urlscan.io logo urlscan.io
SecurityTrails logo

dw.dwmv.biz Open in urlscan Pro
2606:4700:3036::ac43:9c84  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bank-guiden.biz/
Effective URL: https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h3...
Submission: On December 21 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 21 HTTP transactions. The main IP is 2606:4700:3036::ac43:9c84, located in United States and belongs to CLOUDFLARENET, US. The main domain is dw.dwmv.biz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 1st 2020. Valid for: a year.
This is the only time dw.dwmv.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
7 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 6 2a02:6b8::1:119 13238 (YANDEX)
2 2a00:1450:400... 15169 (GOOGLE)
21 7
1    2606:4700:3035::681b:b395 (United States)

ASN13335 (CLOUDFLARENET, US)
bank-guiden.biz
7    2606:4700:3036::ac43:9c84 (United States)

ASN13335 (CLOUDFLARENET, US)
dw.dwmv.biz
2    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
4    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
6    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Domain Requested by
7 dw.dwmv.biz dw.dwmv.biz
6 mc.yandex.ru 1 redirects dw.dwmv.biz
mc.yandex.ru
4 translate.googleapis.com translate.google.com
translate.googleapis.com
srcdoc
2 www.gstatic.com dw.dwmv.biz
translate.googleapis.com
2 cdnjs.cloudflare.com dw.dwmv.biz
1 translate.google.com dw.dwmv.biz
1 bank-guiden.biz 1 redirects
21 7

This site contains links to these domains. Also see Links.

Domain
dwmv.biz
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-01 -
2021-08-01		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2020-09-29 -
2021-03-11		 5 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
Frame ID: E1CD67940E0C1072FD60AF3D331C0523
Requests: 29 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: ED0D9E21358D7CC63A91ED08B2FCBD45
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://bank-guiden.biz/ HTTP 302
    https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

21
Requests

100 %
HTTPS

100 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

305 kB
Transfer

955 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bank-guiden.biz/ HTTP 302
    https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://mc.yandex.ru/watch/54999154?wmode=7&page-url=https%3A%2F%2Fdw.dwmv.biz%2Fbk%2F4_1%2F%3Ffn%3DPetals%2Bof%2BVision%2B-%2BChristopher%2BVilliers%26_subid%3D7q76h35fe03ba5865a1%26_token%3Duuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199&charset=utf-8&browser-info=ti%3A10%3Ans%3A1608530852104%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201221070734%3Aet%3A1608530855%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1170268091565%3Arqn%3A1%3Arn%3A273608983%3Ahid%3A1005632161%3Ads%3A11%2C17%2C232%2C211%2C1530%2C0%2C0%2C575%2C0%2C%2C%2C%2C2368%3Afp%3A2389%3Awn%3A915%3Ahl%3A2%3Agdpr%3A14%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1608530855%3Au%3A1608530855458329371%3At%3AFind%20Petals%20of%20Vision%20-%20Christopher%20Villiers%20%7C%20Yahoo%20Answers HTTP 302
  • https://mc.yandex.ru/watch/54999154/1?wmode=7&page-url=https%3A%2F%2Fdw.dwmv.biz%2Fbk%2F4_1%2F%3Ffn%3DPetals%2Bof%2BVision%2B-%2BChristopher%2BVilliers%26_subid%3D7q76h35fe03ba5865a1%26_token%3Duuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199&charset=utf-8&browser-info=ti%3A10%3Ans%3A1608530852104%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201221070734%3Aet%3A1608530855%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1170268091565%3Arqn%3A1%3Arn%3A273608983%3Ahid%3A1005632161%3Ads%3A11%2C17%2C232%2C211%2C1530%2C0%2C0%2C575%2C0%2C%2C%2C%2C2368%3Afp%3A2389%3Awn%3A915%3Ahl%3A2%3Agdpr%3A14%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1608530855%3Au%3A1608530855458329371%3At%3AFind%20Petals%20of%20Vision%20-%20Christopher%20Villiers%20%7C%20Yahoo%20Answers

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dw.dwmv.biz/bk/4_1/
Redirect Chain
  • http://bank-guiden.biz/
  • https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
90 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9c84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.31
Resource Hash
ce3f2d93e728f6defc79a3135cafb3d6ac8580d04b3e1de508d84cdfd91bbc69

