urlscan.io logo urlscan.io
SecurityTrails logo

codepen.io Open in urlscan Pro
2606:4700::6810:b02c  Public Scan

Go To Rescan Add Verdict Report
URL: https://codepen.io/onion2k/pen/BGrXEO
Submission Tags: phishing
Submission: On January 26 via api from AU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 37 HTTP transactions. The main IP is 2606:4700::6810:b02c, located in United States and belongs to CLOUDFLARENET, US. The main domain is codepen.io. The Cisco Umbrella rank of the primary domain is 32446.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2021. Valid for: a year.
This is the only time codepen.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2606:4700::68... 13335 (CLOUDFLAR...)
5 24 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.66.217 54113 (FASTLY)
1 151.101.130.133 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 134.209.25.109 14061 (DIGITALOC...)
1 94.31.29.32 33438 (HIGHWINDS2)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
37 12
6    2606:4700::6810:b02c (United States)

ASN13335 (CLOUDFLARENET, US)
codepen.io
cpwebassets.codepen.io
24    2606:4700::6811:e30 (United States)

ASN13335 (CLOUDFLARENET, US)
cpwebassets.codepen.io
codepen.io
1    151.101.66.217 (United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
1    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
static.filestackapi.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700:20::ac43:46cf (United States)

ASN13335 (CLOUDFLARENET, US)
cdpn.io
1    134.209.25.109 (London, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-ldn-12.buysellads.com
srv.buysellads.com
1    94.31.29.32 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net
cdn4.buysellads.net
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
Apex Domain
Subdomains		 Transfer
30 codepen.io
codepen.io — Cisco Umbrella Rank: 32446
cpwebassets.codepen.io — Cisco Umbrella Rank: 80332
813 KB
2 cdpn.io
cdpn.io — Cisco Umbrella Rank: 85921
3 KB
2 gstatic.com
fonts.gstatic.com
89 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 881
3 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 227
3 KB
1 buysellads.net
cdn4.buysellads.net — Cisco Umbrella Rank: 16454
1 KB
1 buysellads.com
srv.buysellads.com — Cisco Umbrella Rank: 19928
918 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
702 B
1 filestackapi.com
static.filestackapi.com — Cisco Umbrella Rank: 20852
72 KB
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 5952
6 KB
37 10
Domain Requested by
19 cpwebassets.codepen.io 5 redirects codepen.io
cpwebassets.codepen.io
11 codepen.io codepen.io
cpwebassets.codepen.io
2 cdpn.io codepen.io
cdpn.io
2 fonts.gstatic.com fonts.googleapis.com
1 unpkg.com cdpn.io
1 cdnjs.cloudflare.com cdpn.io
1 cdn4.buysellads.net codepen.io
1 srv.buysellads.com cpwebassets.codepen.io
1 fonts.googleapis.com cpwebassets.codepen.io
1 static.filestackapi.com codepen.io
1 cdn.speedcurve.com codepen.io
37 11
Subject Issuer Validity Valid
codepen.io
Cloudflare Inc ECC CA-3		 2021-06-06 -
2022-06-05		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-12 -
2022-11-13		 a year crt.sh
*.filestackapi.com
R3		 2021-12-13 -
2022-03-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-15 -
2022-06-14		 a year crt.sh
*.buysellads.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-18 -
2022-05-18		 2 years crt.sh
*.buysellads.net
Sectigo RSA Domain Validation Secure Server CA		 2021-08-03 -
2022-09-03		 a year crt.sh

This page contains 2 frames:

Primary Page: https://codepen.io/onion2k/pen/BGrXEO
Frame ID: E974CFE61DEFB1B9CFF3171ABC1DCD16
Requests: 32 HTTP requests in this frame

Frame: https://cdpn.io/onion2k/fullpage/BGrXEO
Frame ID: 50EF9CD50013D4B2D1A288EC4B313DD5
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Snowworker Example

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

37
Requests

84 %
HTTPS

64 %
IPv6

10
Domains

11
Subdomains

12
IPs

3
Countries

989 kB
Transfer

3335 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://cpwebassets.codepen.io/assets/packs/js/vendor-e72bc3cf47154f7b96af.chunk.js HTTP 301
  • https://codepen.io/assets/packs/js/vendor-e72bc3cf47154f7b96af.chunk.js
Request Chain 9
  • https://cpwebassets.codepen.io/assets/packs/js/referrer-tracking-d827bc0c8ca28c2fd145.js HTTP 301
  • https://codepen.io/assets/packs/js/referrer-tracking-d827bc0c8ca28c2fd145.js
Request Chain 11
  • https://cpwebassets.codepen.io/assets/packs/js/1-6f74b336433b5329e407.chunk.js HTTP 301
  • https://codepen.io/assets/packs/js/1-6f74b336433b5329e407.chunk.js
Request Chain 12
  • https://cpwebassets.codepen.io/assets/packs/js/everypage-acec91eb5b16a2c7cbca.js HTTP 301
  • https://codepen.io/assets/packs/js/everypage-acec91eb5b16a2c7cbca.js
Request Chain 13
  • https://cpwebassets.codepen.io/assets/packs/js/firebaseConnectLibs-cad4ea80abbdcb5b2a55.js HTTP 301
  • https://codepen.io/assets/packs/js/firebaseConnectLibs-cad4ea80abbdcb5b2a55.js

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request BGrXEO
codepen.io/onion2k/pen/ 		98 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://codepen.io/onion2k/pen/BGrXEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:b02c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R)
Resource Hash
76c13c2869d99d533c6566b5edbbb64bda2dc953f8f477d9d3b80bcc41b10f83
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; block-all-mixed-content; connect-src blob: *; font-src data: *; frame-src data: blob: *; img-src 'self' assets.codepen.io cpwebassets.codepen.io *.codepen-staging.com *.codepen.website *.codepen.io *.wp.com gravatar.com static.filestackapi.com *.buysellads.net *.doubleclick.net *.adsafeprotected.com *.unsplash.com data: blob:; form-action 'self'; media-src 'self' assets.codepen.io blog.codepen.io; object-src 'none'; script-src 'self' 'unsafe-eval' 'nonce-6bfp22PwW1o=' cpwebassets.codepen.io *.appcues.com *.buysellads.com *.carbonads.com *.carbonads.net *.filestackapi.com *.firebaseio.com *.paypal.com *.paypalobjects.com *.braintreegateway.com *.stripe.com *.wufoo.com *.speedcurve.com wufoo.com www.google.com; style-src 'unsafe-inline' *; report-uri /cpe/csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
phishfarmer
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 26 Jan 2022 21:34:21 GMT
content-type
text/html; charset=utf-8
status
200 OK
cache-control
max-age=0, private, must-revalidate
referrer-policy
strict-origin-when-cross-origin
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
9b70c0b8-139c-44bf-a044-739048e9f3f2
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-runtime
0.132687
x-content-type-options
nosniff
content-security-policy
default-src 'self'; base-uri 'self'; block-all-mixed-content; connect-src blob: *; font-src data: *; frame-src data: blob: *; img-src 'self' assets.codepen.io cpwebassets.codepen.io *.codepen-staging.com *.codepen.website *.codepen.io *.wp.com gravatar.com static.filestackapi.com *.buysellads.net *.doubleclick.net *.adsafeprotected.com *.unsplash.com data: blob:; form-action 'self'; media-src 'self' assets.codepen.io blog.codepen.io; object-src 'none'; script-src 'self' 'unsafe-eval' 'nonce-6bfp22PwW1o=' cpwebassets.codepen.io *.appcues.com *.buysellads.com *.carbonads.com *.carbonads.net *.filestackapi.com *.firebaseio.com *.paypal.com *.paypalobjects.com *.braintreegateway.com *.stripe.com *.wufoo.com *.speedcurve.com wufoo.com www.google.com; style-src 'unsafe-inline' *; report-uri /cpe/csp
x-powered-by
Phusion Passenger(R)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
cf-ray
6d3cdd62d9c69256-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
global-7f803d09491edc73a8167ba3307798227ebdedc91989a6c536a3b231f2fd7900.css
cpwebassets.codepen.io/assets/global/ 		72 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cpwebassets.codepen.io/assets/global/global-7f803d09491edc73a8167ba3307798227ebdedc91989a6c536a3b231f2fd7900.css
Requested by
Host: codepen.io
URL: https://codepen.io/onion2k/pen/BGrXEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:b02c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9fbe1ca69dcbe27502d017e51c9f21630a38131d92d4f6360969ee9ba81b4e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://codepen.io/
User-Agent
phishfarmer

