smooth-lydian-carbon.glitch.me Open in urlscan Pro
52.203.39.37  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://www.mgid.com/ghits/12884847/i/310?h=1651295789892 Page URL
2. https://www.mgid.com/ghits/12884847/i/310/0/tr/pp/0/0/?h=1651295789892&ph=1651295789892&trt=4&k=83468fcffYD5XaLMfYD5XaLTffMHwwf!fOJffKkffMjcuNTMxMjV8MTg%3DffKZ6LbBffQffaHR0cHM6Ly93d3cubWdpZC5jb20vZ2hpdHMvMTI4ODQ4NDcva%248zMTA%2FaD0xNjUxMjk1Nzg5ODkyfff*fMHww*DkwNnw2NzY%3DffMHwwf!fcfMTh8Mjd8OTA1*DY3Ng%3D%3DfZAfS0f!f!fTW96aWxsY%2481LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChL%24FRNTCwgbGlrZ%24BHZWNrbykgQ2hyb21lLzEwM%244wLjQ5NTEuNjQgU2FmYXJpLzUzNy4zNg%3D%3DfQ2hyb21lUERGUGx1Z2lu*ENocm9tZVBERlZpZXdlcnxOYXRpdmVDbGllbnQ%3DffTGludXggeDg2XzY0fMA%3D%3DfLTF8LTE%3DfMTYwMHwxMjAwfdW5rbm93bnw0Z3wwf!f!fQff*f*(WuvSh%2B&grs=70&kpgt=235 Page URL
3. https://smooth-lydian-carbon.glitch.me/?23a363bb10db7ca42da2f5e4085a6285&utm_medium=cpc&utm_source=mgid.com&utm_campaign=what+is+your+opinion&utm_term=5528998&utm_content=12884847&adclid=23a363bb10db7ca42da2f5e4085a6285 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	310 Show response www.mgid.com/ghits/12884847/i/	17 KB 5 KB	435ms 405ms	Document text/html	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.mgid.com/ghits/12884847/i/310?h=1651295789892 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 65d0a8557e93ce3d62c0f8a87d5887959d4d35fb893c4e31eba2170e7fcb9a73 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache cf-cache-status MISS cf-ray 7104f3d39b309043-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 24 May 2022 09:19:55 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires Thu, 01 Jan 1970 00:00:01 GMT last-modified Tue, 24 May 2022 09:19:55 GMT server cloudflare vary Accept-Encoding x-robots-tag noindex
GET H2	200	api.js Show response www.google.com/recaptcha/	910 B 985 B	42ms 18ms	Script text/javascript	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=onLoadAfRecaptcha Requested by Host: www.mgid.com URL: https://www.mgid.com/ghits/12884847/i/310?h=1651295789892 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash e0c87705d2ffa4757402c31bcec2bb30a0d74a4ee39b8a912a2e466f9a1fd61b Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.mgid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 09:19:55 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 572 x-xss-protection 1; mode=block expires Tue, 24 May 2022 09:19:55 GMT
GET H2	200	img.png cdn.mgid.com/images/tranzit/	34 B 519 B	35ms 21ms	Image image/webp	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mgid.com/images/tranzit/img.png Requested by Host: www.mgid.com URL: https://www.mgid.com/ghits/12884847/i/310?h=1651295789892 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65 Request headers accept-language de-DE,de;q=0.9 Referer https://www.mgid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 09:19:55 GMT cf-cache-status HIT age 1476 cf-polished origFmt=png, origSize=68 last-modified Thu, 24 Mar 2022 17:14:24 GMT content-length 34 content-disposition inline; filename="img.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-request-id 5FEQHKFMHWMBKT2E x-amz-id-2 fxBxEIO9YUnHQwOXSA977eZHVo+Qc4q7gpzzez7j+zmYf32c2GUEtZykEtuhN2Z0YdWUrKfMxu0= cf-bgj imgq:100,h2pri server cloudflare x-amz-meta-s3cmd-attrs atime:1648142053/ctime:1648142053/gid:0/gname:root/md5:91e42db1c66c0b276abf6234dc50b2eb/mode:33206/mtime:1648142053/uid:0/uname:root etag "91e42db1c66c0b276abf6234dc50b2eb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept content-type image/webp cache-control public, max-age=86400 x-amz-version-id null accept-ranges bytes cf-ray 7104f3d65aa19043-FRA expires Wed, 25 May 2022 09:19:55 GMT
GET H2	200	dojo-other.js Show response www.mgid.com/build/	49 KB 18 KB	218ms 217ms	Script application/javascript	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.mgid.com/build/dojo-other.js?t=8c1d97ba568260a7dcc159f9426e8fb2 Requested by Host: www.mgid.com URL: https://www.mgid.com/ghits/12884847/i/310?h=1651295789892 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 72316c0cdf10a9fd8917e0da913727db7a74fb8df654bee5e21051f64e298469 Request headers accept-language de-DE,de;q=0.9 Referer https://www.mgid.com/ghits/12884847/i/310?h=1651295789892 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 09:19:56 GMT content-encoding br cf-cache-status HIT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 19 May 2022 08:33:30 GMT server cloudflare etag W/"628600da-c526" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods POST, OPTIONS content-type application/javascript expires Thu, 01 Jan 1970 00:00:01 GMT cache-control no-cache access-control-allow-credentials true cf-ray 7104f3d64a8b9043-FRA access-control-allow-headers * cf-bgj minify