Request headers

:method
GET
:authority
dw.dwmv.biz
:scheme
https
:path
/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 06:07:33 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=da0961f29536899467d41b581a5b97aff1608530853; expires=Wed, 20-Jan-21 06:07:33 GMT; path=/; domain=.dwmv.biz; HttpOnly; SameSite=Lax
x-powered-by
PHP/7.2.31
cf-cache-status
DYNAMIC
cf-request-id
072582172000001f419a1c0000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HTw0nFWbYl9Evi6A%2BSYJWLQdHoi%2BcnbEEPp6FK2E3OHL81x8%2FG2I8VQPw1befABpaj%2FA4f9CY8UUzMSebKUSMtYu1FN5I8k90K4k%2FZ0unSWTbottjWyKZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
604f6c6b6f2f1f41-FRA
content-encoding
gzip

Redirect headers

Date
Mon, 21 Dec 2020 06:07:33 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dbfc7402308c460d6eaae68e32b3a81971608530852; expires=Wed, 20-Jan-21 06:07:32 GMT; path=/; domain=.bank-guiden.biz; HttpOnly; SameSite=Lax PHPSESSID=1vgqnb90q7d93959via42mob0q; path=/
X-Powered-By
PHP/7.2.31
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
CF-Cache-Status
DYNAMIC
set-cookie
_subid=7q76h35fe03ba5865a1; expires=Tue, 22-Dec-2020 06:07:33 GMT; Max-Age=86400; path=/; domain=.bank-guiden.biz _token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199; expires=Tue, 22-Dec-2020 06:07:33 GMT; Max-Age=86400; path=/; domain=.bank-guiden.biz
cf-request-id
072582111b00002b652d015000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NO6reEc1lgcfcntUPBvGTSObDlFBo8YpsOYigtmrkh%2Bl0kX65vxHMAESaf1eblxNvlQdWPGoyVs8bHkUv7atHCfLGTzf3ZIOHQ1oJGns2aeb1Z5H9HE2AwCalfI%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
604f6c61ccbd2b65-FRA
style.css
dw.dwmv.biz/bk/4_1/css/ 		24 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dw.dwmv.biz/bk/4_1/css/style.css
Requested by
Host: dw.dwmv.biz
URL: https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9c84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfc9fa5768d2a68da4bb0dda7de4b97490d830cae469ce6679a2935e0713be7c

Request headers

Referer
https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 06:07:34 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 26 Sep 2019 09:54:57 GMT
server
cloudflare
etag
W/"5d8c8af1-6008"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EhoGQkFc5Uu2kzqSaX1VylSUuyNhjQsCk0ve%2BBIbd0S0j4X2jytFWsFtr9Rq0slj1VPGtLtrrab20e%2BOt%2FOI4VR9AHMWFf4CW20%2BEmFMlOvjKXExac79UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
604f6c6ce90d1f41-FRA
cf-request-id
072582180f00001f419930e000000001
normalize.css
dw.dwmv.biz/bk/4_1/css/ 		51 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dw.dwmv.biz/bk/4_1/css/normalize.css
Requested by
Host: dw.dwmv.biz
URL: https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9c84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
306e3ebf53e9b1281405965a9b00d20cacbc050cdc58a6a119b8c0c2182c51d2

Request headers

Referer
https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 06:07:34 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 26 Sep 2019 10:44:28 GMT
server
cloudflare
etag
W/"5d8c968c-cbf9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=S5cl8ZdIb8epsGf7iMyP39q0Ybaz1f2LnjVpDYYLjvhIF6DhWHejxNlwuWnAf4n9MMkj12UyP0LZKXZHb0ZiJBODcphtzB%2BYmDoqSE3K91L3sC%2BpCJZi3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
604f6c6ce90e1f41-FRA
cf-request-id
072582180f00001f41c49ed000000001
lng.css
dw.dwmv.biz/bk/4_1/css/ 		683 B
727 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dw.dwmv.biz/bk/4_1/css/lng.css
Requested by
Host: dw.dwmv.biz
URL: https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9c84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6a7977ea981fd6b362f15a440df1ba8d860aaed4d9a0eeba692a866416c6a55