Response headers

date
Wed, 26 Jan 2022 21:34:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
129121
cf-polished
origSize=128037
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 25 Jan 2022 09:42:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
expires
Sat, 24 Jan 2032 21:34:21 GMT
cache-control
public, max-age=315360000
cf-ray
6d3cdd690f329256-FRA
cf-bgj
minify
everypage-276ca056.css
cpwebassets.codepen.io/assets/packs/css/ 		182 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cpwebassets.codepen.io/assets/packs/css/everypage-276ca056.css
Requested by
Host: codepen.io
URL: https://codepen.io/onion2k/pen/BGrXEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:b02c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f1fb74b1d9595ec410feebcc412e94e485c13e49f840a497d1efe00f80b33a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://codepen.io/
User-Agent
phishfarmer

Response headers

date
Wed, 26 Jan 2022 21:34:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
129121
cf-polished
origSize=186865
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 25 Jan 2022 09:42:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
expires
Sat, 24 Jan 2032 21:34:21 GMT
cache-control
public, max-age=315360000
cf-ray
6d3cdd690f379256-FRA
cf-bgj
minify
editor-ce84559792d1fef032d25f19e7cf0e24b7e0a3308e8c697b3b8ef7cd2411b83f.css
cpwebassets.codepen.io/assets/editor/ 		72 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cpwebassets.codepen.io/assets/editor/editor-ce84559792d1fef032d25f19e7cf0e24b7e0a3308e8c697b3b8ef7cd2411b83f.css
Requested by
Host: codepen.io
URL: https://codepen.io/onion2k/pen/BGrXEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:b02c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ee18ffee0dcb9b30bcf61f6e0d9459f32fe6f4cef6870f73061e99716bb3c24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://codepen.io/
User-Agent
phishfarmer

Response headers

date
Wed, 26 Jan 2022 21:34:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
129121
cf-polished
origSize=134064
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 25 Jan 2022 09:42:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
expires
Sat, 24 Jan 2032 21:34:21 GMT
cache-control
public, max-age=315360000
cf-ray
6d3cdd690f3a9256-FRA
cf-bgj
minify
twilight-9eb71b6edb11814ec9302f458eb8606e9eb58d14ef36cdf785d88aca31de5447.css
cpwebassets.codepen.io/assets/editor/themes/ 		2 KB
890 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cpwebassets.codepen.io/assets/editor/themes/twilight-9eb71b6edb11814ec9302f458eb8606e9eb58d14ef36cdf785d88aca31de5447.css
Requested by
Host: codepen.io
URL: https://codepen.io/onion2k/pen/BGrXEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:b02c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9983c4ca0324892812aae94e6e9adeac04e9fc0a24a2e87a0f7cfa4e2ce9f03a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://codepen.io/
User-Agent
phishfarmer

Response headers

date
Wed, 26 Jan 2022 21:34:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
129122
cf-polished
origSize=6309
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 25 Jan 2022 09:42:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
expires
Sat, 24 Jan 2032 21:34:21 GMT
cache-control
public, max-age=315360000
cf-ray
6d3cdd690f339256-FRA
cf-bgj
minify
algolia-9e1c0c887f4db420704b2a79926864019ef156bcecc9d5774a7e4eaa731fc5b5.svg
cpwebassets.codepen.io/assets/settings/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cpwebassets.codepen.io/assets/settings/algolia-9e1c0c887f4db420704b2a79926864019ef156bcecc9d5774a7e4eaa731fc5b5.svg
Requested by
Host: codepen.io
URL: https://codepen.io/onion2k/pen/BGrXEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:e30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e1c0c887f4db420704b2a79926864019ef156bcecc9d5774a7e4eaa731fc5b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://codepen.io/
User-Agent
phishfarmer

Response headers

date
Wed, 26 Jan 2022 21:34:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
11731755
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 13 Sep 2021 02:45:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
6d3cdd6adb466925-FRA
expires
Sat, 24 Jan 2032 21:34:21 GMT
browser_support-e442aebd85f2bb9dcd4a47cb43c7fc38efd5522ace0a675bf5e33a06413b5a28.js
cpwebassets.codepen.io/assets/common/ 		973 B
534 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cpwebassets.codepen.io/assets/common/browser_support-e442aebd85f2bb9dcd4a47cb43c7fc38efd5522ace0a675bf5e33a06413b5a28.js
Requested by
Host: codepen.io
URL: https://codepen.io/onion2k/pen/BGrXEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:b02c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e442aebd85f2bb9dcd4a47cb43c7fc38efd5522ace0a675bf5e33a06413b5a28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://codepen.io/
User-Agent
phishfarmer

Response headers

date
Wed, 26 Jan 2022 21:34:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
129092
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 25 Jan 2022 09:42:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 24 Jan 2032 21:34:21 GMT
cache-control
public, max-age=315360000
cf-ray
6d3cdd6978619256-FRA
cf-bgj
minify
everypage-f84dd91ff413b23b8d1a6f7eadc615dc53c384f74f8254e068449db735b2c8cd.js
cpwebassets.codepen.io/assets/common/ 		127 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpwebassets.codepen.io/assets/common/everypage-f84dd91ff413b23b8d1a6f7eadc615dc53c384f74f8254e068449db735b2c8cd.js
Requested by
Host: codepen.io
URL: https://codepen.io/onion2k/pen/BGrXEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:e30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abc48eaf0a210e3e5156dac1bdf04de35dfcfe327aaac235aef73515670c80d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://codepen.io/
User-Agent
phishfarmer

Response headers

date
Wed, 26 Jan 2022 21:34:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
229876
cf-polished
origSize=129972
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 24 Jan 2022 05:43:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 24 Jan 2032 21:34:21 GMT
cache-control
public, max-age=315360000
cf-ray
6d3cdd69b8116925-FRA
cf-bgj
minify
analytics_and_notifications-afa6925cbcff840929f2b7c543587d5f9d7a461af81ee7ca80631c8e37ac42f2.js
cpwebassets.codepen.io/assets/common/ 		1 KB
807 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cpwebassets.codepen.io/assets/common/analytics_and_notifications-afa6925cbcff840929f2b7c543587d5f9d7a461af81ee7ca80631c8e37ac42f2.js
Requested by
Host: codepen.io
URL: https://codepen.io/onion2k/pen/BGrXEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:e30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afa6925cbcff840929f2b7c543587d5f9d7a461af81ee7ca80631c8e37ac42f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://codepen.io/
User-Agent
phishfarmer

