peenperiod3.doodlekit.com Open in urlscan Pro
54.145.62.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://peenperiod3.doodlekit.com/blog/entry/17603676/indicators-on-cbd-sleep-gummies-natures-script-you-need-to-know-
Submission: On September 27 via manual (September 27th 2021, 4:24:18 am UTC) from US — Scanned from DE

Summary HTTP 16 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 16 HTTP transactions. The main IP is 54.145.62.21, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is peenperiod3.doodlekit.com.
TLS certificate: Issued by RapidSSL RSA CA 2018 on July 3rd 2020. Valid for: 2 years.

This is the only time peenperiod3.doodlekit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	54.145.62.21 54.145.62.21	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:600... 2a04:4e42:600::268	54113 (FASTLY) (FASTLY)
1	141.193.213.20 141.193.213.20	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	67.228.237.98 67.228.237.98	36351 (SOFTLAYER) (SOFTLAYER)
1	2600:9000:21f... 2600:9000:21f3:5c00:3:9438:68c0:21	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
16	8

1 54.145.62.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-62-21.compute-1.amazonaws.com

peenperiod3.doodlekit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::268 (United States)

ASN54113 (FASTLY, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.193.213.20 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.directcbdonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.228.237.98 (Seattle, United States)

ASN36351 (SOFTLAYER, US)
PTR: 62.ed.e443.ip4.static.sl-reverse.com

texascbdemporium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:5c00:3:9438:68c0:21 (United States)

ASN16509 (AMAZON-02, US)

d2lnr5mha7bycj.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	gstatic.com www.gstatic.com fonts.gstatic.com	523 KB
4	google.com www.google.com	23 KB
1	cloudfront.net d2lnr5mha7bycj.cloudfront.net	944 KB
1	texascbdemporium.com texascbdemporium.com	37 KB
1	directcbdonline.com www.directcbdonline.com	84 KB
1	shopify.com cdn.shopify.com	54 KB
1	doodlekit.com peenperiod3.doodlekit.com	4 KB
16	7

	Domain	Requested by
6	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	peenperiod3.doodlekit.com www.gstatic.com
1	fonts.gstatic.com	www.google.com
1	d2lnr5mha7bycj.cloudfront.net	peenperiod3.doodlekit.com
1	texascbdemporium.com	peenperiod3.doodlekit.com
1	www.directcbdonline.com	peenperiod3.doodlekit.com
1	cdn.shopify.com	peenperiod3.doodlekit.com
1	peenperiod3.doodlekit.com
16	8

This site contains links to these domains. Also see Links.

Domain
anotepad.com

Subject Issuer	Validity	Valid
*.doodlekit.com RapidSSL RSA CA 2018	`2020-07-03` - `2022-08-02`	2 years	crt.sh
cdn.shopify.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-20` - `2022-05-22`	a year	crt.sh
www.directcbdonline.com R3	`2021-08-09` - `2021-11-07`	3 months	crt.sh
texascbdemporium.com cPanel, Inc. Certification Authority	`2021-08-26` - `2021-11-24`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://peenperiod3.doodlekit.com/blog/entry/17603676/indicators-on-cbd-sleep-gummies-natures-script-you-need-to-know-
Frame ID: 5D0212148EEB8196146BC797B50B075B
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSWwATAAAAAEWee0YDAUeqNIuSMcM2hb7GvZmJ&co=aHR0cHM6Ly9wZWVucGVyaW9kMy5kb29kbGVraXQuY29tOjQ0Mw..&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=normal&cb=uni3uw1v98cl
Frame ID: 7861A1DCB8345778ED17066071B2F3FC
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&k=6LcSWwATAAAAAEWee0YDAUeqNIuSMcM2hb7GvZmJ&cb=ktr2fsswf2g5
Frame ID: 5E53C0531003D59DF1AB2F380E0AD1C4
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="g-recaptcha"
/recaptcha/api\.js

Page Statistics

16
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

1669 kB
Transfer

2337 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://anotepad.com/notes/ejcj5g3s
Title: Nyte

