urlscan.io logo urlscan.io
SecurityTrails logo

dub.lunarove.com Open in urlscan Pro
2a00:1450:4001:813::2013  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dub.lunarove.com/
Effective URL: https://dub.lunarove.com/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On November 24 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 9 domains to perform 50 HTTP transactions. The main IP is 2a00:1450:4001:813::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is dub.lunarove.com.
TLS certificate: Issued by GTS CA 1D4 on September 27th 2023. Valid for: 3 months.
This is the only time dub.lunarove.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    2a00:1450:4001:813::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
dub.lunarove.com
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
7    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
3    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
drive.google.com
1    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1160897509-atari-embeds.googleusercontent.com
1    34.251.49.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-49-25.eu-west-1.compute.amazonaws.com
predictable-person-269392.framer.app
13    2600:9000:2490:5200:d:ada1:a280:93a1 (United States)

ASN16509 (AMAZON-02, US)
framerusercontent.com
3    13.224.222.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-222-38.lhr61.r.cloudfront.net
events.framer.com
2    2600:9000:223e:5400:d:6b42:4ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.framerstatic.com
2    2600:9000:2394:d600:10:9b9d:b9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
framer.com
Apex Domain
Subdomains		 Transfer
13 framerusercontent.com
framerusercontent.com — Cisco Umbrella Rank: 70067
196 KB
12 gstatic.com
www.gstatic.com
fonts.gstatic.com
911 KB
10 google.com
apis.google.com — Cisco Umbrella Rank: 112
play.google.com — Cisco Umbrella Rank: 28
drive.google.com — Cisco Umbrella Rank: 318
171 KB
5 framer.com
events.framer.com — Cisco Umbrella Rank: 82592
framer.com — Cisco Umbrella Rank: 73481
17 KB
4 lunarove.com
dub.lunarove.com
12 KB
2 framerstatic.com
app.framerstatic.com — Cisco Umbrella Rank: 115728
40 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
3 KB
1 framer.app
predictable-person-269392.framer.app
10 KB
1 googleusercontent.com
1160897509-atari-embeds.googleusercontent.com
1 KB
50 9
Domain Requested by
13 framerusercontent.com predictable-person-269392.framer.app
framerusercontent.com
9 www.gstatic.com dub.lunarove.com
www.gstatic.com
7 apis.google.com dub.lunarove.com
apis.google.com
www.gstatic.com
1160897509-atari-embeds.googleusercontent.com
4 dub.lunarove.com 1 redirects www.gstatic.com
3 events.framer.com predictable-person-269392.framer.app
events.framer.com
3 fonts.gstatic.com fonts.googleapis.com
2 framer.com 2 redirects
2 app.framerstatic.com predictable-person-269392.framer.app
2 play.google.com www.gstatic.com
2 fonts.googleapis.com dub.lunarove.com
1 predictable-person-269392.framer.app 1160897509-atari-embeds.googleusercontent.com
1 1160897509-atari-embeds.googleusercontent.com www.gstatic.com
1 drive.google.com www.gstatic.com
dub.lunarove.com
50 13

This site contains links to these domains. Also see Links.

Domain
www.google.com
Subject Issuer Validity Valid
dub.lunarove.com
GTS CA 1D4		 2023-09-27 -
2023-12-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.framer.app
Amazon RSA 2048 M03		 2023-08-24 -
2024-09-22		 a year crt.sh
framerusercontent.com
Amazon RSA 2048 M02		 2023-02-23 -
2024-02-15		 a year crt.sh
events.framer.com
Amazon RSA 2048 M01		 2023-04-26 -
2024-05-23		 a year crt.sh
framerstatic.com
Amazon RSA 2048 M02		 2023-10-23 -
2024-11-20		 a year crt.sh

This page contains 5 frames:

Primary Page: https://dub.lunarove.com/
Frame ID: 2826C7C66E7604544C83BE657B95DD4F
Requests: 21 HTTP requests in this frame

Frame: https://drive.google.com/auth_warmup?origin=https%3A%2F%2Fdub.lunarove.com
Frame ID: A317BD9DC231785A37B915316F516DA0
Requests: 2 HTTP requests in this frame

Frame: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Wg4ryxGk1iM.O%2Fd%3D1%2Frs%3DAHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ%2Fm%3D__features__&r=69363549
Frame ID: E7434104BE6ED11B61F29B28EE7AF776
Requests: 3 HTTP requests in this frame