Response headers

date
Wed, 26 Jan 2022 21:34:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1867897
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 05 Jan 2022 06:42:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 24 Jan 2032 21:34:21 GMT
cache-control
public, max-age=315360000
cf-ray
6d3cdd6a7a386925-FRA
cf-bgj
minify
vendor-e72bc3cf47154f7b96af.chunk.js
codepen.io/assets/packs/js/
Redirect Chain
  • https://cpwebassets.codepen.io/assets/packs/js/vendor-e72bc3cf47154f7b96af.chunk.js
  • https://codepen.io/assets/packs/js/vendor-e72bc3cf47154f7b96af.chunk.js
644 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codepen.io/assets/packs/js/vendor-e72bc3cf47154f7b96af.chunk.js
Requested by
Host: codepen.io
URL: https://codepen.io/onion2k/pen/BGrXEO
Protocol
H3
Server
2606:4700::6811:e30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efb214df43076380a0b07d00c28cd19ec0a1fa3676a36cc6f321292772a2b3d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://codepen.io/
User-Agent
phishfarmer

Response headers

date
Wed, 26 Jan 2022 21:34:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
52217
cf-polished
origSize=659638
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Jan 2022 07:04:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 24 Jan 2032 21:34:21 GMT
cache-control
public, max-age=315360000
cf-ray
6d3cdd6b2bc66925-FRA
cf-bgj
minify

Redirect headers

date
Wed, 26 Jan 2022 21:34:21 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
52255
x-powered-by
Phusion Passenger(R)
status
301 Moved Permanently
location
https://codepen.io/assets/packs/js/vendor-e72bc3cf47154f7b96af.chunk.js
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
dee94c9d-4f66-4d22-8ad9-57566dc6f6ee
x-runtime
0.002464
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-download-options
noopen
content-type
text/html
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=315360000
cf-ray
6d3cdd6aaad46925-FRA
expires
Sat, 24 Jan 2032 21:34:21 GMT
referrer-tracking-d827bc0c8ca28c2fd145.js
codepen.io/assets/packs/js/
Redirect Chain
  • https://cpwebassets.codepen.io/assets/packs/js/referrer-tracking-d827bc0c8ca28c2fd145.js
  • https://codepen.io/assets/packs/js/referrer-tracking-d827bc0c8ca28c2fd145.js
12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codepen.io/assets/packs/js/referrer-tracking-d827bc0c8ca28c2fd145.js
Requested by
Host: codepen.io
URL: https://codepen.io/onion2k/pen/BGrXEO
Protocol
H3
Server
2606:4700::6811:e30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adc64a5ce49831f1f437e9dbb8869dd13913fff53af5c85fce093f0d9cdceddd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://codepen.io/
User-Agent
phishfarmer

Response headers

date
Wed, 26 Jan 2022 21:34:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
52254
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Jan 2022 07:03:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 24 Jan 2032 21:34:21 GMT
cache-control
public, max-age=315360000
cf-ray
6d3cdd6b2bc96925-FRA
cf-bgj
minify

Redirect headers

date
Wed, 26 Jan 2022 21:34:21 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
52255
x-powered-by
Phusion Passenger(R)
status
301 Moved Permanently
location
https://codepen.io/assets/packs/js/referrer-tracking-d827bc0c8ca28c2fd145.js
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
1b5dc43d-e0cf-4892-b3cf-367defeb8ce7
x-runtime
0.001820
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-download-options
noopen
content-type
text/html
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=315360000
cf-ray
6d3cdd6adb346925-FRA
expires
Sat, 24 Jan 2032 21:34:21 GMT
lux.js
cdn.speedcurve.com/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=410041
Requested by
Host: codepen.io
URL: https://codepen.io/onion2k/pen/BGrXEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
2d38a792b978cf483edf26d94b49c81bb1609629e615ea890d3acaa3dae4ed89

Request headers

Referer
https://codepen.io/
Origin
https://codepen.io
Accept-Language
de-DE,de;q=0.9
User-Agent
phishfarmer

Response headers

date
Wed, 26 Jan 2022 21:34:21 GMT
via
1.1 vegur, 1.1 varnish
age
509
x-cache
HIT
x-cache-hits
2
content-encoding
gzip
content-length
6247
x-served-by
cache-hhn4067-HHN
last-modified
Wed, 26 Jan 2022 21:25:53 GMT
server
Apache
x-timer
S1643232862.917699,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Feb 2022 21:25:53 GMT
1-6f74b336433b5329e407.chunk.js
codepen.io/assets/packs/js/
Redirect Chain
  • https://cpwebassets.codepen.io/assets/packs/js/1-6f74b336433b5329e407.chunk.js
  • https://codepen.io/assets/packs/js/1-6f74b336433b5329e407.chunk.js
38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codepen.io/assets/packs/js/1-6f74b336433b5329e407.chunk.js
Requested by
Host: codepen.io
URL: https://codepen.io/onion2k/pen/BGrXEO
Protocol
H3
Server
2606:4700::6811:e30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f2cfb7ea57dd8d1eb943f84cb7e4e21b11a16ab3b67833f6aa147ff5a42892d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://codepen.io/
User-Agent
phishfarmer

Response headers

date
Wed, 26 Jan 2022 21:34:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
52216
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Jan 2022 07:04:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 24 Jan 2032 21:34:21 GMT
cache-control
public, max-age=315360000
cf-ray
6d3cdd6b2bcb6925-FRA
cf-bgj
minify

Redirect headers

date
Wed, 26 Jan 2022 21:34:21 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
52255
x-powered-by
Phusion Passenger(R)
status
301 Moved Permanently
location
https://codepen.io/assets/packs/js/1-6f74b336433b5329e407.chunk.js
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
86b16667-1ed4-423a-8809-14206648d824
x-runtime
0.002577
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-download-options
noopen
content-type
text/html
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=315360000
cf-ray
6d3cdd6adb3a6925-FRA
expires
Sat, 24 Jan 2032 21:34:21 GMT
everypage-acec91eb5b16a2c7cbca.js
codepen.io/assets/packs/js/
Redirect Chain
  • https://cpwebassets.codepen.io/assets/packs/js/everypage-acec91eb5b16a2c7cbca.js
  • https://codepen.io/assets/packs/js/everypage-acec91eb5b16a2c7cbca.js
687 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codepen.io/assets/packs/js/everypage-acec91eb5b16a2c7cbca.js
Requested by
Host: codepen.io
URL: https://codepen.io/onion2k/pen/BGrXEO
Protocol
H3
Server
2606:4700::6811:e30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3e6c12147c8d9347ee557a1facb1b908741e364c761dae859e82cb1a380565c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://codepen.io/
User-Agent
phishfarmer

Response headers

date
Wed, 26 Jan 2022 21:34:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
7186
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Jan 2022 19:34:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 24 Jan 2032 21:34:21 GMT
cache-control
public, max-age=315360000
cf-ray
6d3cdd6b2bd26925-FRA
cf-bgj
minify

