6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app Open in urlscan Pro
2604:1380:4601:6205:5000:64ff:fe6d:c8c2  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response 6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app/	4 KB 2 KB	480ms 410ms	Document text/html	2604:1380:4601:6205:5000:64ff:fe6d:c8c2 PACKET
General Check archive.org Show headers Download Go to Full URL https://6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2604:1380:4601:6205:5000:64ff:fe6d:c8c2 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software nginx/1.21.3 / Resource Hash becb7fce7f2d60f37367f21be35a2c9a402f4b7e265ac2aa3f1cd556e388eb45 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Cookie access-control-allow-methods GET, POST, HEAD, OPTIONS access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range content-encoding gzip content-length 1893 content-type text/html date Sun, 21 Aug 2022 17:15:42 GMT server nginx/1.21.3 x-cache-status MISS
GET H2	200	plausible.js Show response plausible.io/js/	1 KB 1 KB	113ms 32ms	Script application/javascript	185.180.12.68 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://plausible.io/js/plausible.js Requested by Host: 6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app URL: https://6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-731.bunnyinfra.net Software BunnyCDN-AT-731 / Resource Hash ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 21 Aug 2022 17:15:42 GMT content-encoding br x-content-type-options nosniff cdn-edgestorageid 731 access-control-allow-origin * cdn-cachedat 08/21/2022 16:41:39 cdn-pullzone 682664 cross-origin-resource-policy cross-origin application 10.0.0.5 server BunnyCDN-AT-731 cdn-proxyver 1.02 cdn-requestpullcode 200 vary Accept-Encoding, Accept-Encoding content-type application/javascript cdn-cache HIT cdn-uid 153cb5b1-399a-48ef-b5bf-098c03770254 cache-control public, max-age=3600 permissions-policy interest-cohort=() cdn-requestid a8b9cd31b66a7b93bd13578b101528d9 cdn-requestcountrycode NL cdn-status 200 cdn-requestpullsuccess True
GET H2	200	4cr8qjzm.js Show response widget.prefinery.com/widget/v2/	21 KB 7 KB	351ms 121ms	Script text/javascript	34.198.153.221 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://widget.prefinery.com/widget/v2/4cr8qjzm.js Requested by Host: 6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app URL: https://6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.198.153.221 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-198-153-221.compute-1.amazonaws.com Software nginx / Resource Hash 7dd84955601966e2c56bc5e74a48ce93328778dda40540a310ca6d83021d2352 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 21 Aug 2022 17:15:43 GMT content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies none age 0 p3p policyref="/w3c/p3p.xml", CP="ALL DSP COR NID OUR" referrer-policy strict-origin-when-cross-origin, strict-origin-when-cross-origin vary Origin x-xss-protection 1; mode=block x-request-id 15cf0637-ec25-4e2e-ae78-5e8b143e990e x-runtime 0.639540 x-content-digest bd9e7782ada5e386de3e362283d31e4f72b69e40 last-modified Thu, 23 Sep 2021 21:55:53 GMT server nginx x-frame-options SAMEORIGIN etag W/"4ea61b5278bf015b0d9647e389194d62" x-download-options noopen strict-transport-security max-age=31536000; includeSubDomains; content-type text/javascript; charset=utf-8 cache-control max-age=600, public x-robots-tag noindex, nofollow x-rack-cache stale, valid, store
GET H2	200	main.95f28563.chunk.css 6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app/static/css/	347 B 567 B	304ms 303ms	Stylesheet text/css	2604:1380:4601:6205:5000:64ff:fe6d:c8c2 PACKET
General Check archive.org Show headers Download Go to Full URL https://6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app/static/css/main.95f28563.chunk.css Requested by Host: 6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app URL: https://6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2604:1380:4601:6205:5000:64ff:fe6d:c8c2 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software nginx/1.21.3 / Resource Hash b3d96386e3c5a45dd15d9f09706fd5044bdfd6146dbd63ebc6032dd2bfba3eaf Request headers accept-language nl-NL,nl;q=0.9 Referer https://6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 21 Aug 2022 17:15:43 GMT content-encoding gzip server nginx/1.21.3 x-cache-status MISS access-control-allow-methods GET, POST, HEAD, OPTIONS content-type text/css access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range access-control-allow-credentials true access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Cookie content-length 237