Frame: https://1160897509-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Wg4ryxGk1iM.O%2Fd%3D1%2Frs%3DAHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ%2Fm%3D__features__
Frame ID: 0CC7457B62EB3D77246FD736BF9A9EA6
Requests: 3 HTTP requests in this frame

Frame: https://predictable-person-269392.framer.app/
Frame ID: BC6D45D9163148C355A239B7F688D2F7
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home

Page URL History Show full URLs

  1. http://dub.lunarove.com/ HTTP 301
    https://dub.lunarove.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Page Statistics

50
Requests

90 %
HTTPS

85 %
IPv6

9
Domains

13
Subdomains

13
IPs

3
Countries

1359 kB
Transfer

4774 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dub.lunarove.com/ HTTP 301
    https://dub.lunarove.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://framer.com/m/iconoir-icons/Instagram.js@0.0.11 HTTP 302
  • https://framerusercontent.com/modules/rtZJYMVbOOBOJxaDcExt/yFMT7H1cV097JQs3uEgI/Instagram.js
Request Chain 44
  • https://framer.com/m/material-icons/Send.js@0.0.32 HTTP 302
  • https://framerusercontent.com/modules/7nwGkd38LlPIshqtRSKo/26qJHqrvVifQw9QESNcY/Send.js

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dub.lunarove.com/
Redirect Chain
  • http://dub.lunarove.com/
  • https://dub.lunarove.com/
48 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dub.lunarove.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7392c7268eb0a211595278571a2b50f7dd3fa5cd07f6a3da1de6b651fbc9fa9b
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-zgplrbyVjCQzmCS4QrNWVw' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-zgplrbyVjCQzmCS4QrNWVw' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
content-type
text/html; charset=utf-8
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
same-site
date
Fri, 24 Nov 2023 17:25:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
0