Request headers

Referer
https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 06:07:34 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 09 Dec 2019 12:38:31 GMT
server
cloudflare
etag
W/"5dee4047-2ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VbzNOVgk6YLZiFzytZMPyXxtbPJYNg5aKMOnpb65f9aASC6v99Zigabz6CTnRRHxKs%2FCzu4nS4UhOnx%2BOuIknD62n9el2zKcGPp82%2FJr5BNviyDeK3fXmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
604f6c6ce9101f41-FRA
cf-request-id
072582180f00001f41db3ce000000001
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 		85 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: dw.dwmv.biz
URL: https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 06:07:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
274073
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
27433
cf-request-id
072582181c00002b59e0084000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oD3OTJ3GAFGrVrH25R3%2FG2LYHYrrBIOw9omTFV1SsGfIo18zz5zGR6wD4ejQTdY6VtsjnCNHwBzk9oDLnO3ChcnGLMQZpRSXSGIXQChOf4xOHp7p48WtwiL%2Fjpot8rWlVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
604f6c6cffae2b59-FRA
expires
Sat, 11 Dec 2021 06:07:33 GMT
jquery.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 		1 KB
933 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
Requested by
Host: dw.dwmv.biz
URL: https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 06:07:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
270610
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
591
cf-request-id
072582181c00002b5980376000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec1-514"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zAAQt1DbiBJtL9I9cC%2Fwc0B41GNzmkGcHUdRTVRnAQEPjXp9PUuKZFYL5fZpMvWyEC3suAsfAUUabes44RQOJ2H0BEioymKnpRFjWezZcQID6GjYG1zP5PI7ZtOS6aM8Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
604f6c6cffb02b59-FRA
expires
Sat, 11 Dec 2021 06:07:33 GMT
google-translate.js
dw.dwmv.biz/bk/4_1/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dw.dwmv.biz/bk/4_1/js/google-translate.js
Requested by
Host: dw.dwmv.biz
URL: https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9c84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f266a1e3b66298420b2bc52dd957c63f34737039baee57c72fe352e9422b5628

Request headers

Referer
https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 06:07:34 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 09 Dec 2019 11:41:58 GMT
server
cloudflare
etag
W/"5dee3306-a89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZfmPIjs1yFqf%2BGyKGZ7PSAAhEyeAToblFMxgUzkTLL1dACfF8nSkMlXffivsOhvzWY4Pnij6hi%2FeUAYnyzL9Wv6RhBuG8nj7RTRI%2FwGWaKVBSBHipm6S7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
604f6c6ce9111f41-FRA
cf-request-id
072582181000001f41b1a31000000001
element.js
translate.google.com/translate_a/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=TranslateInit
Requested by
Host: dw.dwmv.biz
URL: https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
180becd4f49ab5f3e27d458f8178a5131cb35c4e55483d7014df8f8009815a20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Dec 2020 06:07:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
HTTP server (unknown)
content-language
en
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1878
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Download-Button.png
dw.dwmv.biz/bk/4_1/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dw.dwmv.biz/bk/4_1/images/Download-Button.png
Requested by
Host: dw.dwmv.biz
URL: https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9c84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7071b93437ad30460b8b6519c99226881ba3c07ae9b5d3351cc5e56f62ad3694

Request headers

Referer
https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 06:07:34 GMT
cf-cache-status
MISS
last-modified
Mon, 14 Dec 2020 09:04:17 GMT
server
cloudflare
etag
"5fd72a91-3c44"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=555QChhrCWOlUaTzNmay3ZE5xEvY%2F%2B0Bk9WbK1SVQfqv%2BbcVd3lTVZ9bDgMtHKFiZE4iuP5RZ64jZbGlYSPQL4xC1IawjVbs5zFIL%2FntHG9DT0D%2F625rnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
604f6c6efbaf1f41-FRA
content-length
15428
cf-request-id
072582195d00001f4187902000000001
translateelement.css
translate.googleapis.com/translate_static/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=TranslateInit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 05:55:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
743
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3619
x-xss-protection
0
last-modified
Wed, 12 Feb 2020 21:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 21 Dec 2020 06:55:11 GMT
main.js
translate.googleapis.com/translate_static/js/element/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/js/element/main.js
Requested by
Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=TranslateInit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d42383b5324502731c01f9f7a3e006a19287abd6035519e3da33f9861fef1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 05:13:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3225
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2029
x-xss-protection
0
last-modified
Thu, 03 Dec 2020 22:45:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 21 Dec 2020 06:13:49 GMT
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ff5b9e9f511c5a85a686e90d86e806c8c338d602c25ed5828fe89cb537e3c59