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request indicators-on-cbd-sleep-gummies-natures-script-you-need-to-know- Show response
peenperiod3.doodlekit.com/blog/entry/17603676/ 11 KB
4 KB 9363ms
9152ms Document
text/html 54.145.62.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://peenperiod3.doodlekit.com/blog/entry/17603676/indicators-on-cbd-sleep-gummies-natures-script-you-need-to-know-
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.62.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-145-62-21.compute-1.amazonaws.com
Software: Apache/2.2.22 (Ubuntu) / Phusion Passenger 5.0.21
Resource Hash: 57b344406a2cd04677a776e4c9f5c2ffcd1aba768481b93e44c91b4c75bb9787

Request headers

:method: GET
:authority: peenperiod3.doodlekit.com
:scheme: https
:path: /blog/entry/17603676/indicators-on-cbd-sleep-gummies-natures-script-you-need-to-know-
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 27 Sep 2021 04:24:13 GMT
content-type: text/html; charset=utf-8
content-length: 3924
server: Apache/2.2.22 (Ubuntu)
cache-control: max-age=0, private, must-revalidate
x-request-id: 0e3d51b779760c93624c6e6789dc05a4
x-ua-compatible: IE=Edge,chrome=1
etag: "c35c1e7ad986cfae5de8262684d4c313"
x-runtime: 0.188560
x-rack-cache: miss
x-powered-by: Phusion Passenger 5.0.21
status: 200 OK
vary: Accept-Encoding
content-encoding: gzip

GET
H2 200 DREAM-SLEEP-GUMMIES-20191122_SHOT02_0060-2_800x.jpg
cdn.shopify.com/s/files/1/1515/0462/products/ 53 KB
54 KB 143ms
106ms Image
image/webp 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1515/0462/products/DREAM-SLEEP-GUMMIES-20191122_SHOT02_0060-2_800x.jpg?v=1588736960

Requested by

Host: peenperiod3.doodlekit.com
URL: https://peenperiod3.doodlekit.com/blog/entry/17603676/indicators-on-cbd-sleep-gummies-natures-script-you-need-to-know-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-fra19178-FRA /

Resource Hash

3a7b18fd95b7cc165648a366423939d0a0ba39c81d6e1777b59c232deba7c767

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://peenperiod3.doodlekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-image: generated
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, MISS
content-length: 54500
x-xss-protection: 1; mode=block
x-request-id: 0249601969818007614e1369af2deb8f4d981809fef012bae8533c5eeb78a89b
x-served-by: cache-lga21924-LGA, cache-fra19178-FRA
last-modified: Sun, 12 Sep 2021 03:28:07 GMT
server: cache-fra19178-FRA
x-timer: S1632716654.640312,VS0,VE100
date: Mon, 27 Sep 2021 04:24:13 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 12 Sep 2022 03:28:07 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1515/0462/products/DREAM-SLEEP-GUMMIES-20191122_SHOT02_0060-2_800x.jpg>; rel="canonical"
x-cache-hits: 1, 0

GET
H2 200 Medterra-CBD-Gummies-Sleep-Tight-Strawberry-25mg-30-Count-1200x1200-cropped.jpg
www.directcbdonline.com/wp-content/uploads/2020/05/ 83 KB
84 KB 107ms
25ms Image
image/jpeg 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.directcbdonline.com/wp-content/uploads/2020/05/Medterra-CBD-Gummies-Sleep-Tight-Strawberry-25mg-30-Count-1200x1200-cropped.jpg
Requested by: Host: peenperiod3.doodlekit.com
URL: https://peenperiod3.doodlekit.com/blog/entry/17603676/indicators-on-cbd-sleep-gummies-natures-script-you-need-to-know-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f7dd8c560443f6e88937f30cc331f7503aa1873d1cf4670152e07d23a743b3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://peenperiod3.doodlekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:24:13 GMT
cf-cache-status: HIT
age: 2436
cf-polished: origSize=91736, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 85148
last-modified: Tue, 01 Jun 2021 20:14:35 GMT
server: cloudflare
etag: "60b6952b-16658"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6951f60d8f3643b8-FRA
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK cbd_gummies_melatonin_50ct_hb_front.jpg
texascbdemporium.com/wp-content/uploads/2020/11/ 37 KB
37 KB 537ms
129ms Image
image/jpeg 67.228.237.98
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://texascbdemporium.com/wp-content/uploads/2020/11/cbd_gummies_melatonin_50ct_hb_front.jpg
Requested by: Host: peenperiod3.doodlekit.com
URL: https://peenperiod3.doodlekit.com/blog/entry/17603676/indicators-on-cbd-sleep-gummies-natures-script-you-need-to-know-
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.228.237.98 Seattle, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 62.ed.e443.ip4.static.sl-reverse.com
Software: Apache /
Resource Hash: 661f6863b99f07a2245fae6a12e33977580efc0983b64da53bc36a1747a7566e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://peenperiod3.doodlekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 04:24:14 GMT
Last-Modified: Fri, 20 Nov 2020 15:23:35 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 37780