Redirect headers

Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Content-Length
0
Content-Type
application/binary
Date
Fri, 24 Nov 2023 17:25:44 GMT
Expires
Mon, 01 Jan 1990 00:00:00 GMT
Location
https://dub.lunarove.com/
Pragma
no-cache
Server
ESF
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
0
css
fonts.googleapis.com/ 		5 KB
935 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic&display=swap
Requested by
Host: dub.lunarove.com
URL: https://dub.lunarove.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3cfe790335dc4ff07f0f501fb361687f88edca78273d2424e0797457924462ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dub.lunarove.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 Nov 2023 17:25:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 Nov 2023 17:03:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Nov 2023 17:25:44 GMT
css
fonts.googleapis.com/ 		28 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Requested by
Host: dub.lunarove.com
URL: https://dub.lunarove.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4a2e8f6c07744ff59534fab4d21430272beab3638bc74f724496b90d923d1468
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dub.lunarove.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 Nov 2023 17:25:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 Nov 2023 17:17:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Nov 2023 17:25:45 GMT
rs=AGEqA5lJ-_-R4be_5kydYm1IcUFlxvzYQQ
www.gstatic.com/_/atari/_/ss/k=atari.vw.h-N7nHqB5AM.L.W.O/am=EAY/d=1/ 		1 MB
153 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/ss/k=atari.vw.h-N7nHqB5AM.L.W.O/am=EAY/d=1/rs=AGEqA5lJ-_-R4be_5kydYm1IcUFlxvzYQQ
Requested by
Host: dub.lunarove.com
URL: https://dub.lunarove.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12e1236578ce282c9342bd42d2529f1cf97708838d57704a2af089bfe3cf262e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dub.lunarove.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 10:36:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
542932
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
156048
x-xss-protection
0
last-modified
Sat, 11 Nov 2023 00:20:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Sun, 17 Nov 2024 10:36:52 GMT
client.js
apis.google.com/js/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/client.js?onload=gapiLoaded
Requested by
Host: dub.lunarove.com
URL: https://dub.lunarove.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62a6f498745a8c0d41320c240871c195acf506fede511488de4fae9b40b68d8d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dub.lunarove.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 Nov 2023 17:25:45 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7114
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"d052d302c1cad6fd"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 17:25:45 GMT
m=view
www.gstatic.com/_/atari/_/js/k=atari.vw.de.6jXoBlOTb50.O/am=EAY/d=1/rs=AGEqA5nGxHmzzChVafClIzr1lhXm64Ju2A/ 		583 KB
198 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.6jXoBlOTb50.O/am=EAY/d=1/rs=AGEqA5nGxHmzzChVafClIzr1lhXm64Ju2A/m=view
Requested by
Host: dub.lunarove.com
URL: https://dub.lunarove.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ce0e10c2dca1b14f16a8a44db0af71a4c62228a1a370bf1f6eac5356c1a5f83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dub.lunarove.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 14:25:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
183590
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
202197
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 08:18:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Thu, 21 Nov 2024 14:25:54 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/ 		316 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dfa3bceb249c735a7936c072cc3937fc8c8169c8f58c9f1fdcadf5f7d43d471
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dub.lunarove.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 12:54:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
361855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110385
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:22:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Nov 2024 12:54:50 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dub.lunarove.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 21:25:42 GMT
x-content-type-options
nosniff
age
590403
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 21:25:42 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dub.lunarove.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 09:09:18 GMT
x-content-type-options
nosniff
age
288987
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Nov 2024 09:09:18 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dub.lunarove.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:58:11 GMT