GET H2	200	15.aec1aa46.chunk.js Show response 6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app/static/js/	3 MB 838 KB	203ms 203ms	Script application/javascript	2604:1380:4601:6205:5000:64ff:fe6d:c8c2 PACKET
General Check archive.org Show headers Download Go to Full URL https://6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app/static/js/15.aec1aa46.chunk.js Requested by Host: 6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app URL: https://6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2604:1380:4601:6205:5000:64ff:fe6d:c8c2 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software nginx/1.21.3 / Resource Hash c642e28b92c1885f8ad7abdfff8ff14fa232ca8c8a5eb20089d1c8df84df4c90 Request headers accept-language nl-NL,nl;q=0.9 Referer https://6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 21 Aug 2022 17:15:43 GMT content-encoding gzip server nginx/1.21.3 x-cache-status MISS access-control-allow-methods GET, POST, HEAD, OPTIONS content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range access-control-allow-credentials true access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Cookie content-length 856668
GET H2	200	main.c31a8e92.chunk.js Show response 6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app/static/js/	1 MB 374 KB	226ms 226ms	Script application/javascript	2604:1380:4601:6205:5000:64ff:fe6d:c8c2 PACKET
General Check archive.org Show headers Download Go to Full URL https://6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app/static/js/main.c31a8e92.chunk.js Requested by Host: 6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app URL: https://6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2604:1380:4601:6205:5000:64ff:fe6d:c8c2 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software nginx/1.21.3 / Resource Hash 7fcd1447cf31d84d232bdc0a8cb31798fb873b6b740da1754d8b944c2894bacf Request headers accept-language nl-NL,nl;q=0.9 Referer https://6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 21 Aug 2022 17:15:43 GMT content-encoding gzip server nginx/1.21.3 x-cache-status MISS access-control-allow-methods GET, POST, HEAD, OPTIONS content-type application/javascript access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range access-control-allow-credentials true access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Cookie content-length 382202
GET H2	200	logo.b30f4473.svg 6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app/static/media/	35 KB 36 KB	654ms 653ms	Image image/svg+xml	2604:1380:4601:6205:5000:64ff:fe6d:c8c2 PACKET
General Check archive.org Show headers Download Go to Show image Full URL https://6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app/static/media/logo.b30f4473.svg Requested by Host: 6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app URL: https://6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2604:1380:4601:6205:5000:64ff:fe6d:c8c2 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software nginx/1.21.3 / Resource Hash 2a6a1769d8a215e65cf131a0672d48952f4e2bf3e3a8ef7dbfa20128270b0de1 Request headers accept-language nl-NL,nl;q=0.9 Referer https://6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 21 Aug 2022 17:15:44 GMT server nginx/1.21.3 x-cache-status MISS access-control-allow-methods GET, POST, HEAD, OPTIONS content-type image/svg+xml access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range access-control-allow-credentials true access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Cookie content-length 36149
GET H2	200	/ Show response silent-voice-1996.on.fleek.co/ Frame 6448	3 KB 2 KB	782ms 717ms	Document text/html	2606:4700::6812:791 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://silent-voice-1996.on.fleek.co/ Requested by Host: 6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app URL: https://6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:791 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f44a8c8dbab001de75029c2def8c3a1431d492206872684af34c00339e797e3a Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-headers Content-Type, Range, User-Agent, X-Requested-With access-control-allow-methods GET,HEAD,OPTIONS access-control-allow-origin * access-control-expose-headers Content-Range, X-Chunked-Output, X-Stream-Output access-control-max-age 86400 cache-control max-age=10, stale-while-revalidate=600 cf-cache-status MISS cf-ray 73e5032d1a0a9a30-FRA content-encoding gzip content-security-policy upgrade-insecure-requests content-type text/html date Sun, 21 Aug 2022 17:15:44 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires Sun, 21 Aug 2022 21:15:44 GMT last-modified Sun, 21 Aug 2022 17:15:44 GMT referrer-policy strict-origin-when-cross-origin server cloudflare strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding x-cache-status MISS x-content-type-options nosniff x-ipfs-path /ipfs/bafybeidqtbxvuagzgl4kqm3dkbrcrhmwadsxnicgghgeotoxeiwqqwzg5e/ x-request-id 02300c02f061020770b06ef75c734a18 x-xss-protection 0