GET H2	200	hotjar-2590724.js Show response static.hotjar.com/c/	6 KB 3 KB	31ms 8ms	Script application/javascript	65.9.63.33 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-2590724.js?sv=6 Requested by Host: www.mgid.com URL: https://www.mgid.com/ghits/12884847/i/310?h=1651295789892 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.63.33 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-63-33.fra56.r.cloudfront.net Software / Resource Hash 2ed3b59f6a4ab625306e3aa25f4fe80286376ac873111555b1a4f428152df07e Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.mgid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 09:19:09 GMT content-encoding br x-content-type-options nosniff cache-control max-age=60 age 46 etag W/bee62b7ca747422cb65ebc4e22d91b86 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cross-origin-resource-policy cross-origin x-amz-cf-pop FRA56-C1 x-amz-cf-id dMI9bcBD0MHPujo9a4JHzQkTGEENQxZLRN8EHGFx2GX0x8mYtUX75Q== via 1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
GET H2	200	modules.9df047ec291a23154332.js Show response script.hotjar.com/	243 KB 63 KB	30ms 8ms	Script application/javascript	99.86.4.91 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.9df047ec291a23154332.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2590724.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.91 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-91.fra6.r.cloudfront.net Software / Resource Hash 2604a6f4a19dac1ad524aad3f287fa9f8f1e2982a69144403044860d6bddf7a0 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.mgid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Mon, 23 May 2022 15:52:06 GMT content-encoding br x-content-type-options nosniff age 62868 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 63956 access-control-allow-origin * last-modified Mon, 23 May 2022 15:52:03 GMT etag "c575f1f0bf4374a5e177b9bd85b0b874" vary Accept-Encoding content-type application/javascript via 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA6-C1 accept-ranges bytes x-robots-tag none x-amz-cf-id XLWpecMguKa4wkacQNV_ViaK7AL22ZlbiopBlkFW_SBEsDVPNdw9mA==
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/	365 KB 145 KB	38ms 7ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=onLoadAfRecaptcha Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.mgid.com/ Origin https://www.mgid.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 09:07:38 GMT content-encoding gzip x-content-type-options nosniff age 737 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 147703 x-xss-protection 0 last-modified Mon, 16 May 2022 04:03:20 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 24 May 2023 09:07:38 GMT
GET H2	200	box-4924254a9ce4dc9b959b6e4a9b662d60.html Show response vars.hotjar.com/ Frame 340A	2 KB 1 KB	33ms 7ms	Document text/html	143.204.215.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2590724.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-118.fra53.r.cloudfront.net Software / Resource Hash 67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9 Request headers Referer https://www.mgid.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 3537050 cache-control max-age=31536000 content-encoding br content-length 1044 content-type text/html cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 13 Apr 2022 10:49:06 GMT etag "1635635016e428baa170305e9282c34a" last-modified Wed, 13 Apr 2022 10:48:29 GMT vary Accept-Encoding via 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront) x-amz-cf-id JoTOAH9NUE8ekILd7C8K4NnHIVv3WBKY-93F8JMOU3Sefn6oxIQn4A== x-amz-cf-pop FRA53-C1 x-cache Hit from cloudfront x-robots-tag none
GET H3	200	anchor Show response www.google.com/recaptcha/api2/ Frame 3130	41 KB 21 KB	66ms 24ms	Document text/html	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldz4fwUAAAAAPdZzOdUVwVfwwimglEBb_9XdtlK&co=aHR0cHM6Ly93d3cubWdpZC5jb206NDQz&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&sa=antifraud&cb=s26io2mk1qr8 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash fe96d2a9fac6e5561f1cc572078d2c7e3e613e5ec45b20d4339cb0764d8028e6 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-bM4bm0w4AJ6W8EHbFHpidg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.mgid.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 21872 content-security-policy script-src 'report-sample' 'nonce-bM4bm0w4AJ6W8EHbFHpidg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 24 May 2022 09:19:56 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	request.js Show response script.anura.io/	49 KB 18 KB	129ms 71ms	Script application/javascript	18.168.192.230 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.anura.io/request.js?instance=890857896&source=5528998&callback=TransitAnuraCallback&1653383996105 Requested by Host: www.mgid.com URL: https://www.mgid.com/build/dojo-other.js?t=8c1d97ba568260a7dcc159f9426e8fb2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.168.192.230 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-168-192-230.eu-west-2.compute.amazonaws.com Software nginx / Resource Hash 3bb38d93ec68b769c02710c669252f807e386233eca5c58ed88540e55d75e7c5 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.mgid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 09:19:56 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0 expires Sun, 28 Dec 1980 18:57:00 EST