x-content-type-options
nosniff
age
581254
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 23:58:11 GMT
m=sy19,sy1a,sy18,FoQBg
www.gstatic.com/_/atari/_/js/k=atari.vw.de.6jXoBlOTb50.O/am=EAY/d=0/rs=AGEqA5nGxHmzzChVafClIzr1lhXm64Ju2A/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.6jXoBlOTb50.O/am=EAY/d=0/rs=AGEqA5nGxHmzzChVafClIzr1lhXm64Ju2A/m=sy19,sy1a,sy18,FoQBg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.6jXoBlOTb50.O/am=EAY/d=1/rs=AGEqA5nGxHmzzChVafClIzr1lhXm64Ju2A/m=view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c72b19ebb808a59ca0614d0e0d1f94e785b3054dc1629788eab3ba9dc9b9e7e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dub.lunarove.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 12:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
534856
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12702
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 08:18:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Sun, 17 Nov 2024 12:51:29 GMT
m=sy2u,TRvtze
www.gstatic.com/_/atari/_/js/k=atari.vw.de.6jXoBlOTb50.O/am=EAY/d=0/rs=AGEqA5nGxHmzzChVafClIzr1lhXm64Ju2A/ 		855 B
589 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.6jXoBlOTb50.O/am=EAY/d=0/rs=AGEqA5nGxHmzzChVafClIzr1lhXm64Ju2A/m=sy2u,TRvtze
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.6jXoBlOTb50.O/am=EAY/d=1/rs=AGEqA5nGxHmzzChVafClIzr1lhXm64Ju2A/m=view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b4b662e2036717f99e7375341c7ac83ebccae6f17c2b681c7b4b3d9ea2eabe2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dub.lunarove.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 09:45:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
373211
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
494
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 08:18:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Tue, 19 Nov 2024 09:45:34 GMT
m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy10,X85Uvc,HIeYee,QxOCld,sy2v,abQiW,W26a5e,hJUyqe,sy12,sy16,sy13,sy14,sy15,fuVYe,TGYpv,syj,ruhlUe,KUM7Z,XDKZTc,sy11,qkPXAf,zPx2U,qEW1W,oNFsLb,sy3u,yxTchf,sy3v,sy3w,xQ...
www.gstatic.com/_/atari/_/js/k=atari.vw.de.6jXoBlOTb50.O/am=EAY/d=0/rs=AGEqA5nGxHmzzChVafClIzr1lhXm64Ju2A/ 		1 MB
425 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.6jXoBlOTb50.O/am=EAY/d=0/rs=AGEqA5nGxHmzzChVafClIzr1lhXm64Ju2A/m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy10,X85Uvc,HIeYee,QxOCld,sy2v,abQiW,W26a5e,hJUyqe,sy12,sy16,sy13,sy14,sy15,fuVYe,TGYpv,syj,ruhlUe,KUM7Z,XDKZTc,sy11,qkPXAf,zPx2U,qEW1W,oNFsLb,sy3u,yxTchf,sy3v,sy3w,xQtZb,yf2Bs,sy2,sy8,yyxWAc,qddgKe,sy2x,SM1lmd,sy6,sy5,syx,RRzQxe,zZvHmd,sy7,sya,syk,sy9,fNFZH,sy2w,syl,RrXLpc,cgRV2c,syz,sy1n,o1L5Wb,X4BaPc,syf,Md9ENb,sy1e,sy1f,syp,sy1c,sy1d,Ko0sOe,syn,syw,syy,NlqxW,sy1h,sy1i,sy1k,sy1l,sy1m,sy1t,sy1g,sy1r,sy1q,syb,syr,sy1o,sy1z,sy21,sy24,sy25,sy26,sy27,sy1v,sy20,sy29,sy2i,sy1x,sy1y,sy1j,sy1p,sy1s,sy1u,sy1w,sy23,syo,sy28,sy2a,sy2b,sy2f,sy2g,sy2h,T807ad,sy22,sy2e,ZDEHrf,sy2j,sy2l,sy1b,a9i3ec,CmOog,qYIcH,zTt0Rb,sy2c,sy2d,rj51oe,zAU64c,jhxjge,xHmRee,oy3iwb,sy2k,dBhIIb,Yr1Pcb,LUQjOd,J9ssyb,SB123c,UubMM,LkQmJ,YoEZUb,JKfHhb,DJtOxf,pA2mAb,gypOCd,X4FC5,kYfebb,XMtvld,rrOIJc,ZdZQ6b,Euz7Lc,sAbmxd,heobjb,KlrXId,R4KMEc,sy2m,sy2n,sy2o,sy2p,UYjpC,vVEdxc,sy3,VYKRW,sy17,CG0Qwb,RZ9OZ,N0NZx,szRU7e
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.6jXoBlOTb50.O/am=EAY/d=1/rs=AGEqA5nGxHmzzChVafClIzr1lhXm64Ju2A/m=view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
679ba56363c3d1c0bf54da32cb56451f65006b90daa1635bb760a507d2dc6fe3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dub.lunarove.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 13:25:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
273602
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
434443
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 08:18:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Wed, 20 Nov 2024 13:25:43 GMT
m=sy3l,IZT63,vfuNJf,sy3f,sy3j,sy3m,sy3z,sy3x,sy3y,siKnQd,sy3d,sy3k,sy3o,YNjGDd,sy3n,sy3p,PrPYRd,iFQyKf,hc6Ubd,sy40,SpsfSb,sy3g,sy3i,wR5FRb,pXdRYb,dIoSBb,zbML3c
www.gstatic.com/_/atari/_/js/k=atari.vw.de.6jXoBlOTb50.O/am=EAY/d=0/rs=AGEqA5nGxHmzzChVafClIzr1lhXm64Ju2A/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.6jXoBlOTb50.O/am=EAY/d=0/rs=AGEqA5nGxHmzzChVafClIzr1lhXm64Ju2A/m=sy3l,IZT63,vfuNJf,sy3f,sy3j,sy3m,sy3z,sy3x,sy3y,siKnQd,sy3d,sy3k,sy3o,YNjGDd,sy3n,sy3p,PrPYRd,iFQyKf,hc6Ubd,sy40,SpsfSb,sy3g,sy3i,wR5FRb,pXdRYb,dIoSBb,zbML3c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.6jXoBlOTb50.O/am=EAY/d=1/rs=AGEqA5nGxHmzzChVafClIzr1lhXm64Ju2A/m=view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