GET
H2 200 large_d22ebd3a-ea70-49b1-a6d5-2a75b7626271.png
d2lnr5mha7bycj.cloudfront.net/product-image/file/ 942 KB
944 KB 67ms
15ms Image
image/png 2600:9000:21f3:5c00:3:9438:68c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2lnr5mha7bycj.cloudfront.net/product-image/file/large_d22ebd3a-ea70-49b1-a6d5-2a75b7626271.png
Requested by: Host: peenperiod3.doodlekit.com
URL: https://peenperiod3.doodlekit.com/blog/entry/17603676/indicators-on-cbd-sleep-gummies-natures-script-you-need-to-know-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:5c00:3:9438:68c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2a1d0aa9fbfe5ab27e9bf5e5fe68c284f7e70a6d193858ff836f2184521cb86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://peenperiod3.doodlekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 21:12:45 GMT
via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
age: 25889
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-amz-storage-class: INTELLIGENT_TIERING
x-cache: Hit from cloudfront
content-length: 964539
last-modified: Wed, 09 Dec 2020 02:31:40 GMT
server: AmazonS3
etag: "3b4833b784acf9a566af8d1ad0a847b7"
x-amz-version-id: KCtfpOOYXliwiy8bJpGc.2MVR4IvCnwc
cache-control: max-age=315576000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: BnAy4rfC8bRWpYj_GVTs1Al5iwzLUhMi0XG2s6wUsqpUqfe7KpPPig==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
987 B 38ms
16ms Script
text/javascript 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: peenperiod3.doodlekit.com
URL: https://peenperiod3.doodlekit.com/blog/entry/17603676/indicators-on-cbd-sleep-gummies-natures-script-you-need-to-know-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c9eab627784ec862dd97635d015b259fa3fdc1f58d7fd198ae0a449e6790848

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://peenperiod3.doodlekit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:24:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Mon, 27 Sep 2021 04:24:13 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ 342 KB
134 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://peenperiod3.doodlekit.com/
Origin: https://peenperiod3.doodlekit.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 00:36:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136719
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Tue, 27 Sep 2022 00:36:52 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 7861 40 KB
21 KB 27ms
26ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSWwATAAAAAEWee0YDAUeqNIuSMcM2hb7GvZmJ&co=aHR0cHM6Ly9wZWVucGVyaW9kMy5kb29kbGVraXQuY29tOjQ0Mw..&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=normal&cb=uni3uw1v98cl

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

be83e3289ced1a0b3eac097736d5fb95b4955f02f33cf454384d7cf8df5bb416

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-t1XY1C0ZHGmNJE1/4zfBRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LcSWwATAAAAAEWee0YDAUeqNIuSMcM2hb7GvZmJ&co=aHR0cHM6Ly9wZWVucGVyaW9kMy5kb29kbGVraXQuY29tOjQ0Mw..&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=normal&cb=uni3uw1v98cl
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://peenperiod3.doodlekit.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://peenperiod3.doodlekit.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 27 Sep 2021 04:24:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-t1XY1C0ZHGmNJE1/4zfBRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20903
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame 7861 52 KB
52 KB 27ms
6ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSWwATAAAAAEWee0YDAUeqNIuSMcM2hb7GvZmJ&co=aHR0cHM6Ly9wZWVucGVyaW9kMy5kb29kbGVraXQuY29tOjQ0Mw..&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=normal&cb=uni3uw1v98cl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 13:00:46 GMT
x-content-type-options: nosniff
age: 228207
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52867
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Sat, 24 Sep 2022 13:00:46 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame 7861 342 KB
134 KB 38ms
18ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 00:36:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136719
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Tue, 27 Sep 2022 00:36:52 GMT