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 3130	51 KB 24 KB	26ms 8ms	Stylesheet text/css	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldz4fwUAAAAAPdZzOdUVwVfwwimglEBb_9XdtlK&co=aHR0cHM6Ly93d3cubWdpZC5jb206NDQz&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&sa=antifraud&cb=s26io2mk1qr8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 09:07:46 GMT content-encoding gzip x-content-type-options nosniff age 730 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24237 x-xss-protection 0 last-modified Mon, 16 May 2022 04:03:20 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 24 May 2023 09:07:46 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 3130	365 KB 144 KB	25ms 7ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldz4fwUAAAAAPdZzOdUVwVfwwimglEBb_9XdtlK&co=aHR0cHM6Ly93d3cubWdpZC5jb206NDQz&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&sa=antifraud&cb=s26io2mk1qr8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 09:07:38 GMT content-encoding gzip x-content-type-options nosniff age 738 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 147703 x-xss-protection 0 last-modified Mon, 16 May 2022 04:03:20 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 24 May 2023 09:07:38 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 3130	102 B 134 B	18ms 17ms	Other text/javascript	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldz4fwUAAAAAPdZzOdUVwVfwwimglEBb_9XdtlK&co=aHR0cHM6Ly93d3cubWdpZC5jb206NDQz&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&sa=antifraud&cb=s26io2mk1qr8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 7127d15642f8979cf58784f91d487e77a81cd8e1db0e8547cb683f62829ad7d0 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldz4fwUAAAAAPdZzOdUVwVfwwimglEBb_9XdtlK&co=aHR0cHM6Ly93d3cubWdpZC5jb206NDQz&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&sa=antifraud&cb=s26io2mk1qr8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 09:19:56 GMT content-encoding gzip x-content-type-options nosniff server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112 x-xss-protection 1; mode=block expires Tue, 24 May 2022 09:19:56 GMT
POST H3	200	reload Show response www.google.com/recaptcha/api2/ Frame 3130	31 KB 18 KB	45ms 44ms	XHR application/json	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/reload?k=6Ldz4fwUAAAAAPdZzOdUVwVfwwimglEBb_9XdtlK Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash e1dc7886bb18e0d92c32e5ec2919a4226b0a7d62ddcef07fc628edc7a49a2cd5 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldz4fwUAAAAAPdZzOdUVwVfwwimglEBb_9XdtlK&co=aHR0cHM6Ly93d3cubWdpZC5jb206NDQz&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=invisible&sa=antifraud&cb=s26io2mk1qr8 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Content-Type application/x-protobuffer Response headers date Tue, 24 May 2022 09:19:56 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 cache-control private, max-age=0 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18145 x-xss-protection 1; mode=block expires Tue, 24 May 2022 09:19:56 GMT
GET H3	200	/ www.mgid.com/rc/	2 B 336 B	418ms 418ms	XHR text/html	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.mgid.com/rc/?sitekey=6Ldz4fwUAAAAAPdZzOdUVwVfwwimglEBb_9XdtlK&rid=&showHash=1651295789892&uid=5528998&composite=83468&loadedTime=1653383995879&action=antifraud&pubSrcId=&g-recaptcha-response=03AGdBq24LYEWhlIrP3owdmDXWxUz-wC0LUNrrS5DA6VN1xNfV_cTE0FAZ7f6pBQrUDQRN7aJ8fCwQEuQlygj5UaP84ZCZa3136ay93SIQMAGlf4ydnzGb7RmKqYuwmPtKCBVZ7F_BznFDwGoVDbnwa7AiZpEftriXKEQLqnTm9kO2rzNLCXuJ4XKsIxYYl-n4oJAisRCz4DcbwrkkJmRdefCggghLIjto1oeiQKyHxTQENzWjG2M3I2kYudwqqixdZZo8OCkUcaSP-SBsP6CR3tQoqn-jxfAQMXEoAiYOgYWIX6jDz9dym8L8MfVZ0IbrU3MCt3Xt12b5v79zYmXedaxJU0fNN8hgmx5G3MxgU3YNL-AV0KMWzi59dTWIRyl-V0SyPlE1SO10ihvnFiZjnK8VBSinzjl0TN0fhRkItkSaEKz7GnzCpn-g4ot3kBOcxXOZtFyTMPC4 Requested by Host: www.mgid.com URL: https://www.mgid.com/ghits/12884847/i/310?h=1651295789892 Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.mgid.com/ghits/12884847/i/310?h=1651295789892 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 09:19:56 GMT content-encoding br cf-cache-status MISS last-modified Tue, 24 May 2022 09:19:56 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-cache cf-ray 7104f3d9994a920b-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-robots-tag noindex expires Thu, 01 Jan 1970 00:00:01 GMT
GET		/ www.mgid.com/ghits/12884847/i/310/0/tr/pp/0/0/	0 0