642dfda084729a922bb9482852d4ef3b0d4565224ea8451b85872fa7ae322df7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dub.lunarove.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 12:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
534856
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10775
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 08:18:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Sun, 17 Nov 2024 12:51:29 GMT
m=m9oV,sy3q,NTMZac,mzzZzc,rCcCxc,RAnnUd,sy2y,sy2z,uu7UOe,nAFL3,sy2r,gJzDyc,sy30,soHxf,syu,syt,HYv29e,sy31,uY3Nvd
www.gstatic.com/_/atari/_/js/k=atari.vw.de.6jXoBlOTb50.O/am=EAY/d=0/rs=AGEqA5nGxHmzzChVafClIzr1lhXm64Ju2A/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.6jXoBlOTb50.O/am=EAY/d=0/rs=AGEqA5nGxHmzzChVafClIzr1lhXm64Ju2A/m=m9oV,sy3q,NTMZac,mzzZzc,rCcCxc,RAnnUd,sy2y,sy2z,uu7UOe,nAFL3,sy2r,gJzDyc,sy30,soHxf,syu,syt,HYv29e,sy31,uY3Nvd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.6jXoBlOTb50.O/am=EAY/d=1/rs=AGEqA5nGxHmzzChVafClIzr1lhXm64Ju2A/m=view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
267ba29bb8160d1ad7a383ee2befcf4d59e26b45f18289195c8ee0ac322e708e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dub.lunarove.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 09:17:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
288521
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11569
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 08:18:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Wed, 20 Nov 2024 09:17:04 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://dub.lunarove.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
http://play.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 24 Nov 2023 17:25:45 GMT
expires
Fri, 24 Nov 2023 17:25:45 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ 		0
0
logImpressions
dub.lunarove.com/_/view/ 		16 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dub.lunarove.com/_/view/logImpressions?authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.6jXoBlOTb50.O/am=EAY/d=1/rs=AGEqA5nGxHmzzChVafClIzr1lhXm64Ju2A/m=view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dub.lunarove.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 17:25:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
lazy.min.js
www.gstatic.com/feedback/js/help/prod/service/ 		101 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.6jXoBlOTb50.O/am=EAY/d=0/rs=AGEqA5nGxHmzzChVafClIzr1lhXm64Ju2A/m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy10,X85Uvc,HIeYee,QxOCld,sy2v,abQiW,W26a5e,hJUyqe,sy12,sy16,sy13,sy14,sy15,fuVYe,TGYpv,syj,ruhlUe,KUM7Z,XDKZTc,sy11,qkPXAf,zPx2U,qEW1W,oNFsLb,sy3u,yxTchf,sy3v,sy3w,xQtZb,yf2Bs,sy2,sy8,yyxWAc,qddgKe,sy2x,SM1lmd,sy6,sy5,syx,RRzQxe,zZvHmd,sy7,sya,syk,sy9,fNFZH,sy2w,syl,RrXLpc,cgRV2c,syz,sy1n,o1L5Wb,X4BaPc,syf,Md9ENb,sy1e,sy1f,syp,sy1c,sy1d,Ko0sOe,syn,syw,syy,NlqxW,sy1h,sy1i,sy1k,sy1l,sy1m,sy1t,sy1g,sy1r,sy1q,syb,syr,sy1o,sy1z,sy21,sy24,sy25,sy26,sy27,sy1v,sy20,sy29,sy2i,sy1x,sy1y,sy1j,sy1p,sy1s,sy1u,sy1w,sy23,syo,sy28,sy2a,sy2b,sy2f,sy2g,sy2h,T807ad,sy22,sy2e,ZDEHrf,sy2j,sy2l,sy1b,a9i3ec,CmOog,qYIcH,zTt0Rb,sy2c,sy2d,rj51oe,zAU64c,jhxjge,xHmRee,oy3iwb,sy2k,dBhIIb,Yr1Pcb,LUQjOd,J9ssyb,SB123c,UubMM,LkQmJ,YoEZUb,JKfHhb,DJtOxf,pA2mAb,gypOCd,X4FC5,kYfebb,XMtvld,rrOIJc,ZdZQ6b,Euz7Lc,sAbmxd,heobjb,KlrXId,R4KMEc,sy2m,sy2n,sy2o,sy2p,UYjpC,vVEdxc,sy3,VYKRW,sy17,CG0Qwb,RZ9OZ,N0NZx,szRU7e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e901ebb09fa9903e237ef74d0578bede0331fb3ef264ea7dabf79f894dd9556
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dub.lunarove.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 17:06:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1175
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36058
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 17:41:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="product-feedback-gathering"
vary
Accept-Encoding, Origin
report-to
{"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Fri, 24 Nov 2023 17:56:10 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/ 		261 B
210 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4de02f4d3d995221d554f93fb5398b6db8c7ebd64ff1a1ffdd69aadb74b82f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dub.lunarove.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 12:32:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
535995
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
183
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:22:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Nov 2024 12:32:30 GMT
auth_warmup