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b2e72d5dc930cd912c5ec677bbcc12a7486ce3566d9d7da78087dbe9a4f8fbe

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1311c37699a3fcd66650a055869de2d5371e8c03ecf32f95f07c78f00d5085c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
954c7d8c5ec160bc387bd3834c91e0e188a1e82ece693013ce7b244bb449994f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpeg
processing.gif
dw.dwmv.biz/bk/4_1/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dw.dwmv.biz/bk/4_1/images/processing.gif
Requested by
Host: dw.dwmv.biz
URL: https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9c84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3518213f72e691ac42e6fd374ba49d7504f9c4b8fc48b5b4c8fcf7e414efcb2

Request headers

Referer
https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 06:07:34 GMT
cf-cache-status
MISS
last-modified
Mon, 09 Dec 2019 16:49:03 GMT
server
cloudflare
etag
"5dee7aff-c89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y2X0G9uldPGRtTmMQsNa4dmAxKcOTOaEeoFDt%2B0jdKqvp8k62gBfPqQEBvyi%2FvKQWMDnfLZnFHRv3jG0TLCL%2BE4C3G5OGld02UsVo7cwTEHMX7Tj9eAkyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
604f6c6fcc981f41-FRA
content-length
3209
cf-request-id
07258219d800001f4165a59000000001
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73d2a66966105a0f0a90572d87eef375e0079b2cc4a30df4e555ca37e8b86d9e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b27aab8322a08b5ca95d78ae11f23d73f69c0ef7c68d3412bb0e4eaaf61a60ff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
739ba8f8c1a9a29c6a2797df4a07d7312df4675c778ee7523b1e02fb132a425d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2570fc8fbb62dff46ffc5ea787a3ebd1bcf333d8e84b4eefe1acd5f9e75656c5

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ae6f75806361f0aeefbac0debdfc60269bd60834fdcd2ff6655c6071740796e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
tag.js
mc.yandex.ru/metrika/ 		369 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: dw.dwmv.biz
URL: https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
92a8c052c24889d39ddee3617dad8f31b6f036451afefdad1334b0fcd4694794
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 06:07:34 GMT
content-encoding
br
last-modified
Fri, 18 Dec 2020 12:31:14 GMT
etag
"5fd23012-17727"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
96039
expires
Mon, 21 Dec 2020 07:07:34 GMT
element_main.js
translate.googleapis.com/element/TE_20201130_00/e/js/element/ 		243 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/element/TE_20201130_00/e/js/element/element_main.js
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86207a548361e9fcdc830f7cca9540c7c93ff4132dde2a72fb38d23151bd46a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 14:55:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54722
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88693
x-xss-protection
0
last-modified
Mon, 30 Nov 2020 10:52:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Dec 2021 14:55:32 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 		825 B
914 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Requested by
Host: dw.dwmv.biz
URL: https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 20:55:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
33146
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
825
x-xss-protection
0
expires
Mon, 20 Dec 2021 20:55:08 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://translate.googleapis.com/translate_static/css/translateelement.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 20 Dec 2020 09:04:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
75798
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1847
x-xss-protection
0
expires
Mon, 20 Dec 2021 09:04:16 GMT
l
translate.googleapis.com/translate_a/ Frame ED0D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nh6gZdDWXyAh+RIJ2wLgbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'report-sample' 'nonce-nh6gZdDWXyAh+RIJ2wLgbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
date
Mon, 21 Dec 2020 06:07:34 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.ru/watch/54999154/
Redirect Chain
  • https://mc.yandex.ru/watch/54999154?wmode=7&page-url=https%3A%2F%2Fdw.dwmv.biz%2Fbk%2F4_1%2F%3Ffn%3DPetals%2Bof%2BVision%2B-%2BChristopher%2BVilliers%26_subid%3D7q76h35fe03ba5865a1%26_token%3Duuid_...
  • https://mc.yandex.ru/watch/54999154/1?wmode=7&page-url=https%3A%2F%2Fdw.dwmv.biz%2Fbk%2F4_1%2F%3Ffn%3DPetals%2Bof%2BVision%2B-%2BChristopher%2BVilliers%26_subid%3D7q76h35fe03ba5865a1%26_token%3Duui...
186 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/54999154/1?wmode=7&page-url=https%3A%2F%2Fdw.dwmv.biz%2Fbk%2F4_1%2F%3Ffn%3DPetals%2Bof%2BVision%2B-%2BChristopher%2BVilliers%26_subid%3D7q76h35fe03ba5865a1%26_token%3Duuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199&charset=utf-8&browser-info=ti%3A10%3Ans%3A1608530852104%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201221070734%3Aet%3A1608530855%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1170268091565%3Arqn%3A1%3Arn%3A273608983%3Ahid%3A1005632161%3Ads%3A11%2C17%2C232%2C211%2C1530%2C0%2C0%2C575%2C0%2C%2C%2C%2C2368%3Afp%3A2389%3Awn%3A915%3Ahl%3A2%3Agdpr%3A14%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1608530855%3Au%3A1608530855458329371%3At%3AFind%20Petals%20of%20Vision%20-%20Christopher%20Villiers%20%7C%20Yahoo%20Answers
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
01014856f82cd2612e7a0d55a4f7e529450ccc1f83967056c1038347a4ada224
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Dec 2020 06:07:34 GMT
x-content-type-options
nosniff
last-modified
Mon, 21-Dec-2020 06:07:34 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dw.dwmv.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
186
x-xss-protection
1; mode=block
expires
Mon, 21-Dec-2020 06:07:34 GMT