POST H2	200	response.json script.anura.io/	52 B 405 B	189ms 142ms	XHR application/json	18.168.192.230 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.anura.io/response.json Requested by Host: script.anura.io URL: https://script.anura.io/request.js?instance=890857896&source=5528998&callback=TransitAnuraCallback&1653383996105 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.168.192.230 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-168-192-230.eu-west-2.compute.amazonaws.com Software nginx / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.mgid.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers pragma no-cache date Tue, 24 May 2022 09:19:56 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Accept-Encoding access-control-allow-methods POST content-type application/json; charset=utf-8 access-control-allow-origin * cache-control private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0 expires Sun, 28 Dec 1980 18:57:00 EST
GET H3	200	/ www.mgid.com/ghits/12884847/i/310/0/tr/pp/0/0/	2 KB 2 KB	580ms 579ms	Document text/html	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.mgid.com/ghits/12884847/i/310/0/tr/pp/0/0/?h=1651295789892&ph=1651295789892&trt=4&k=83468fcffYD5XaLMfYD5XaLTffMHwwf!fOJffKkffMjcuNTMxMjV8MTg%3DffKZ6LbBffQffaHR0cHM6Ly93d3cubWdpZC5jb20vZ2hpdHMvMTI4ODQ4NDcva%248zMTA%2FaD0xNjUxMjk1Nzg5ODkyfff*fMHww*DkwNnw2NzY%3DffMHwwf!fcfMTh8Mjd8OTA1*DY3Ng%3D%3DfZAfS0f!f!fTW96aWxsY%2481LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChL%24FRNTCwgbGlrZ%24BHZWNrbykgQ2hyb21lLzEwM%244wLjQ5NTEuNjQgU2FmYXJpLzUzNy4zNg%3D%3DfQ2hyb21lUERGUGx1Z2lu*ENocm9tZVBERlZpZXdlcnxOYXRpdmVDbGllbnQ%3DffTGludXggeDg2XzY0fMA%3D%3DfLTF8LTE%3DfMTYwMHwxMjAwfdW5rbm93bnw0Z3wwf!f!fQff*f*(WuvSh%2B&grs=70&kpgt=235 Requested by Host: www.mgid.com URL: https://www.mgid.com/ghits/12884847/i/310?h=1651295789892 Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://www.mgid.com/ghits/12884847/i/310?h=1651295789892 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache cf-cache-status MISS cf-ray 7104f3dc4ea0920b-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 24 May 2022 09:19:57 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires Thu, 01 Jan 1970 00:00:01 GMT last-modified Tue, 24 May 2022 09:19:57 GMT server cloudflare vary Accept-Encoding x-mg-click-uuid 51af5cc6-9f27-0b92-dace-ed8df4d48ab8 x-robots-tag noindex
POST H2	200	result.json script.anura.io/	27 B 384 B	38ms 38ms	XHR application/json	18.168.192.230 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.anura.io/result.json Requested by Host: www.mgid.com URL: https://www.mgid.com/build/dojo-other.js?t=8c1d97ba568260a7dcc159f9426e8fb2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.168.192.230 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-168-192-230.eu-west-2.compute.amazonaws.com Software nginx / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.mgid.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers pragma no-cache date Tue, 24 May 2022 09:19:56 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Accept-Encoding access-control-allow-methods GET, POST content-type application/json; charset=utf-8 access-control-allow-origin * cache-control private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0 expires Sun, 28 Dec 1980 18:57:00 EST
POST H2	200	anura c.mgid.com/	43 B 159 B	122ms 111ms	Ping image/gif	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.mgid.com/anura?composite=83468&showHash=1651295789892&result=bad Requested by Host: www.mgid.com URL: https://www.mgid.com/build/dojo-other.js?t=8c1d97ba568260a7dcc159f9426e8fb2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.mgid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 09:19:57 GMT cf-cache-status DYNAMIC server cloudflare access-control-allow-headers * expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods POST content-type image/gif access-control-allow-origin https://www.mgid.com cf-ray 7104f3dd294b9043-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	Primary Request / Show response smooth-lydian-carbon.glitch.me/	69 KB 70 KB	582ms 373ms	Document text/html	52.203.39.37 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://smooth-lydian-carbon.glitch.me/?23a363bb10db7ca42da2f5e4085a6285&utm_medium=cpc&utm_source=mgid.com&utm_campaign=what+is+your+opinion&utm_term=5528998&utm_content=12884847&adclid=23a363bb10db7ca42da2f5e4085a6285 Requested by Host: www.mgid.com URL: https://www.mgid.com/ghits/12884847/i/310/0/tr/pp/0/0/?h=1651295789892&ph=1651295789892&trt=4&k=83468fcffYD5XaLMfYD5XaLTffMHwwf!fOJffKkffMjcuNTMxMjV8MTg%3DffKZ6LbBffQffaHR0cHM6Ly93d3cubWdpZC5jb20vZ2hpdHMvMTI4ODQ4NDcva%248zMTA%2FaD0xNjUxMjk1Nzg5ODkyfff*fMHww*DkwNnw2NzY%3DffMHwwf!fcfMTh8Mjd8OTA1*DY3Ng%3D%3DfZAfS0f!f!fTW96aWxsY%2481LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChL%24FRNTCwgbGlrZ%24BHZWNrbykgQ2hyb21lLzEwM%244wLjQ5NTEuNjQgU2FmYXJpLzUzNy4zNg%3D%3DfQ2hyb21lUERGUGx1Z2lu*ENocm9tZVBERlZpZXdlcnxOYXRpdmVDbGllbnQ%3DffTGludXggeDg2XzY0fMA%3D%3DfLTF8LTE%3DfMTYwMHwxMjAwfdW5rbm93bnw0Z3wwf!f!fQff*f*(WuvSh%2B&grs=70&kpgt=235 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.203.39.37 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-203-39-37.compute-1.amazonaws.com Software AmazonS3 / Resource Hash 95aa00dfdb915dc4947bdd49fdf1d13665e1aafa2de6c324563117cb09421ab3 Request headers Referer https://www.mgid.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control no-cache content-length 70835 content-type text/html; charset=utf-8 date Tue, 24 May 2022 09:19:57 GMT etag "9bc109d9e004d1cf094b14bdc5b72005" last-modified Mon, 04 Apr 2022 18:33:43 GMT server AmazonS3 x-amz-id-2 MCa4di6fphAjaXJFsJb+Xp6mORufW7znz6o2BH2eAlmcW6ZnZ3UWOajgiOVo6xKc75gg38d2RhM= x-amz-request-id JS9G9YPG5GX38KN7 x-amz-version-id a1XLX4ix3tS2hILfji1sW1ROWwWoJgmb