Redirect headers

date
Wed, 26 Jan 2022 21:34:21 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
7232
x-powered-by
Phusion Passenger(R)
status
301 Moved Permanently
location
https://codepen.io/assets/packs/js/everypage-acec91eb5b16a2c7cbca.js
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
7e75e701-6674-4cdb-9742-cbe96d0f8c00
x-runtime
0.001713
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-download-options
noopen
content-type
text/html
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=315360000
cf-ray
6d3cdd6adb3d6925-FRA
expires
Sat, 24 Jan 2032 21:34:21 GMT
firebaseConnectLibs-cad4ea80abbdcb5b2a55.js
codepen.io/assets/packs/js/
Redirect Chain
  • https://cpwebassets.codepen.io/assets/packs/js/firebaseConnectLibs-cad4ea80abbdcb5b2a55.js
  • https://codepen.io/assets/packs/js/firebaseConnectLibs-cad4ea80abbdcb5b2a55.js
15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codepen.io/assets/packs/js/firebaseConnectLibs-cad4ea80abbdcb5b2a55.js
Requested by
Host: codepen.io
URL: https://codepen.io/onion2k/pen/BGrXEO
Protocol
H3
Server
2606:4700::6811:e30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10fa7226eb796042e7172923ae3b89d012e81ecd5047b240bd545df1200e0db5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://codepen.io/
User-Agent
phishfarmer

Response headers

date
Wed, 26 Jan 2022 21:34:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
52187
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Jan 2022 07:04:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 24 Jan 2032 21:34:21 GMT
cache-control
public, max-age=315360000
cf-ray
6d3cdd6b2bd46925-FRA
cf-bgj
minify

Redirect headers

date
Wed, 26 Jan 2022 21:34:21 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
52253
x-powered-by
Phusion Passenger(R)
status
301 Moved Permanently
location
https://codepen.io/assets/packs/js/firebaseConnectLibs-cad4ea80abbdcb5b2a55.js
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
ba4d4ecc-4f42-4b21-91af-3a363e8971e2
x-runtime
0.002204
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-download-options
noopen
content-type
text/html
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=315360000
cf-ray
6d3cdd6adb3f6925-FRA
expires
Sat, 24 Jan 2032 21:34:21 GMT
processorRouter-99e144fe9da7cfcd5f86.js
cpwebassets.codepen.io/assets/packs/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpwebassets.codepen.io/assets/packs/js/processorRouter-99e144fe9da7cfcd5f86.js
Requested by
Host: codepen.io
URL: https://codepen.io/onion2k/pen/BGrXEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:e30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a67a903b91112c3b4a5f87b25dfa84477ce5563c50915a5916579c8cd769819d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://codepen.io/
User-Agent
phishfarmer

Response headers

date
Wed, 26 Jan 2022 21:34:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
135579
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 25 Jan 2022 07:54:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 24 Jan 2032 21:34:21 GMT
cache-control
public, max-age=315360000
cf-ray
6d3cdd6adb406925-FRA
cf-bgj
minify
filestack.min.js
static.filestackapi.com/filestack-js/3.x.x/ 		254 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.filestackapi.com/filestack-js/3.x.x/filestack.min.js
Requested by
Host: codepen.io
URL: https://codepen.io/onion2k/pen/BGrXEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f89ce627b219f5076a482f6248aefbf0a661ae3ee5a2caef0d44170ed067afa2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://codepen.io/
User-Agent
phishfarmer

Response headers

date
Wed, 26 Jan 2022 21:34:21 GMT
content-encoding
gzip
age
43101
via
1.1 varnish
x-cache
HIT
content-length
73789
x-amz-id-2
Pggo2vUWZiQPutgzrpP2TlaodMSUtIL6LxzPq0bIEVMqQ4rL3vZ4EWlNrnIFJPkIcV2SCr/KId4=
x-served-by
cache-hhn4041-HHN
last-modified
Tue, 05 Oct 2021 12:32:00 GMT
x-timer
S1643232862.924435,VS0,VE0
etag
"c46883319739731fa0322b6b106e8c14"
vary
Accept-Encoding
x-amz-request-id
EX5SH3Q84CFZEKSV
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
948
commonLibs-9baf61da2f0b1adbfdbda1a98aa009379eddc23641e45edf6d5c41f98fe361d0.js
cpwebassets.codepen.io/assets/editor/global/ 		192 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpwebassets.codepen.io/assets/editor/global/commonLibs-9baf61da2f0b1adbfdbda1a98aa009379eddc23641e45edf6d5c41f98fe361d0.js
Requested by
Host: codepen.io
URL: https://codepen.io/onion2k/pen/BGrXEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:e30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68e9b0683e3c7b82454b9153d5c7be78f66a54a2d14e98adbeda4631c81050be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://codepen.io/
User-Agent
phishfarmer

Response headers

date
Wed, 26 Jan 2022 21:34:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1700492
cf-polished
origSize=196723
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 07 Jan 2022 05:12:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 24 Jan 2032 21:34:21 GMT
cache-control
public, max-age=315360000
cf-ray
6d3cdd6adb416925-FRA
cf-bgj
minify
codemirror-38f6d79a9404a790a5769ae17525f1a192f3d3c9d323e1479691af1295a26d66.js
cpwebassets.codepen.io/assets/editor/global/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpwebassets.codepen.io/assets/editor/global/codemirror-38f6d79a9404a790a5769ae17525f1a192f3d3c9d323e1479691af1295a26d66.js
Requested by
Host: codepen.io
URL: https://codepen.io/onion2k/pen/BGrXEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:e30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e5588b964fe2826a591c5c4a4e903b742838e8e2be8a79b4cf863b0e077e4a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://codepen.io/
User-Agent
phishfarmer

Response headers

date
Wed, 26 Jan 2022 21:34:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
163763
cf-polished
origSize=444672
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 25 Jan 2022 00:04:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 24 Jan 2032 21:34:21 GMT
cache-control
public, max-age=315360000
cf-ray
6d3cdd6adb426925-FRA
cf-bgj
minify
emmet-codemirror-plugin-d52a9896e5f03371a6952975f3e92e5812c54903ca27e36f9c7b707444dc1e88.js
cpwebassets.codepen.io/assets/libs/ 		119 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpwebassets.codepen.io/assets/libs/emmet-codemirror-plugin-d52a9896e5f03371a6952975f3e92e5812c54903ca27e36f9c7b707444dc1e88.js
Requested by
Host: codepen.io
URL: https://codepen.io/onion2k/pen/BGrXEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:e30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fadf126c9ef6568762b56e330199d7fa511f5767e74afe1ce68bfb44a6b2f60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://codepen.io/
User-Agent
phishfarmer

Response headers

date
Wed, 26 Jan 2022 21:34:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
135579
cf-polished
origSize=121797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 25 Jan 2022 07:54:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 24 Jan 2032 21:34:21 GMT
cache-control
public, max-age=315360000
cf-ray
6d3cdd6adb446925-FRA
cf-bgj
minify
index-8b4bdecfc2b9ade900e6539957befe4acaea475996e7da9e871ddc222d94f715.js
cpwebassets.codepen.io/assets/editor/pen/ 		147 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpwebassets.codepen.io/assets/editor/pen/index-8b4bdecfc2b9ade900e6539957befe4acaea475996e7da9e871ddc222d94f715.js
Requested by
Host: codepen.io
URL: https://codepen.io/onion2k/pen/BGrXEO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:e30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8be4f4dd01bc2f7ad387afbe09cad40975fb88a87d5b3548a4a7d7f929bdfd49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://codepen.io/
User-Agent
phishfarmer

