| tb8_tekst number| tb8_i number| tb8_TID function| tb8_pisi object| tb8_messages string| tb8_rptType number| tb8_rptNbr number| tb8_speed number| tb8_delay number| tb8_sp string| colour number| speed number| blobs string| charc object| div object| xpos object| ypos object| zpos object| dx object| dy object| dz object| blob number| swide number| shigh function| fill_the_jar function| add_blob function| rejig function| sign function| set_blob function| jamjar function| set_width number| sparks number| bangs object| colours object| intensity object| Xpos object| Ypos object| dX object| dY object| stars object| decay object| timers number| sleft number| count function| addLoadEvent function| clicksplode function| createDiv function| bang function| eksplode function| set_scroll number| sdown

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

64.media.tumblr.com
ajax.googleapis.com
cur.cursors-4u.net
doc-0s-24-docs.googleusercontent.com
drive.google.com
fonts.googleapis.com
fonts.gstatic.com
kexy.carrd.co
static.tumblr.com
104.18.40.34
142.250.185.193
142.250.186.138
142.250.186.78
142.250.186.99
172.217.18.10
172.64.147.222
192.0.77.3
192.0.77.40
96.43.128.66
0a142726afa5e558ad618c4cb3d48c913766a1dd31d7bd4470bbf4d6192e0e70
161087a8a68958b5d525ac89627a2bbd4cfe2f413bb6266e389a31d0501ad9ef
1832be878a1f26264c59f7ffc00bb3cb2164a9e65de06e3a4a931fdc317a5b50
19bcd591b90b35bd6e42c7eae795906cf308f5831b04dbc6d88bfee0fb475011
24d203acaaf91ab1328e5152c648ca9704c311422f71191875536d852eb7746d
2d4d04cc25a4d64986ae25297e455575f86f0289f34983afd218d6f3c4185d80
306664aa99a1fb560601c26aa4d85c425e58c384d3d4a77e332ee28684d75cc2
3dd2b6806a650035c07db2193f095c62dfd0d4c4db3f9301b915b963ecb825cf
4771fe4da3e298827f0806ea67597f77a47892b65d780c03e5833362e4045266
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4b6f3030d063bdd699975880e101aa0f474892dad8406c42b627fad948460478
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5c126cea3cb1a79aaefda436f663e19cc17524f610e0cf7dd9057ec2e2ea7d35
638f93eb5a93a74f6dba0b1c70f0e90802e6f8bce092e9377ed61fac2e468342
75b0c4a00c7c1d1d3c990425de3edfa678983ae5927b634b60057a3be37d465c
75f1a570810e9ad490d35ff152904672f60b2708e2e3949bfe3723f08bdfb774
898928b209be925c637c25dbff08f42a74700d87a67c6266a20f4a6cf9adf5a0
9f4185f44c07da894dee2b3f016585769af454b43bd06376e13804d88cfc3a54
9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e
a6003e54fe33a1f1a3d4351380db9a2b13fcba1f074d3c129244b345dedd3a31
ac372ee841642f8574bf1fa4520ed17f940128808ac666e5c034515df51e8745
b22f27a16bc6918bfce34a6b0aee4ee50e86e4e625f2f425f14802fa766f574a
b32b0b2d6512f71e198ef0d3410758ca5a7caa8cdf6a5424bb283e24c5a60bc3
b37c093789aa43169b69ddc457c884d4aea718c523a78760ac07a74945bec863
ba1013177294ef7d2c252393613a7d7eb8cd2689b6c648fd79029f5c147d2492
e13973e54e6c78d81d49c0674304e02324543463deaba0d13bf91231d4029d4d
e3ac527cd57cc7de7204d4a7c5bd7a2bc8407ed8bbab28c914e216312d1896d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9986c62b19bce3791c4c103a4aa87c91d22d9e1c9f252f7f802ea26d3405769