Redirect headers

pragma
no-cache
date
Mon, 21 Dec 2020 06:07:34 GMT
last-modified
Mon, 21-Dec-2020 06:07:34 GMT
location
/watch/54999154/1?wmode=7&page-url=https%3A%2F%2Fdw.dwmv.biz%2Fbk%2F4_1%2F%3Ffn%3DPetals%2Bof%2BVision%2B-%2BChristopher%2BVilliers%26_subid%3D7q76h35fe03ba5865a1%26_token%3Duuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199&charset=utf-8&browser-info=ti%3A10%3Ans%3A1608530852104%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201221070734%3Aet%3A1608530855%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1170268091565%3Arqn%3A1%3Arn%3A273608983%3Ahid%3A1005632161%3Ads%3A11%2C17%2C232%2C211%2C1530%2C0%2C0%2C575%2C0%2C%2C%2C%2C2368%3Afp%3A2389%3Awn%3A915%3Ahl%3A2%3Agdpr%3A14%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1608530855%3Au%3A1608530855458329371%3At%3AFind%20Petals%20of%20Vision%20-%20Christopher%20Villiers%20%7C%20Yahoo%20Answers
strict-transport-security
max-age=31536000
access-control-allow-origin
https://dw.dwmv.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 21-Dec-2020 06:07:34 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 06:07:34 GMT
last-modified
Fri, 18 Dec 2020 13:39:30 GMT
etag
"5fdcb112-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Mon, 21 Dec 2020 07:07:34 GMT
54999154
mc.yandex.ru/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/54999154?wmode=0&rn=242691080&page-url=https%3A%2F%2Fdw.dwmv.biz%2Fbk%2F4_1%2F%3Ffn%3DPetals%2Bof%2BVision%2B-%2BChristopher%2BVilliers%26_subid%3D7q76h35fe03ba5865a1%26_token%3Duuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199&wv-type=3&wv-hit=1005632161&wv-part=1&browser-info=ti%3A8%3Aet%3A1608530855%3Aw%3A1600x1200%3Av%3A1988%3Az%3A60%3Ai%3A20201221070734%3Abt%3A1%3Ast%3A1608530857%3Au%3A1608530855458329371
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 21 Dec 2020 06:07:37 GMT
last-modified
Mon, 21-Dec-2020 06:07:37 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://dw.dwmv.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 21-Dec-2020 06:07:37 GMT
54999154
mc.yandex.ru/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/54999154?wmode=0&rn=150175305&page-url=https%3A%2F%2Fdw.dwmv.biz%2Fbk%2F4_1%2F%3Ffn%3DPetals%2Bof%2BVision%2B-%2BChristopher%2BVilliers%26_subid%3D7q76h35fe03ba5865a1%26_token%3Duuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199&wv-type=3&wv-hit=1005632161&wv-part=1&browser-info=ti%3A8%3Aet%3A1608530855%3Aw%3A1600x1200%3Av%3A1988%3Az%3A60%3Ai%3A20201221070734%3Ast%3A1608530857%3Au%3A1608530855458329371
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dw.dwmv.biz/bk/4_1/?fn=Petals+of+Vision+-+Christopher+Villiers&_subid=7q76h35fe03ba5865a1&_token=uuid_7q76h35fe03ba5865a1_7q76h35fe03ba5865a15fe03ba59154f3.20303199
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 21 Dec 2020 06:07:37 GMT
last-modified
Mon, 21-Dec-2020 06:07:37 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://dw.dwmv.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 21-Dec-2020 06:07:37 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| TranslateInit function| TranslateGetCode function| TranslateCookieHandler object| google function| loadData function| ym object| closure_lm_781482 object| Ya object| yaCounter54999154