Response headers

date
Wed, 26 Jan 2022 21:34:21 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
135579
cf-polished
origSize=150915
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 25 Jan 2022 07:54:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 24 Jan 2032 21:34:21 GMT
cache-control
public, max-age=315360000
cf-ray
6d3cdd6adb456925-FRA
cf-bgj
minify
css
fonts.googleapis.com/ 		1 KB
702 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,400italic,700,700italic,900,900italic&display=swap
Requested by
Host: cpwebassets.codepen.io
URL: https://cpwebassets.codepen.io/assets/global/global-7f803d09491edc73a8167ba3307798227ebdedc91989a6c536a3b231f2fd7900.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e6d534ee3d0c25757e3fba3a1d0867582a653608142b7933ef90d8b514575d77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cpwebassets.codepen.io/
User-Agent
phishfarmer

Response headers

date
Wed, 26 Jan 2022 21:34:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Wed, 26 Jan 2022 21:34:21 GMT
S6u9w4BMUTPHh6UVSwiPHA.ttf
fonts.gstatic.com/s/lato/v20/ 		58 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPHA.ttf
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400italic,700,700italic,900,900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6b44938bc5bcb4c2a08ca8a762ec10566c66026f40704f13cb47e370b5c8e2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://codepen.io
Accept-Language
de-DE,de;q=0.9
User-Agent
phishfarmer

Response headers

date
Sun, 23 Jan 2022 18:23:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
270678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29795
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 23 Jan 2023 18:23:03 GMT
S6uyw4BMUTPHjx4wWw.ttf
fonts.gstatic.com/s/lato/v20/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wWw.ttf
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400italic,700,700italic,900,900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acb428bb824a7f7d865446caa0fe1f6885aa0723e43848042f51db37f0926f1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://codepen.io
Accept-Language
de-DE,de;q=0.9
User-Agent
phishfarmer

Response headers

date
Mon, 24 Jan 2022 03:46:13 GMT
x-content-type-options
nosniff
age
236888
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60524
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 24 Jan 2023 03:46:13 GMT
BGrXEO
cdpn.io/onion2k/fullpage/ Frame 50EF 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdpn.io/onion2k/fullpage/BGrXEO
Requested by
Host: codepen.io
URL: https://codepen.io/onion2k/pen/BGrXEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R)
Resource Hash
69737885527e32abecd03f01473f86b4d63b9db6d70a78d600f8b673751217cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
phishfarmer
Accept-Language
de-DE,de;q=0.9
Referer
https://codepen.io/

Response headers

date
Wed, 26 Jan 2022 21:34:22 GMT
content-type
text/html; charset=utf-8
status
200 OK
last-modified
Fri, 05 Mar 2021 08:18:20 GMT
cache-control
max-age=0, private, must-revalidate
referrer-policy
strict-origin-when-cross-origin
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
8390c88e-d161-415b-97bb-519a2cb10005
x-download-options
noopen
x-runtime
0.013606
x-content-type-options
nosniff
x-powered-by
Phusion Passenger(R)
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVFvxDDItvCHO6wG5arJr7BlADyi06Oct9bumMCMVfj4ebGGfOQsHpyy4Pd40RcQ5uOVhHefSi24fmFJTTNFPNm9jSc%2Be%2BBEGr0WZrydy5RtMxbwodMYmrfRLNFRFCzGVL5NZf0%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
cf-ray
6d3cdd6b3acc8fe0-FRA
content-encoding
br
graphql
codepen.io/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://codepen.io/graphql
Requested by
Host: cpwebassets.codepen.io
URL: https://cpwebassets.codepen.io/assets/packs/js/vendor-e72bc3cf47154f7b96af.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:e30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R)
Resource Hash
22e5bd83c51b05613cb68b3c0905bbc68818dc0891b3b7dc2d530d3c6ac575f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
*/*
Referer
https://codepen.io/onion2k/pen/BGrXEO
X-CSRF-TOKEN
RvvVX5pn6KkrFI1sT2rKqLODPwvLtMUL3AyRfgv/9L+HGH28MevKhXbqv4HG/vJ09ZLCTAL0Z4Ese4hjwg0fZg==
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
phishfarmer
content-type
application/json

Response headers

date
Wed, 26 Jan 2022 21:34:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger(R)
status
200 OK
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
70043f32-458b-4653-a11c-b34cd2dbb208
x-runtime
0.088011
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"22e5bd83c51b05613cb68b3c0905bbc6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-download-options
noopen
content-type
application/json; charset=utf-8
cache-control
max-age=0, private, must-revalidate
cf-ray
6d3cdd6c5e006925-FRA
3f32b1c9-8e26-465e-ae02-ff82a378b670-3-78992f1ed89d5cadb09702e6a0d5bbb0302e85c728c1f8d18fdc8aa56870104c.woff
cpwebassets.codepen.io/assets/telefon/black/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cpwebassets.codepen.io/assets/telefon/black/3f32b1c9-8e26-465e-ae02-ff82a378b670-3-78992f1ed89d5cadb09702e6a0d5bbb0302e85c728c1f8d18fdc8aa56870104c.woff
Requested by
Host: cpwebassets.codepen.io
URL: https://cpwebassets.codepen.io/assets/global/global-7f803d09491edc73a8167ba3307798227ebdedc91989a6c536a3b231f2fd7900.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:e30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57fea344c68deada91a3d7a7eca42592db999d6006d6d42a3209f192afaf1384
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://cpwebassets.codepen.io/assets/global/global-7f803d09491edc73a8167ba3307798227ebdedc91989a6c536a3b231f2fd7900.css
Origin
https://codepen.io
Accept-Language
de-DE,de;q=0.9
User-Agent
phishfarmer

Response headers

date
Wed, 26 Jan 2022 21:34:22 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
129119
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 25 Jan 2022 09:42:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/font-woff; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
6d3cdd6c8c419235-FRA
expires
Sat, 24 Jan 2032 21:34:22 GMT
scss
codepen.io/editor/constants/addons/ 		15 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://codepen.io/editor/constants/addons/scss
Requested by
Host: cpwebassets.codepen.io
URL: https://cpwebassets.codepen.io/assets/common/everypage-f84dd91ff413b23b8d1a6f7eadc615dc53c384f74f8254e068449db735b2c8cd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:e30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R)
Resource Hash
ef866290faeba421933943ada555396c5b1e49aad4a5613c66037ce8b73bf801
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; block-all-mixed-content; connect-src blob: *; font-src data: *; frame-src data: blob: *; img-src 'self' assets.codepen.io cpwebassets.codepen.io *.codepen-staging.com *.codepen.website *.codepen.io *.wp.com gravatar.com static.filestackapi.com *.buysellads.net *.doubleclick.net *.adsafeprotected.com *.unsplash.com data: blob:; form-action 'self'; media-src 'self' assets.codepen.io blog.codepen.io; object-src 'none'; script-src 'self' 'unsafe-eval' 'nonce-7F3Bw5XMFxs=' cpwebassets.codepen.io *.appcues.com *.buysellads.com *.carbonads.com *.carbonads.net *.filestackapi.com *.firebaseio.com *.paypal.com *.paypalobjects.com *.braintreegateway.com *.stripe.com *.wufoo.com *.speedcurve.com wufoo.com www.google.com; style-src 'unsafe-inline' *; report-uri /cpe/csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://codepen.io/onion2k/pen/BGrXEO
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
phishfarmer