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.2.4/	84 KB 84 KB	38ms 8ms	Script text/javascript	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js Requested by Host: smooth-lydian-carbon.glitch.me URL: https://smooth-lydian-carbon.glitch.me/?23a363bb10db7ca42da2f5e4085a6285&utm_medium=cpc&utm_source=mgid.com&utm_campaign=what+is+your+opinion&utm_term=5528998&utm_content=12884847&adclid=23a363bb10db7ca42da2f5e4085a6285 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://smooth-lydian-carbon.glitch.me/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Mon, 23 May 2022 05:43:56 GMT x-content-type-options nosniff age 99362 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 85578 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 23 May 2023 05:43:56 GMT
GET H2	200	jquery-3.1.1.min.js Show response code.jquery.com/	85 KB 30 KB	38ms 10ms	Script application/javascript	2001:4de0:ac18::1:a:3a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.1.1.min.js Requested by Host: smooth-lydian-carbon.glitch.me URL: https://smooth-lydian-carbon.glitch.me/?23a363bb10db7ca42da2f5e4085a6285&utm_medium=cpc&utm_source=mgid.com&utm_campaign=what+is+your+opinion&utm_term=5528998&utm_content=12884847&adclid=23a363bb10db7ca42da2f5e4085a6285 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Request headers Referer https://smooth-lydian-carbon.glitch.me/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Tue, 24 May 2022 09:19:58 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-152b5" vary Accept-Encoding x-hw 1653383998.dop139.fr8.t,1653383998.cds278.fr8.hn,1653383998.cds012.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30070
GET H2	200	jquery-3.3.1.js Show response code.jquery.com/	265 KB 79 KB	48ms 21ms	Script application/javascript	2001:4de0:ac18::1:a:3a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.3.1.js Requested by Host: smooth-lydian-carbon.glitch.me URL: https://smooth-lydian-carbon.glitch.me/?23a363bb10db7ca42da2f5e4085a6285&utm_medium=cpc&utm_source=mgid.com&utm_campaign=what+is+your+opinion&utm_term=5528998&utm_content=12884847&adclid=23a363bb10db7ca42da2f5e4085a6285 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad Request headers Referer https://smooth-lydian-carbon.glitch.me/ Origin https://smooth-lydian-carbon.glitch.me accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Tue, 24 May 2022 09:19:58 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-42587" vary Accept-Encoding x-hw 1653383998.dop240.fr8.t,1653383998.cds272.fr8.hn,1653383998.cds165.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 80268
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/	141 KB 21 KB	62ms 42ms	Stylesheet text/css	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css Requested by Host: smooth-lydian-carbon.glitch.me URL: https://smooth-lydian-carbon.glitch.me/?23a363bb10db7ca42da2f5e4085a6285&utm_medium=cpc&utm_source=mgid.com&utm_campaign=what+is+your+opinion&utm_term=5528998&utm_content=12884847&adclid=23a363bb10db7ca42da2f5e4085a6285 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://smooth-lydian-carbon.glitch.me/ Origin https://smooth-lydian-carbon.glitch.me accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 09:19:58 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS cdn-edgestorageid 756 access-control-allow-origin * cdn-cachedat 05/23/2022 17:31:54 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cdn-proxyver 1.02 timing-allow-origin * last-modified Mon, 25 Jan 2021 22:04:04 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 687dda4630a73705af9ef5af88a6e275 cf-ray 7104f3e45dd89bf5-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	css fonts.googleapis.com/	1 KB 964 B	40ms 17ms	Stylesheet text/css	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Archivo+Narrow&display=swap Requested by Host: smooth-lydian-carbon.glitch.me URL: https://smooth-lydian-carbon.glitch.me/?23a363bb10db7ca42da2f5e4085a6285&utm_medium=cpc&utm_source=mgid.com&utm_campaign=what+is+your+opinion&utm_term=5528998&utm_content=12884847&adclid=23a363bb10db7ca42da2f5e4085a6285 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ebcc3a26916f3cc537720bee96a1b5e00186713a0e920e3aaf344bf32e69d055 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://smooth-lydian-carbon.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 24 May 2022 07:59:13 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 24 May 2022 09:19:58 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 24 May 2022 09:19:58 GMT