drive.google.com/ Frame A317 		0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://drive.google.com/auth_warmup?origin=https%3A%2F%2Fdub.lunarove.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.6jXoBlOTb50.O/am=EAY/d=0/rs=AGEqA5nGxHmzzChVafClIzr1lhXm64Ju2A/m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy10,X85Uvc,HIeYee,QxOCld,sy2v,abQiW,W26a5e,hJUyqe,sy12,sy16,sy13,sy14,sy15,fuVYe,TGYpv,syj,ruhlUe,KUM7Z,XDKZTc,sy11,qkPXAf,zPx2U,qEW1W,oNFsLb,sy3u,yxTchf,sy3v,sy3w,xQtZb,yf2Bs,sy2,sy8,yyxWAc,qddgKe,sy2x,SM1lmd,sy6,sy5,syx,RRzQxe,zZvHmd,sy7,sya,syk,sy9,fNFZH,sy2w,syl,RrXLpc,cgRV2c,syz,sy1n,o1L5Wb,X4BaPc,syf,Md9ENb,sy1e,sy1f,syp,sy1c,sy1d,Ko0sOe,syn,syw,syy,NlqxW,sy1h,sy1i,sy1k,sy1l,sy1m,sy1t,sy1g,sy1r,sy1q,syb,syr,sy1o,sy1z,sy21,sy24,sy25,sy26,sy27,sy1v,sy20,sy29,sy2i,sy1x,sy1y,sy1j,sy1p,sy1s,sy1u,sy1w,sy23,syo,sy28,sy2a,sy2b,sy2f,sy2g,sy2h,T807ad,sy22,sy2e,ZDEHrf,sy2j,sy2l,sy1b,a9i3ec,CmOog,qYIcH,zTt0Rb,sy2c,sy2d,rj51oe,zAU64c,jhxjge,xHmRee,oy3iwb,sy2k,dBhIIb,Yr1Pcb,LUQjOd,J9ssyb,SB123c,UubMM,LkQmJ,YoEZUb,JKfHhb,DJtOxf,pA2mAb,gypOCd,X4FC5,kYfebb,XMtvld,rrOIJc,ZdZQ6b,Euz7Lc,sAbmxd,heobjb,KlrXId,R4KMEc,sy2m,sy2n,sy2o,sy2p,UYjpC,vVEdxc,sy3,VYKRW,sy17,CG0Qwb,RZ9OZ,N0NZx,szRU7e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport script-src 'report-sample' 'nonce-oEMWyKHTfUSSlPLFTEPVLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dub.lunarove.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport script-src 'report-sample' 'nonce-oEMWyKHTfUSSlPLFTEPVLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Fri, 24 Nov 2023 17:25:45 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
intermediate-frame-minified.html
www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/ Frame E743 		2 KB
969 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Wg4ryxGk1iM.O%2Fd%3D1%2Frs%3DAHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ%2Fm%3D__features__&r=69363549
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.6jXoBlOTb50.O/am=EAY/d=1/rs=AGEqA5nGxHmzzChVafClIzr1lhXm64Ju2A/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3691026b21b883801b6f0f4df2e35d5c862a4dc92445d48a00fc43147d1c70c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dub.lunarove.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
944
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 17:25:45 GMT
expires
Sat, 23 Nov 2024 17:25:45 GMT
last-modified
Fri, 24 Nov 2023 08:34:57 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
api.js
apis.google.com/js/ Frame E743 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Wg4ryxGk1iM.O%2Fd%3D1%2Frs%3DAHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ%2Fm%3D__features__&r=69363549
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04b4fecb7946b0d9e6c275685179c3cd54b9946d1adb8a01faee81e2e560ca7f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 Nov 2023 17:25:45 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7112
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"241a6a66017d8392"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 17:25:45 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/ Frame E743 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4925be72da48ceaed81cdefd7060d276a622dad113bc4dbe44c66477a5e347
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 08:09:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
551794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20593
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:22:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Nov 2024 08:09:11 GMT
inner-frame-minified.html
1160897509-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/ Frame 0CC7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1160897509-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Wg4ryxGk1iM.O%2Fd%3D1%2Frs%3DAHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ%2Fm%3D__features__
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Wg4ryxGk1iM.O%2Fd%3D1%2Frs%3DAHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ%2Fm%3D__features__&r=69363549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80e142904c9feeca9d8c64af55dabfda8032b2ac29fc26ca11d59aa1abddc6ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
915
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 17:25:45 GMT
expires
Sat, 23 Nov 2024 17:25:45 GMT
last-modified
Fri, 24 Nov 2023 08:34:57 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
api.js
apis.google.com/js/ Frame 0CC7 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: 1160897509-atari-embeds.googleusercontent.com
URL: https://1160897509-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Wg4ryxGk1iM.O%2Fd%3D1%2Frs%3DAHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04b4fecb7946b0d9e6c275685179c3cd54b9946d1adb8a01faee81e2e560ca7f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1160897509-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 Nov 2023 17:25:45 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7112