7 Cookies

Domain/Path Name / Value
.dwmv.biz/ Name: _ym_visorc_54999154
Value: w
.dwmv.biz/ Name: _ym_isad
Value: 2
dw.dwmv.biz/bk/4_1 Name: googtrans
Value: null
.dwmv.biz/ Name: _ym_uid
Value: 1608530855458329371
.dwmv.biz/ Name: _ym_d
Value: 1608530855
.dwmv.biz/ Name: __cfduid
Value: da0961f29536899467d41b581a5b97aff1608530853
.dw.dwmv.biz/bk/4_1 Name: googtrans
Value: null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bank-guiden.biz
cdnjs.cloudflare.com
dw.dwmv.biz
mc.yandex.ru
translate.google.com
translate.googleapis.com
www.gstatic.com
2606:4700:3035::681b:b395
2606:4700:3036::ac43:9c84
2606:4700::6810:125e
2a00:1450:4001:800::2003
2a00:1450:4001:815::200a
2a00:1450:4001:81d::200e
2a02:6b8::1:119
01014856f82cd2612e7a0d55a4f7e529450ccc1f83967056c1038347a4ada224
0ae6f75806361f0aeefbac0debdfc60269bd60834fdcd2ff6655c6071740796e
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
180becd4f49ab5f3e27d458f8178a5131cb35c4e55483d7014df8f8009815a20
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1ff5b9e9f511c5a85a686e90d86e806c8c338d602c25ed5828fe89cb537e3c59
2570fc8fbb62dff46ffc5ea787a3ebd1bcf333d8e84b4eefe1acd5f9e75656c5
306e3ebf53e9b1281405965a9b00d20cacbc050cdc58a6a119b8c0c2182c51d2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
7071b93437ad30460b8b6519c99226881ba3c07ae9b5d3351cc5e56f62ad3694
739ba8f8c1a9a29c6a2797df4a07d7312df4675c778ee7523b1e02fb132a425d
73d2a66966105a0f0a90572d87eef375e0079b2cc4a30df4e555ca37e8b86d9e
86207a548361e9fcdc830f7cca9540c7c93ff4132dde2a72fb38d23151bd46a4
92a8c052c24889d39ddee3617dad8f31b6f036451afefdad1334b0fcd4694794
954c7d8c5ec160bc387bd3834c91e0e188a1e82ece693013ce7b244bb449994f
9b2e72d5dc930cd912c5ec677bbcc12a7486ce3566d9d7da78087dbe9a4f8fbe
a6a7977ea981fd6b362f15a440df1ba8d860aaed4d9a0eeba692a866416c6a55
b27aab8322a08b5ca95d78ae11f23d73f69c0ef7c68d3412bb0e4eaaf61a60ff
bfc9fa5768d2a68da4bb0dda7de4b97490d830cae469ce6679a2935e0713be7c
c3518213f72e691ac42e6fd374ba49d7504f9c4b8fc48b5b4c8fcf7e414efcb2
ce3f2d93e728f6defc79a3135cafb3d6ac8580d04b3e1de508d84cdfd91bbc69
d1311c37699a3fcd66650a055869de2d5371e8c03ecf32f95f07c78f00d5085c
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d42383b5324502731c01f9f7a3e006a19287abd6035519e3da33f9861fef1c24
f266a1e3b66298420b2bc52dd957c63f34737039baee57c72fe352e9422b5628