GET H2	200	585b051251.js Show response kit.fontawesome.com/	11 KB 4 KB	57ms 35ms	Script text/javascript	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/585b051251.js Requested by Host: smooth-lydian-carbon.glitch.me URL: https://smooth-lydian-carbon.glitch.me/?23a363bb10db7ca42da2f5e4085a6285&utm_medium=cpc&utm_source=mgid.com&utm_campaign=what+is+your+opinion&utm_term=5528998&utm_content=12884847&adclid=23a363bb10db7ca42da2f5e4085a6285 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cddaef1a49287960674430f7b2f137494671f37cd426b97a718f7957fb3926f4 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Referer https://smooth-lydian-carbon.glitch.me/ Origin https://smooth-lydian-carbon.glitch.me accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Tue, 24 May 2022 09:19:58 GMT content-encoding gzip cf-cache-status MISS server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary origin, accept-encoding, access-control-request-headers, access-control-request-method access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * access-control-max-age 3000 cache-control max-age=60, public, must-revalidate strict-transport-security max-age=31536000; preload cf-ray 7104f3e45dd1912e-FRA access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token x-request-id FvH__H_CNkcqEP2AEgCB
GET H/1.1	200 OK	microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg secure.aadcdn.microsoftonline-p.com/ests/2.1.8576.13/content/images/	4 KB 2 KB	738ms 631ms	Image image/svg+xml	2a02:26f0:de:59b::35c1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://secure.aadcdn.microsoftonline-p.com/ests/2.1.8576.13/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg Requested by Host: smooth-lydian-carbon.glitch.me URL: https://smooth-lydian-carbon.glitch.me/?23a363bb10db7ca42da2f5e4085a6285&utm_medium=cpc&utm_source=mgid.com&utm_campaign=what+is+your+opinion&utm_term=5528998&utm_content=12884847&adclid=23a363bb10db7ca42da2f5e4085a6285 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:de:59b::35c1 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://smooth-lydian-carbon.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Tue, 24 May 2022 09:19:58 GMT Content-Encoding gzip Last-Modified Sun, 19 May 2019 07:54:57 GMT Content-MD5 nzaLxFgP7ZB3dfMcaybWzw== Vary Accept-Encoding Connection keep-alive Content-Type image/svg+xml Access-Control-Allow-Origin * Cache-Control public, max-age=31536000 Strict-Transport-Security max-age=31536000 Content-Length 1435
GET H2	200	jquery-3.2.1.slim.min.js Show response code.jquery.com/	68 KB 23 KB	61ms 35ms	Script application/javascript	2001:4de0:ac18::1:a:3a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.2.1.slim.min.js Requested by Host: smooth-lydian-carbon.glitch.me URL: https://smooth-lydian-carbon.glitch.me/?23a363bb10db7ca42da2f5e4085a6285&utm_medium=cpc&utm_source=mgid.com&utm_campaign=what+is+your+opinion&utm_term=5528998&utm_content=12884847&adclid=23a363bb10db7ca42da2f5e4085a6285 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Request headers Referer https://smooth-lydian-carbon.glitch.me/ Origin https://smooth-lydian-carbon.glitch.me accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Tue, 24 May 2022 09:19:58 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-10fdd" vary Accept-Encoding x-hw 1653383998.dop240.fr8.t,1653383998.cds272.fr8.hn,1653383998.cds257.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 23856
GET H2	200	popper.min.js Show response cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/	19 KB 7 KB	46ms 19ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js Requested by Host: smooth-lydian-carbon.glitch.me URL: https://smooth-lydian-carbon.glitch.me/?23a363bb10db7ca42da2f5e4085a6285&utm_medium=cpc&utm_source=mgid.com&utm_campaign=what+is+your+opinion&utm_term=5528998&utm_content=12884847&adclid=23a363bb10db7ca42da2f5e4085a6285 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://smooth-lydian-carbon.glitch.me/ Origin https://smooth-lydian-carbon.glitch.me accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Tue, 24 May 2022 09:19:58 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 2282144 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 6157 timing-allow-origin * last-modified Mon, 04 May 2020 16:15:37 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fa9-4af4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZ40oeV8ZRyfo1pDjUX%2FvFz7AdkI%2FC3PlPP931%2FAnxLafPGeCI4CnmeoJmHwWzVlqW6UCjBStCrldRTsZMxh3ybgN5fPHghVvVNqcHVqW3pK4grcwifKzauVZxi3DWjJ%2FMPHfd4XGwxK45X2gLwxASXl"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 7104f3e4691b9156-FRA expires Sun, 14 May 2023 09:19:58 GMT