Response headers

date
Wed, 26 Jan 2022 21:34:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger(R)
status
200 OK
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
6005de5d-e23b-4b5e-819b-8335c87f9144
x-runtime
0.003627
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 03 Aug 2020 21:23:30 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-download-options
noopen
content-type
application/json; charset=utf-8
cache-control
max-age=31556952, public
content-security-policy
default-src 'self'; base-uri 'self'; block-all-mixed-content; connect-src blob: *; font-src data: *; frame-src data: blob: *; img-src 'self' assets.codepen.io cpwebassets.codepen.io *.codepen-staging.com *.codepen.website *.codepen.io *.wp.com gravatar.com static.filestackapi.com *.buysellads.net *.doubleclick.net *.adsafeprotected.com *.unsplash.com data: blob:; form-action 'self'; media-src 'self' assets.codepen.io blog.codepen.io; object-src 'none'; script-src 'self' 'unsafe-eval' 'nonce-7F3Bw5XMFxs=' cpwebassets.codepen.io *.appcues.com *.buysellads.com *.carbonads.com *.carbonads.net *.filestackapi.com *.firebaseio.com *.paypal.com *.paypalobjects.com *.braintreegateway.com *.stripe.com *.wufoo.com *.speedcurve.com wufoo.com www.google.com; style-src 'unsafe-inline' *; report-uri /cpe/csp
cf-ray
6d3cdd6d48106925-FRA
CKYDVK7U.json
srv.buysellads.com/ads/ 		2 KB
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://srv.buysellads.com/ads/CKYDVK7U.json?callback=customJSONPCallback
Requested by
Host: cpwebassets.codepen.io
URL: https://cpwebassets.codepen.io/assets/packs/js/1-6f74b336433b5329e407.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
134.209.25.109 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-ldn-12.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
65b9420e7226470fb8c409f6a4fb3dfcfcecf9c7ef3f609e295c8de04bdf666a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://codepen.io/
User-Agent
phishfarmer

Response headers

access-control-allow-origin
*
date
Wed, 26 Jan 2022 21:34:22 GMT
content-encoding
gzip
server
//srv.buysellads.com
content-length
802
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
graphql
codepen.io/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://codepen.io/graphql
Requested by
Host: cpwebassets.codepen.io
URL: https://cpwebassets.codepen.io/assets/packs/js/vendor-e72bc3cf47154f7b96af.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:e30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R)
Resource Hash
582701b6a5dba465f58a265d2ad8696b1c99584369adf4dfde5c85479ddace60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
*/*
Referer
https://codepen.io/onion2k/pen/BGrXEO
X-CSRF-TOKEN
RvvVX5pn6KkrFI1sT2rKqLODPwvLtMUL3AyRfgv/9L+HGH28MevKhXbqv4HG/vJ09ZLCTAL0Z4Ese4hjwg0fZg==
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
phishfarmer
content-type
application/json

Response headers

date
Wed, 26 Jan 2022 21:34:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger(R)
status
200 OK
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
ab422275-6e2b-4945-8a99-7e28735d86cd
x-runtime
0.048238
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"582701b6a5dba465f58a265d2ad8696b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-download-options
noopen
content-type
application/json; charset=utf-8
cache-control
max-age=0, private, must-revalidate
cf-ray
6d3cdd6d98a76925-FRA
1587604228-cp-80x80.png
cdn4.buysellads.net/uu/1/62837/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.buysellads.net/uu/1/62837/1587604228-cp-80x80.png
Requested by
Host: codepen.io
URL: https://codepen.io/onion2k/pen/BGrXEO
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
4b2c98ce4e1d88f5a2ec6db5cb9fc1f34f5d2a37306827eb6e29f93710628c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://codepen.io/
User-Agent
phishfarmer

Response headers

date
Wed, 26 Jan 2022 21:34:22 GMT
last-modified
Thu, 23 Apr 2020 01:10:29 GMT
server
NetDNA-cache/2.2
x-amz-request-id
SN5X3Y4A5GFME8C8
etag
"2f68dde22c3f0edf7863cee88fb14f72"
x-cache
HIT
content-type
image/png
cache-control
max-age=31104000
accept-ranges
bytes
content-length
1045
x-amz-id-2
L+mhNPTT9a5auuTQbiQhi+8G7TIJYEaamEW3WNvSYySUXDPWg9DkHhXrQCHhkAv8Y+qGivLTb2c=
expires
Sat, 21 Jan 2023 21:34:22 GMT
graphql
codepen.io/ 		541 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://codepen.io/graphql
Requested by
Host: cpwebassets.codepen.io
URL: https://cpwebassets.codepen.io/assets/packs/js/vendor-e72bc3cf47154f7b96af.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:e30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R)
Resource Hash
720c87568d2c98a833c0bc5429c02f7a26fac51f856d783cfd67ac9e84515545
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
*/*
Referer
https://codepen.io/onion2k/pen/BGrXEO
X-CSRF-TOKEN
RvvVX5pn6KkrFI1sT2rKqLODPwvLtMUL3AyRfgv/9L+HGH28MevKhXbqv4HG/vJ09ZLCTAL0Z4Ese4hjwg0fZg==
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
phishfarmer
content-type
application/json

Response headers

date
Wed, 26 Jan 2022 21:34:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger(R)
status
200 OK
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
1a0dbdae-5bfa-48a1-95df-f41e4618e010
x-runtime
0.024365
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"720c87568d2c98a833c0bc5429c02f7a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-download-options
noopen
content-type
application/json; charset=utf-8
cache-control
max-age=0, private, must-revalidate
cf-ray
6d3cdd6f6c676925-FRA
prefixfree.min.js
cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/ Frame 50EF 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Requested by
Host: cdpn.io
URL: https://cdpn.io/onion2k/fullpage/BGrXEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19a28e2d74e7eee25716e5a9e7bba44191ae28ada05995a5107d7a85cea3054f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdpn.io/
User-Agent
phishfarmer

Response headers

date
Wed, 26 Jan 2022 21:34:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
129120
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2135
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03faa-16f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bxs%2BMi5B8azAPfK2x7tZn1iWnHgaC%2BYI%2BuR%2BxAvajyEVtdydFeMGn1m%2BtieSq5Eck3JaOsNJbvlY9CkVL5FUD%2FZSr1%2BzgJWTHYct0n%2FeaGEnZlu3ifOXV05qN8viR1xsJJXN%2B2cjRTQ8GNi3mwOgI3Sb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d3cdd707f1c925c-FRA
expires
Mon, 16 Jan 2023 21:34:22 GMT
email-decode.min.js
cdpn.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 50EF 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdpn.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: cdpn.io
URL: https://cdpn.io/onion2k/fullpage/BGrXEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:46cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdpn.io/onion2k/fullpage/BGrXEO
User-Agent
phishfarmer

Response headers

date
Wed, 26 Jan 2022 21:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
last-modified
Wed, 19 Jan 2022 15:58:45 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"61e83535-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r0kGHCNJLvJGNyRZ1GeZUA5EmS5aawwUx9iS8A8OuRFtBLr1pHCYTK3AR0%2Bv61Gn6XKVf5btKpjV9Kfu6xagRxgnIOBvGLWUM4o2uZxx%2FKBcPmlEzQkn%2Fm2%2Bw3ImDshpVtQe%2F%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6d3cdd705f758fe0-FRA
expires
Fri, 28 Jan 2022 21:34:22 GMT
snow.js
unpkg.com/snowworker@1.0.9/ Frame 50EF 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/snowworker@1.0.9/snow.js
Requested by
Host: cdpn.io
URL: https://cdpn.io/onion2k/fullpage/BGrXEO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84aa04858cfa9b87be13d32e03082b91d94940e80b3376927cf8fe72e263ca6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdpn.io/
User-Agent
phishfarmer