GET
DATA 200
OK truncated
/ Frame 7861 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7861 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7861 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 10:54:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 581408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Mon, 27 Sep 2021 10:54:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7861 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 19:58:13 GMT
x-content-type-options: nosniff
age: 548760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 19:58:13 GMT

GET
H2 200 webworker.js
www.google.com/recaptcha/api2/ Frame 7861 102 B
181 B 15ms
15ms Other
text/javascript 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL

Requested by

Host: peenperiod3.doodlekit.com
URL: https://peenperiod3.doodlekit.com/blog/entry/17603676/indicators-on-cbd-sleep-gummies-natures-script-you-need-to-know-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

392ed442867566d8cbd08f7e0d9a379c49177a9c96186ad0d1eba1a316721267

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSWwATAAAAAEWee0YDAUeqNIuSMcM2hb7GvZmJ&co=aHR0cHM6Ly9wZWVucGVyaW9kMy5kb29kbGVraXQuY29tOjQ0Mw..&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=normal&cb=uni3uw1v98cl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:24:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 27 Sep 2021 04:24:13 GMT

GET
H2 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 5E53 7 KB
1 KB 17ms
17ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&k=6LcSWwATAAAAAEWee0YDAUeqNIuSMcM2hb7GvZmJ&cb=ktr2fsswf2g5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cd290306359f3eac403b6e0089f3be291c422bcac82c66fb0c89a632d70c4596

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hNMoMx6sya28fAGGTWQanQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&k=6LcSWwATAAAAAEWee0YDAUeqNIuSMcM2hb7GvZmJ&cb=ktr2fsswf2g5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://peenperiod3.doodlekit.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://peenperiod3.doodlekit.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 27 Sep 2021 04:24:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-hNMoMx6sya28fAGGTWQanQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1111
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame 5E53 52 KB
52 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&k=6LcSWwATAAAAAEWee0YDAUeqNIuSMcM2hb7GvZmJ&cb=ktr2fsswf2g5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 13:00:46 GMT
x-content-type-options: nosniff
age: 228207
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52867
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Sat, 24 Sep 2022 13:00:46 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame 5E53 342 KB
134 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&k=6LcSWwATAAAAAEWee0YDAUeqNIuSMcM2hb7GvZmJ&cb=ktr2fsswf2g5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 00:36:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136719
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Tue, 27 Sep 2022 00:36:52 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.shopify.com
d2lnr5mha7bycj.cloudfront.net
fonts.gstatic.com
peenperiod3.doodlekit.com
texascbdemporium.com
www.directcbdonline.com
www.google.com
www.gstatic.com
141.193.213.20
2600:9000:21f3:5c00:3:9438:68c0:21
2a00:1450:4001:800::2004
2a00:1450:4001:829::2003
2a04:4e42:600::268
54.145.62.21
67.228.237.98
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c9eab627784ec862dd97635d015b259fa3fdc1f58d7fd198ae0a449e6790848
392ed442867566d8cbd08f7e0d9a379c49177a9c96186ad0d1eba1a316721267
3a7b18fd95b7cc165648a366423939d0a0ba39c81d6e1777b59c232deba7c767
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f7dd8c560443f6e88937f30cc331f7503aa1873d1cf4670152e07d23a743b3e
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
57b344406a2cd04677a776e4c9f5c2ffcd1aba768481b93e44c91b4c75bb9787
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
661f6863b99f07a2245fae6a12e33977580efc0983b64da53bc36a1747a7566e
b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0
be83e3289ced1a0b3eac097736d5fb95b4955f02f33cf454384d7cf8df5bb416
cd290306359f3eac403b6e0089f3be291c422bcac82c66fb0c89a632d70c4596
f2a1d0aa9fbfe5ab27e9bf5e5fe68c284f7e70a6d193858ff836f2184521cb86

peenperiod3.doodlekit.com Open in urlscan Pro 54.145.62.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

57 %IPv6

7 Domains

8 Subdomains

8 IPs

2 Countries

1669 kBTransfer

2337 kBSize

0 Cookies

1 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

0 Cookies

Indicators

peenperiod3.doodlekit.com Open in urlscan Pro
54.145.62.21 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

1669 kB
Transfer

2337 kB
Size

0
Cookies

16 HTTP transactions
2 data transactions