GET H2	200	bootstrap.min.js Show response maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/	48 KB 14 KB	53ms 35ms	Script application/javascript	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js Requested by Host: smooth-lydian-carbon.glitch.me URL: https://smooth-lydian-carbon.glitch.me/?23a363bb10db7ca42da2f5e4085a6285&utm_medium=cpc&utm_source=mgid.com&utm_campaign=what+is+your+opinion&utm_term=5528998&utm_content=12884847&adclid=23a363bb10db7ca42da2f5e4085a6285 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://smooth-lydian-carbon.glitch.me/ Origin https://smooth-lydian-carbon.glitch.me accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Tue, 24 May 2022 09:19:58 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS cdn-edgestorageid 860 access-control-allow-origin * cdn-cachedat 03/10/2022 17:24:53 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cdn-proxyver 1.02 timing-allow-origin * last-modified Mon, 25 Jan 2021 22:04:04 GMT server cloudflare cdn-requestpullcode 200 etag W/"14d449eb8876fa55e1ef3c2cc52b0c17" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 0b2e2bda5173a4dc9cc6680372ba835d cf-ray 7104f3e45ddb9bf5-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	free.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	59 KB 13 KB	57ms 38ms	Fetch text/css	2a06:98c1:3121::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=585b051251 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/585b051251.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda Request headers accept-language de-DE,de;q=0.9 Referer https://smooth-lydian-carbon.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 09:19:58 GMT via 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront) vary Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA2-C1 x-cache Hit from cloudfront access-control-allow-methods GET content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7z1Uh%2FZi9JJ8ujtbqhzrraFpGJ%2BwUY6YdBvxp2PKbqLY0epnIsLmSrqM00fpvTIStFl5iktMGpQVgM3MzKTc%2FqGauheQxu1KcW8iF%2F%2BEaHV8DGAyf9qWbcxoD75pIkgTLvlktFs759P%2F5sTRFt%2F8nADjuQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 cf-ray 7104f3e4dff19bac-FRA access-control-allow-headers fa-kit-token x-amz-cf-id 53e9J5VontwIc5o3d2fMe5p5m5GCCyyuXDBGB7g0573yvk1FLPB99A==
GET H2	200	free-v4-shims.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	26 KB 4 KB	59ms 39ms	Fetch text/css	2a06:98c1:3121::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/585b051251.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8 Request headers accept-language de-DE,de;q=0.9 Referer https://smooth-lydian-carbon.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 09:19:58 GMT via 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront) vary Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA2-C1 x-cache Hit from cloudfront access-control-allow-methods GET content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"76f34b71fc9fb641507ff6a822cc07f5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRehQ5w4tiCSwrWC%2BxXQoXz9Ko9xEvt8ileV87pi54gqPvtCvqEFPwrB%2FyiJ6I3K6pZP%2BtSC3YZp9e7l8VW7McKxYkfJoOzgTmwFdyicG%2F%2FhpZMIM1Ak%2BbdeOfpwOB5id0AmrKYHuZzT3CTmICoK0J0%2BtQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 cf-ray 7104f3e4dff39bac-FRA access-control-allow-headers fa-kit-token x-amz-cf-id WAQMlthk0rvW6XXuOPTXWa2mEhQVuyy8Yzi6ALYs75-Znb6fdwb_OQ==
GET H2	200	2_bc3d32a696895f78c19df6c717586a5d.svg aadcdn.msftauth.net/ests/2.1/content/images/backgrounds/	2 KB 1 KB	39ms 10ms	Image image/svg+xml	152.199.23.37 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msftauth.net/ests/2.1/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg Requested by Host: smooth-lydian-carbon.glitch.me URL: https://smooth-lydian-carbon.glitch.me/?23a363bb10db7ca42da2f5e4085a6285&utm_medium=cpc&utm_source=mgid.com&utm_campaign=what+is+your+opinion&utm_term=5528998&utm_content=12884847&adclid=23a363bb10db7ca42da2f5e4085a6285 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.23.37 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/8F11) / Resource Hash 0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68 Request headers accept-language de-DE,de;q=0.9 Referer https://smooth-lydian-carbon.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 24 May 2022 09:19:58 GMT content-encoding gzip content-md5 DhdidjYrlCeaRJJRG/y9mA== age 30272514 x-cache HIT content-length 673 x-ms-lease-status unlocked last-modified Thu, 13 Feb 2020 02:09:09 GMT server ECAcc (frc/8F11) etag 0x8D7B029B6833F84 vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 0cd045bc-e01e-007a-6dfb-5bc91c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.mgid.com

URL