Response headers

date
Wed, 26 Jan 2022 21:34:23 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
content-encoding
br
vary
Accept-Encoding
fly-request-id
01FTC4Z8JPJA8SJGQEB8E34P8H
server
cloudflare
etag
W/"1c3a-BYlmgyIH5tJ+5lErUyzcCm35StY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6d3cdd707a32690d-FRA
graphql
codepen.io/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://codepen.io/graphql
Requested by
Host: cpwebassets.codepen.io
URL: https://cpwebassets.codepen.io/assets/packs/js/vendor-e72bc3cf47154f7b96af.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:e30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R)
Resource Hash
92bd07684392b6efd77831d9e64ad5958e574ce44e651b8f51953025bcedb2c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
*/*
Referer
https://codepen.io/onion2k/pen/BGrXEO
X-CSRF-TOKEN
RvvVX5pn6KkrFI1sT2rKqLODPwvLtMUL3AyRfgv/9L+HGH28MevKhXbqv4HG/vJ09ZLCTAL0Z4Ese4hjwg0fZg==
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
phishfarmer
content-type
application/json

Response headers

date
Wed, 26 Jan 2022 21:34:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger(R)
status
200 OK
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
98249f79-4171-4722-a14f-006d4bfef483
x-runtime
0.286567
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"92bd07684392b6efd77831d9e64ad595"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-download-options
noopen
content-type
application/json; charset=utf-8
cache-control
max-age=0, private, must-revalidate
cf-ray
6d3cdd71cb306925-FRA
9d87872a-92eb-42aa-9bb1-10e0e412bb9e
https://cdpn.io/ Frame 50EF 		4 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://cdpn.io/9d87872a-92eb-42aa-9bb1-10e0e412bb9e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ea800f4338ac150d00c481cc1966ff4201a3af167e6fcda3a1fc784127df125

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
phishfarmer

Response headers

Content-Length
4247
Content-Type
text/javascript

Verdicts & Comments Add Verdict or Comment

210 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| NastyBrowserSniffing object| __browser object| __constants object| __CPDATA object| __user object| __firebase object| __graphql string| __pay_stripe_public string| __pay_braintree_env object| __boomboom object| __editor_config object| __item string| __jwt object| __layoutType string| __pageType string| __pen_export_url object| __profiled object| __processorsMap object| __rtData string| __eijs string| __favicon_mask_icon string| __favicon_shortcut_icon string| __path_to_iframe_console_runner string| __path_to_iframe_refresh_css string| __path_to_iframe_runtime_errors string| __path_to_processor_worker string| __path_to_stop_execution_on_timeout string| __pen_normalize_css_url string| __pen_prefix_free_url string| __pen_reset_css_url string| __theme_url_twilight string| __theme_url_solarized_dark string| __theme_url_tomorrow_night string| __theme_url_oceanic_dark string| __theme_url_panda string| __theme_url_duotone_dark string| __theme_url_highcontrast_dark string| __theme_url_classic string| __theme_url_solarized_light string| __theme_url_xq_light string| __theme_url_oceanic_light string| __theme_url_mdn_like string| __theme_url_duotone_light string| __theme_url_highcontrast_light string| __theme_url_scoped_twilight string| __theme_url_scoped_solarized_dark string| __theme_url_scoped_tomorrow_night string| __theme_url_scoped_oceanic_dark string| __theme_url_scoped_panda string| __theme_url_scoped_duotone_dark string| __theme_url_scoped_highcontrast_dark string| __theme_url_scoped_classic string| __theme_url_scoped_solarized_light string| __theme_url_scoped_xq_light string| __theme_url_scoped_oceanic_light string| __theme_url_scoped_mdn_like string| __theme_url_scoped_duotone_light string| __theme_url_scoped_highcontrast_light function| _isValidType function| $ function| jQuery function| _ object| CP object| HUB_EVENTS object| fe function| _isOnLocalhost function| _splitOnNewLine function| _inIframe function| _fullURL function| _getUnixTimestamp function| _htmlEntities function| _stripHTMLTags function| _deepEqual function| _diffObjects function| _cloneDeep function| _makeSafe object| AJAXUtil object| ObjectUtil object| CPLocalStorage object| Hub object| Keytrap object| CodePenTracking object| webpackJsonp object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al number| LUX_t_start number| LUX_t_end object| regeneratorRuntime function| postWithJWTAuth object| __jsonpCallbacks function| customJSONPCallback object| __fromServerData object| __apolloClient object| __routerHistory object| CPFirebase object| ProcessorRouter object| filestackInternals object| __SENTRY__ object| filestack function| EventEmitter object| eventie function| Unipointer function| Unidragger function| AlgoliaSearch function| AlgoliaSearchHelper function| AlgoliaExplainResults object| ALGOLIA_MIGRATION_LAYER object| __algolia function| algoliasearch object| CacheGet object| IDGenerator function| Class function| Typo function| CodeMirror function| BarDragger object| URLBuilder object| LocalDataLoader function| User object| ERRORS object| LEVELS object| WARNINGS object| PEN_CONSTANTS object| CMEditorSettings object| BaseEditorKeyBindingsMixin object| BaseEditorErrorMixin object| BaseEditorFindMixin object| BaseEditorFoldingMixin function| BaseEditor object| BaseEditorViewSourceMixin function| CSSEditor object| EditorModes function| HTMLEditor function| JSEditor object| EnableDisableDriver function| getStyleProperty function| triggerTransition function| CodeEditorsTidyController function| CodeEditorsTidyEvents function| CodeEditorTidyModel function| CodeEditorsTidyView function| TransitionsUtil function| CodeEditorsCSSTransitionHandler object| CodeEditorsUtil function| CodeEditorsViewSourceController function| CodeEditorsViewSourceEvents function| CodeEditorsViewSourceModel function| CodeEditorsViewSourceView function| Profiled object| UI function| Pen function| PenUnsavedMessage function| PenAutosave function| PenDelete object| PenResourcesData function| PenSaver object| BunkerBox function| generateGuid object| IFrameRender function| PenActions object| PARTemplates function| BaseSettingsController function| BaseSettingsEvents function| BehaviorController function| BehaviorEvents function| BehaviorView function| CSSSettingsController function| CSSSettingsEvents function| CSSSettingsModel function| CSSSettingsView function| HTMLSettingsController function| HTMLSettingsEvents function| HTMLSettingsModel function| HTMLSettingsView function| InfoController function| InfoEvents function| InfoView function| JSSettingsController function| JSSettingsEvents function| JSSettingsModel function| JSSettingsView function| packagesSettingsController function| packagesSettingsEvents function| packagesSettingsModel function| packagesSettingsView function| ResourcesController function| ResourcesEvents function| ResourcesView function| SettingsController function| PenTagsController function| PenTagsEvents function| PenTagsModel function| PenTagsView function| ProjectTagsController function| ProjectTagsEvents function| ProjectTagsModel function| ProjectTagsView function| ShareGist function| ShareView object| algolia object| Copy object| CPFactory object| HandleIFrameClicks object| TimeUtil object| ViewSwitcher function| TeamRoomNotifications function| _cpbsa object| _cpbsadata