POST H2	202	event Show response plausible.io/api/	2 B 487 B	116ms 51ms	XHR text/plain	185.180.12.68 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://plausible.io/api/event Requested by Host: plausible.io URL: https://plausible.io/js/plausible.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-731.bunnyinfra.net Software BunnyCDN-AT-731 / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers date Sun, 21 Aug 2022 17:15:43 GMT cdn-edgestorageid 731 server BunnyCDN-AT-731 cdn-cachedat 08/21/2022 17:15:43 cdn-pullzone 682664 application 10.0.1.2 content-length 2 x-request-id Fw1rmUNzUZTxTEM6PwsG cdn-proxyver 1.02 cdn-requestpullcode 202 content-type text/plain; charset=utf-8 access-control-allow-origin * cdn-uid 153cb5b1-399a-48ef-b5bf-098c03770254 cache-control must-revalidate, max-age=0, private access-control-allow-credentials true permissions-policy interest-cohort=() cdn-requestid ca5aad713cc3756862f4efbe55a00b97 cdn-requestcountrycode NL cdn-status 202 cdn-requestpullsuccess True
POST H2	202	event Show response plausible.io/api/	2 B 486 B	117ms 52ms	XHR text/plain	185.180.12.68 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://plausible.io/api/event Requested by Host: plausible.io URL: https://plausible.io/js/plausible.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-731.bunnyinfra.net Software BunnyCDN-AT-731 / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers date Sun, 21 Aug 2022 17:15:43 GMT cdn-edgestorageid 731 server BunnyCDN-AT-731 cdn-cachedat 08/21/2022 17:15:43 cdn-pullzone 682664 application 10.0.1.2 content-length 2 x-request-id Fw1rmUN95dL4xVAoBYKB cdn-proxyver 1.02 cdn-requestpullcode 202 content-type text/plain; charset=utf-8 access-control-allow-origin * cdn-uid 153cb5b1-399a-48ef-b5bf-098c03770254 cache-control must-revalidate, max-age=0, private access-control-allow-credentials true permissions-policy interest-cohort=() cdn-requestid c59110704c9e55d47aebf2a2590eb82b cdn-requestcountrycode NL cdn-status 202 cdn-requestpullsuccess True
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.9.1/	90 KB 33 KB	81ms 31ms	Script text/javascript	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js Requested by Host: widget.prefinery.com URL: https://widget.prefinery.com/widget/v2/4cr8qjzm.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 15 Aug 2022 14:12:48 GMT content-encoding gzip x-content-type-options nosniff age 529375 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33018 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 15 Aug 2023 14:12:48 GMT
GET H2	200	plausible.js Show response plausible.io/js/ Frame 6448	1 KB 1 KB	33ms 32ms	Script application/javascript	185.180.12.68 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://plausible.io/js/plausible.js Requested by Host: silent-voice-1996.on.fleek.co URL: https://silent-voice-1996.on.fleek.co/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-731.bunnyinfra.net Software BunnyCDN-AT-731 / Resource Hash ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://silent-voice-1996.on.fleek.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 21 Aug 2022 17:15:44 GMT content-encoding br x-content-type-options nosniff cdn-edgestorageid 731 access-control-allow-origin * cdn-cachedat 08/21/2022 16:41:39 cdn-pullzone 682664 cross-origin-resource-policy cross-origin application 10.0.0.5 server BunnyCDN-AT-731 cdn-proxyver 1.02 cdn-requestpullcode 200 vary Accept-Encoding, Accept-Encoding content-type application/javascript cdn-cache HIT cdn-uid 153cb5b1-399a-48ef-b5bf-098c03770254 cache-control public, max-age=3600 permissions-policy interest-cohort=() cdn-requestid 06d21a3080f6838afd12d1ec2c6b0702 cdn-requestcountrycode NL cdn-status 200 cdn-requestpullsuccess True