https://www.mgid.com/ghits/12884847/i/310/0/tr/pp/0/0/?h=1651295789892&ph=1651295789892&trt=4&k=83468fcffYD5XaLMfYD5XaLTffMHwwf!fOJffKkffMjcuNTMxMjV8MTg%3DffKZ6LbBffQffaHR0cHM6Ly93d3cubWdpZC5jb20vZ2hpdHMvMTI4ODQ4NDcva%248zMTA%2FaD0xNjUxMjk1Nzg5ODkyfff*fMHww*DkwNnw2NzY%3DffMHwwf!fcfMTh8Mjd8OTA1*DY3Ng%3D%3DfZAfS0f!f!fTW96aWxsY%2481LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChL%24FRNTCwgbGlrZ%24BHZWNrbykgQ2hyb21lLzEwM%244wLjQ5NTEuNjQgU2FmYXJpLzUzNy4zNg%3D%3DfQ2hyb21lUERGUGx1Z2lu*ENocm9tZVBERlZpZXdlcnxOYXRpdmVDbGllbnQ%3DffTGludXggeDg2XzY0fMA%3D%3DfLTF8LTE%3DfMTYwMHwxMjAwfdW5rbm93bnw0Z3wwf!f!fQff*f*(WuvSh%2B&grs=-2&kpgt=235

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online) Microsoft (Consumer)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| $ function| jQuery object| FontAwesomeKitConfig function| Popper object| bootstrap function| imgError

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.google.com/recaptcha	1970-01-20 07:35:35	Name: _GRECAPTCHA Value: 09AJZS53Zvr90NYg3G3C8yOx0MPfNZzTt3_eqKVxIJQfZAmsZW4GJuJPZRf4VwGexHVzfdwbWmCq4F9h-avoQHdsQ
			.mgid.com/	1970-01-20 03:16:25	Name: __cf_bm Value: o4AQ3jL.JjvRZ39gxii_uGQUdM2lOryrQVqaL_5113I-1653383995-0-AYQ78OCUZkRByNjhTZka+sJ/+pF2Jgh+bXkmDcCW6OEwQUdGTOi4drGY3jP8B7UPFbykfOiZDIA0UsUb59p2UDQ=
			.mgid.com/	1970-01-20 12:01:59	Name: _hjSessionUser_2590724 Value: eyJpZCI6IjcxOWJhYzBhLTdmNjEtNTViZC1iNTNhLWI4NmVmNzQwMWUzNSIsImNyZWF0ZWQiOjE2NTMzODM5OTU5ODMsImV4aXN0aW5nIjpmYWxzZX0=
			.mgid.com/	1970-01-20 03:16:25	Name: _hjFirstSeen Value: 1
			www.mgid.com/	1970-01-20 03:16:24	Name: _hjIncludedInSessionSample Value: 0
			.mgid.com/	1970-01-20 03:16:25	Name: _hjSession_2590724 Value: eyJpZCI6ImVmYzUxMzM1LWE4YTctNDQ2Mi04YzBkLTQxM2VmOWVkZWExYyIsImNyZWF0ZWQiOjE2NTMzODM5OTYwNTksImluU2FtcGxlIjpmYWxzZX0=
			.mgid.com/	1970-01-20 03:16:25	Name: _hjAbsoluteSessionInProgress Value: 0
			www.mgid.com/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22206%22%3A%7B%7D%7D
			.mgid.com/	1970-01-20 03:17:50	Name: mgid Value: 12884847
			.mgid.com/	1970-01-20 03:17:50	Name: mtid Value: 310
			.mgid.com/	1970-01-20 03:17:50	Name: mtuid Value: 5528998
			.mgid.com/	1970-01-20 03:17:50	Name: mstatus Value: 0
			.mgid.com/	1970-01-20 03:17:50	Name: mghd Value: smooth-lydian-carbon.glitch.me

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://smooth-lydian-carbon.glitch.me/?23a363bb10db7ca42da2f5e4085a6285&utm_medium=cpc&utm_source=mgid.com&utm_campaign=what+is+your+opinion&utm_term=5528998&utm_content=12884847&adclid=23a363bb10db7ca42da2f5e4085a6285 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://smooth-lydian-carbon.glitch.me/?23a363bb10db7ca42da2f5e4085a6285&utm_medium=cpc&utm_source=mgid.com&utm_campaign=what+is+your+opinion&utm_term=5528998&utm_content=12884847&adclid=23a363bb10db7ca42da2f5e4085a6285 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://smooth-lydian-carbon.glitch.me/?23a363bb10db7ca42da2f5e4085a6285&utm_medium=cpc&utm_source=mgid.com&utm_campaign=what+is+your+opinion&utm_term=5528998&utm_content=12884847&adclid=23a363bb10db7ca42da2f5e4085a6285 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.1.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://smooth-lydian-carbon.glitch.me/?23a363bb10db7ca42da2f5e4085a6285&utm_medium=cpc&utm_source=mgid.com&utm_campaign=what+is+your+opinion&utm_term=5528998&utm_content=12884847&adclid=23a363bb10db7ca42da2f5e4085a6285 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.3.1.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://smooth-lydian-carbon.glitch.me/?23a363bb10db7ca42da2f5e4085a6285&utm_medium=cpc&utm_source=mgid.com&utm_campaign=what+is+your+opinion&utm_term=5528998&utm_content=12884847&adclid=23a363bb10db7ca42da2f5e4085a6285 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://kit.fontawesome.com/585b051251.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://smooth-lydian-carbon.glitch.me/?23a363bb10db7ca42da2f5e4085a6285&utm_medium=cpc&utm_source=mgid.com&utm_campaign=what+is+your+opinion&utm_term=5528998&utm_content=12884847&adclid=23a363bb10db7ca42da2f5e4085a6285 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.2.1.slim.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://smooth-lydian-carbon.glitch.me/?23a363bb10db7ca42da2f5e4085a6285&utm_medium=cpc&utm_source=mgid.com&utm_campaign=what+is+your+opinion&utm_term=5528998&utm_content=12884847&adclid=23a363bb10db7ca42da2f5e4085a6285 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://smooth-lydian-carbon.glitch.me/?23a363bb10db7ca42da2f5e4085a6285&utm_medium=cpc&utm_source=mgid.com&utm_campaign=what+is+your+opinion&utm_term=5528998&utm_content=12884847&adclid=23a363bb10db7ca42da2f5e4085a6285 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://smooth-lydian-carbon.glitch.me/?23a363bb10db7ca42da2f5e4085a6285&utm_medium=cpc&utm_source=mgid.com&utm_campaign=what+is+your+opinion&utm_term=5528998&utm_content=12884847&adclid=23a363bb10db7ca42da2f5e4085a6285 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.