5 Cookies

Domain/Path Name / Value
.codepen.io/ Name: __cf_bm
Value: C9DQdovmMxEWxgPPc6EW3b8p0_FJvliJN7C4w.3Y5Bc-1643232861-0-ATgbO/P7ALUhUIhchqq6X9Bj36k/qw9LNddbv5pA204bterrz7NPJWVuIkJPvvjf2VbkI0JlFlisKzorpkgE8iI=
.codepen.io/ Name: __cfruid
Value: 80f3179fb6d68d8988e8be1d13652af3cea6f311-1643232861
codepen.io/ Name: lux_uid
Value: 164323286203003544
.cdpn.io/ Name: __cfruid
Value: 8963f6353d9e708387fd39900d455c19820efa57-1643232862
codepen.io/ Name: cp_session
Value: OoofTfLDpYyVZj97--ZmLReo%2B2hIxolt6DjCPZ0jdCKkg0QlqJOIZKTGtn%2BNot0ITooWCkq3NUI7K3xJheDkQ0VLN2CUu%2FXlA7QMXaEEByYgH4hBTdQBc48z82AUmp9v2oIblhBMKiXrof2GwrYE2gyjOBQxNi0B%2B9DpQ7BVQrGkDvXDxu%2BumxUp%2BWSoeZ%2BcZC9MOPzq4JTi16x1A%2B0vJ2aTvYD8q9Xg%3D%3D--LVpoaEKI7n9MZOwlCqThcg%3D%3D

3 Console Messages

Source Level URL
Text
other warning URL: https://codepen.io/onion2k/pen/BGrXEO(Line 1099)
Message:
Unrecognized feature: 'ambient-light-sensor'.
other warning URL: https://codepen.io/onion2k/pen/BGrXEO(Line 1099)
Message:
Unrecognized feature: 'vr'.
other warning URL: https://codepen.io/onion2k/pen/BGrXEO(Line 1099)
Message:
Allow attribute will take precedence over 'allowpaymentrequest'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; base-uri 'self'; block-all-mixed-content; connect-src blob: *; font-src data: *; frame-src data: blob: *; img-src 'self' assets.codepen.io cpwebassets.codepen.io *.codepen-staging.com *.codepen.website *.codepen.io *.wp.com gravatar.com static.filestackapi.com *.buysellads.net *.doubleclick.net *.adsafeprotected.com *.unsplash.com data: blob:; form-action 'self'; media-src 'self' assets.codepen.io blog.codepen.io; object-src 'none'; script-src 'self' 'unsafe-eval' 'nonce-6bfp22PwW1o=' cpwebassets.codepen.io *.appcues.com *.buysellads.com *.carbonads.com *.carbonads.net *.filestackapi.com *.firebaseio.com *.paypal.com *.paypalobjects.com *.braintreegateway.com *.stripe.com *.wufoo.com *.speedcurve.com wufoo.com www.google.com; style-src 'unsafe-inline' *; report-uri /cpe/csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.speedcurve.com
cdn4.buysellads.net
cdnjs.cloudflare.com
cdpn.io
codepen.io
cpwebassets.codepen.io
fonts.googleapis.com
fonts.gstatic.com
srv.buysellads.com
static.filestackapi.com
unpkg.com
134.209.25.109
151.101.130.133
151.101.66.217
2606:4700:20::ac43:46cf
2606:4700::6810:125e
2606:4700::6810:7aaf
2606:4700::6810:b02c
2606:4700::6811:e30
2a00:1450:4001:809::200a
2a00:1450:4001:80f::2003
94.31.29.32
0ea800f4338ac150d00c481cc1966ff4201a3af167e6fcda3a1fc784127df125
10fa7226eb796042e7172923ae3b89d012e81ecd5047b240bd545df1200e0db5
19a28e2d74e7eee25716e5a9e7bba44191ae28ada05995a5107d7a85cea3054f
1e5588b964fe2826a591c5c4a4e903b742838e8e2be8a79b4cf863b0e077e4a0
22e5bd83c51b05613cb68b3c0905bbc68818dc0891b3b7dc2d530d3c6ac575f5
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2d38a792b978cf483edf26d94b49c81bb1609629e615ea890d3acaa3dae4ed89
2f2cfb7ea57dd8d1eb943f84cb7e4e21b11a16ab3b67833f6aa147ff5a42892d
3ee18ffee0dcb9b30bcf61f6e0d9459f32fe6f4cef6870f73061e99716bb3c24
4b2c98ce4e1d88f5a2ec6db5cb9fc1f34f5d2a37306827eb6e29f93710628c84
57fea344c68deada91a3d7a7eca42592db999d6006d6d42a3209f192afaf1384
582701b6a5dba465f58a265d2ad8696b1c99584369adf4dfde5c85479ddace60
5f1fb74b1d9595ec410feebcc412e94e485c13e49f840a497d1efe00f80b33a5
65b9420e7226470fb8c409f6a4fb3dfcfcecf9c7ef3f609e295c8de04bdf666a
68e9b0683e3c7b82454b9153d5c7be78f66a54a2d14e98adbeda4631c81050be
69737885527e32abecd03f01473f86b4d63b9db6d70a78d600f8b673751217cd
6fadf126c9ef6568762b56e330199d7fa511f5767e74afe1ce68bfb44a6b2f60
720c87568d2c98a833c0bc5429c02f7a26fac51f856d783cfd67ac9e84515545
76c13c2869d99d533c6566b5edbbb64bda2dc953f8f477d9d3b80bcc41b10f83
84aa04858cfa9b87be13d32e03082b91d94940e80b3376927cf8fe72e263ca6b
8be4f4dd01bc2f7ad387afbe09cad40975fb88a87d5b3548a4a7d7f929bdfd49
92bd07684392b6efd77831d9e64ad5958e574ce44e651b8f51953025bcedb2c5
9983c4ca0324892812aae94e6e9adeac04e9fc0a24a2e87a0f7cfa4e2ce9f03a
9e1c0c887f4db420704b2a79926864019ef156bcecc9d5774a7e4eaa731fc5b5
a67a903b91112c3b4a5f87b25dfa84477ce5563c50915a5916579c8cd769819d
a6b44938bc5bcb4c2a08ca8a762ec10566c66026f40704f13cb47e370b5c8e2c
abc48eaf0a210e3e5156dac1bdf04de35dfcfe327aaac235aef73515670c80d8
acb428bb824a7f7d865446caa0fe1f6885aa0723e43848042f51db37f0926f1f
adc64a5ce49831f1f437e9dbb8869dd13913fff53af5c85fce093f0d9cdceddd
afa6925cbcff840929f2b7c543587d5f9d7a461af81ee7ca80631c8e37ac42f2
b3e6c12147c8d9347ee557a1facb1b908741e364c761dae859e82cb1a380565c
b9fbe1ca69dcbe27502d017e51c9f21630a38131d92d4f6360969ee9ba81b4e4
e442aebd85f2bb9dcd4a47cb43c7fc38efd5522ace0a675bf5e33a06413b5a28
e6d534ee3d0c25757e3fba3a1d0867582a653608142b7933ef90d8b514575d77
ef866290faeba421933943ada555396c5b1e49aad4a5613c66037ce8b73bf801
efb214df43076380a0b07d00c28cd19ec0a1fa3676a36cc6f321292772a2b3d7
f89ce627b219f5076a482f6248aefbf0a661ae3ee5a2caef0d44170ed067afa2