GET H2	200	2.d967d419.chunk.js Show response silent-voice-1996.on.fleek.co/static/js/ Frame 6448	2 MB 500 KB	993ms 992ms	Script text/javascript	2606:4700::6812:791 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://silent-voice-1996.on.fleek.co/static/js/2.d967d419.chunk.js Requested by Host: silent-voice-1996.on.fleek.co URL: https://silent-voice-1996.on.fleek.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:791 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aedf49a8789e8602aa7fec3fcf2d27e5e0d14919c2f27210a4c91445b69e361b Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://silent-voice-1996.on.fleek.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 21 Aug 2022 17:15:45 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS x-cache-status MISS strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding x-xss-protection 0 x-request-id 1aabd2ad189e70364879a9c8292d145f referrer-policy strict-origin-when-cross-origin last-modified Thu, 01 Jan 1970 00:00:01 GMT server cloudflare etag W/"Qmbx4vFZNT4gvCsmnNs12PUAm98NXTc9apRBUkmu5no1SZ" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 86400 access-control-allow-methods GET,HEAD,OPTIONS content-type text/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers Content-Range, X-Chunked-Output, X-Stream-Output cache-control max-age=10, stale-while-revalidate=600 x-ipfs-path /ipfs/bafybeidqtbxvuagzgl4kqm3dkbrcrhmwadsxnicgghgeotoxeiwqqwzg5e/static/js/2.d967d419.chunk.js content-security-policy upgrade-insecure-requests cf-ray 73e50331d8e49a30-FRA access-control-allow-headers Content-Type, Range, User-Agent, X-Requested-With expires Sun, 21 Aug 2022 21:15:45 GMT
GET H2	200	main.46c0d7b0.chunk.js Show response silent-voice-1996.on.fleek.co/static/js/ Frame 6448	9 KB 4 KB	559ms 559ms	Script text/javascript	2606:4700::6812:791 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://silent-voice-1996.on.fleek.co/static/js/main.46c0d7b0.chunk.js Requested by Host: silent-voice-1996.on.fleek.co URL: https://silent-voice-1996.on.fleek.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:791 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6f79934c5294760f134967b1303579297c968645a9b788b9f8f7ac2149cc27ab Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://silent-voice-1996.on.fleek.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 21 Aug 2022 17:15:44 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS x-cache-status MISS strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding x-xss-protection 0 x-request-id 58bea1d3f2c4acbbc8ff954e2a74387c referrer-policy strict-origin-when-cross-origin last-modified Thu, 01 Jan 1970 00:00:01 GMT server cloudflare etag W/"QmaPhFh4vVusdS689zTAUwfVQzBTqAfk8MrVfn7TMBTsnA" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 86400 access-control-allow-methods GET,HEAD,OPTIONS content-type text/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers Content-Range, X-Chunked-Output, X-Stream-Output cache-control max-age=10, stale-while-revalidate=600 x-ipfs-path /ipfs/bafybeidqtbxvuagzgl4kqm3dkbrcrhmwadsxnicgghgeotoxeiwqqwzg5e/static/js/main.46c0d7b0.chunk.js content-security-policy upgrade-insecure-requests cf-ray 73e50331d8e59a30-FRA access-control-allow-headers Content-Type, Range, User-Agent, X-Requested-With expires Sun, 21 Aug 2022 21:15:44 GMT
GET H2	200	serve Show response dragon-a-z84gy.ondigitalocean.app/campaigns/ Frame 6448	423 B 930 B	469ms 413ms	XHR application/json	2606:4700::6810:f34e
General Check archive.org Show headers Download Go to Full URL https://dragon-a-z84gy.ondigitalocean.app/campaigns/serve?web3=0 Requested by Host: silent-voice-1996.on.fleek.co URL: https://silent-voice-1996.on.fleek.co/static/js/2.d967d419.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f34e -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 970ac51ea4dbf1f162bff90dd76f7ab3123e6ca4fd30274ee1eabfa5383153b9 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://silent-voice-1996.on.fleek.co/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 21 Aug 2022 17:15:47 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS x-permitted-cross-domain-policies none x-do-orig-status 200 access-control-allow-methods GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD vary Origin, Accept-Encoding x-xss-protection 1; mode=block x-request-id 04df94ca-126b-45b0-b1ff-9c60d0826ec3 x-runtime 0.130077 referrer-policy strict-origin-when-cross-origin server cloudflare x-frame-options SAMEORIGIN etag W/"970ac51ea4dbf1f162bff90dd76f7ab3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 7200 x-download-options noopen content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate cf-ray 73e50341da9a9168-FRA
POST H2	202	event Show response plausible.io/api/ Frame 6448	2 B 485 B	95ms 95ms	XHR text/plain	185.180.12.68 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://plausible.io/api/event Requested by Host: plausible.io URL: https://plausible.io/js/plausible.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-731.bunnyinfra.net Software BunnyCDN-AT-731 / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://silent-voice-1996.on.fleek.co/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers date Sun, 21 Aug 2022 17:15:46 GMT cdn-edgestorageid 731 server BunnyCDN-AT-731 cdn-cachedat 08/21/2022 17:15:46 cdn-pullzone 682664 application 10.0.1.2 content-length 2 x-request-id Fw1rmgTr_cjCjU2XqReE cdn-proxyver 1.02 cdn-requestpullcode 202 content-type text/plain; charset=utf-8 access-control-allow-origin * cdn-uid 153cb5b1-399a-48ef-b5bf-098c03770254 cache-control must-revalidate, max-age=0, private access-control-allow-credentials true permissions-policy interest-cohort=() cdn-requestid 7680accdc2ecbedeebad39b5567ff179 cdn-requestcountrycode NL cdn-status 202 cdn-requestpullsuccess True
POST H2	202	event Show response plausible.io/api/ Frame 6448	2 B 485 B	94ms 94ms	XHR text/plain	185.180.12.68 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://plausible.io/api/event Requested by Host: plausible.io URL: https://plausible.io/js/plausible.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB), Reverse DNS edge-731.bunnyinfra.net Software BunnyCDN-AT-731 / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://silent-voice-1996.on.fleek.co/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers date Sun, 21 Aug 2022 17:15:46 GMT cdn-edgestorageid 731 server BunnyCDN-AT-731 cdn-cachedat 08/21/2022 17:15:46 cdn-pullzone 682664 application 10.0.1.2 content-length 2 x-request-id Fw1rmgTu3GatjiVl2gqF cdn-proxyver 1.02 cdn-requestpullcode 202 content-type text/plain; charset=utf-8 access-control-allow-origin * cdn-uid 153cb5b1-399a-48ef-b5bf-098c03770254 cache-control must-revalidate, max-age=0, private access-control-allow-credentials true permissions-policy interest-cohort=() cdn-requestid 51642a989e6d2c86d8c3f607912ce738 cdn-requestcountrycode NL cdn-status 202 cdn-requestpullsuccess True
POST		/ bsc-dataseed.binance.org/ Frame 6448	0 0
OPTIONS H2	204	/ bsc-dataseed.binance.org/ Frame	0 0	128ms 35ms	Preflight	76.223.50.140
General Check archive.org Show headers Download Go to Full URL https://bsc-dataseed.binance.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.50.140 -, , ASN (), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://silent-voice-1996.on.fleek.co Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers * access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin * access-control-max-age 600 date Sun, 21 Aug 2022 17:15:47 GMT referrer-policy origin-when-cross-origin strict-transport-security max-age=31536000; includeSubdomains x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET		QmdGQCGdS39fDhMW4QSgTeWEqG9tJs14brJj9e4xhcfoFr starchain.mypinata.cloud/ipfs/ Frame 6448	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

bsc-dataseed.binance.org

URL

https://bsc-dataseed.binance.org/

Domain

starchain.mypinata.cloud

URL

https://starchain.mypinata.cloud/ipfs/QmdGQCGdS39fDhMW4QSgTeWEqG9tJs14brJj9e4xhcfoFr

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| plausible object| webpackJsonpenvironment object| regeneratorRuntime function| setImmediate function| clearImmediate object| _pfy undefined| $ undefined| jQuery object| jQuery19102859420591042179 undefined| referrer_code function| prefinery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6w2rf-jyaaa-aaaad-qa4ia-cai.raw.ic0.app
ajax.googleapis.com
bsc-dataseed.binance.org
dragon-a-z84gy.ondigitalocean.app
plausible.io
silent-voice-1996.on.fleek.co
starchain.mypinata.cloud
widget.prefinery.com
bsc-dataseed.binance.org
starchain.mypinata.cloud
185.180.12.68
2604:1380:4601:6205:5000:64ff:fe6d:c8c2
2606:4700::6810:f34e
2606:4700::6812:791
2a00:1450:4001:830::200a
34.198.153.221
76.223.50.140
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a6a1769d8a215e65cf131a0672d48952f4e2bf3e3a8ef7dbfa20128270b0de1
6f79934c5294760f134967b1303579297c968645a9b788b9f8f7ac2149cc27ab
7dd84955601966e2c56bc5e74a48ce93328778dda40540a310ca6d83021d2352
7fcd1447cf31d84d232bdc0a8cb31798fb873b6b740da1754d8b944c2894bacf
970ac51ea4dbf1f162bff90dd76f7ab3123e6ca4fd30274ee1eabfa5383153b9
ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c
aedf49a8789e8602aa7fec3fcf2d27e5e0d14919c2f27210a4c91445b69e361b
b3d96386e3c5a45dd15d9f09706fd5044bdfd6146dbd63ebc6032dd2bfba3eaf
becb7fce7f2d60f37367f21be35a2c9a402f4b7e265ac2aa3f1cd556e388eb45
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c642e28b92c1885f8ad7abdfff8ff14fa232ca8c8a5eb20089d1c8df84df4c90
f44a8c8dbab001de75029c2def8c3a1431d492206872684af34c00339e797e3a