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"241a6a66017d8392"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 17:25:45 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/ Frame 0CC7 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4925be72da48ceaed81cdefd7060d276a622dad113bc4dbe44c66477a5e347
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1160897509-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 08:09:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
551794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20593
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:22:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Nov 2024 08:09:11 GMT
/
predictable-person-269392.framer.app/ Frame BC6D 		96 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://predictable-person-269392.framer.app/
Requested by
Host: 1160897509-atari-embeds.googleusercontent.com
URL: https://1160897509-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Wg4ryxGk1iM.O%2Fd%3D1%2Frs%3DAHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.251.49.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-49-25.eu-west-1.compute.amazonaws.com
Software
Framer/9989a3b /
Resource Hash
bd66fbe5727f360107bf6af2903aaa6b78da9fd697b0cce2263d5f5f6a5dc6ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://1160897509-atari-embeds.googleusercontent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=0, must-revalidate
content-encoding
br
content-length
9412
content-type
text/html
date
Fri, 24 Nov 2023 17:25:46 GMT
etag
"b92aa1007f8ec8d18079f5ae35075449"
last-modified
Wed, 27 Sep 2023 18:21:19 GMT
link
<https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
server
Framer/9989a3b
server-timing
region;desc="eu-west-1", cache;desc="not-cached", ssg-status;desc="optimized", version;desc="9989a3b"
strict-transport-security
max-age=31536000
vary
Accept-Encoding
chunk-WW24FKWU.mjs
framerusercontent.com/sites/4ujk1dJ75aJdvanom5iKbw/ Frame BC6D 		133 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/4ujk1dJ75aJdvanom5iKbw/chunk-WW24FKWU.mjs
Requested by
Host: predictable-person-269392.framer.app
URL: https://predictable-person-269392.framer.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
476db26502cebc8fe2237bd366df9c46246f57f9a47a72f4c703cd94cc04d4fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://predictable-person-269392.framer.app/
Origin
https://predictable-person-269392.framer.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 17:25:47 GMT
x-amz-version-id
2aypgZTL9AuSwIyUHIjLW.HaHVMfMfYd
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 27 Sep 2023 18:21:19 GMT
server
CloudFront
etag
W/"aaa7f49a338599ee655edf0cace7ad49"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
rocyEBD05UWY3bl4gbRQzwH_QzXe_25g9kAbNaUzd7kK8DswyhtkWg==
chunk-UFS5OFCR.mjs
framerusercontent.com/sites/4ujk1dJ75aJdvanom5iKbw/ Frame BC6D 		375 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/4ujk1dJ75aJdvanom5iKbw/chunk-UFS5OFCR.mjs
Requested by
Host: predictable-person-269392.framer.app
URL: https://predictable-person-269392.framer.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
ec2ce662a2d0521b901d7c1146952f2150c25a04b5768f34b02fbfdc13a126f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://predictable-person-269392.framer.app/
Origin
https://predictable-person-269392.framer.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 17:25:47 GMT
x-amz-version-id
KX3.eSwXhorobJ3tD8vQe9OhL8HfJOB6
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 27 Sep 2023 18:21:19 GMT
server
CloudFront
etag
W/"459b2892a37f027fe63b2e067bffd7e2"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
wkrO_Lvr73Xp9eCZ69AHsCUkdSdqYzddZmI2t1o4__qXNQIEpUlKjg==
chunk-ELYU6EKT.mjs
framerusercontent.com/sites/4ujk1dJ75aJdvanom5iKbw/ Frame BC6D 		447 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/4ujk1dJ75aJdvanom5iKbw/chunk-ELYU6EKT.mjs
Requested by
Host: predictable-person-269392.framer.app
URL: https://predictable-person-269392.framer.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
4e0ea1029eab3b7c0bb3183eaa684b29064f2de371720317b8a35519fe26589e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://predictable-person-269392.framer.app/
Origin
https://predictable-person-269392.framer.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 17:25:47 GMT
x-amz-version-id
MYTREcD9uCs5e0WEJjoiE1uXTGd0zjeJ
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
447
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 27 Sep 2023 18:21:19 GMT
server
CloudFront
etag
"bac0d5b5f6a61029b51079932ccda746"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
x-amz-cf-id
dT_qv8dFMIlU_H4qYPrWXZVz6wwg-HGxFBG-EB3RV-RLhVG30otETQ==
q9nuqxng6mHpCPDq5JXfRQJP_-8ZxkgVmLzZYcv4wbI.KFBRQKKQ.mjs
framerusercontent.com/sites/4ujk1dJ75aJdvanom5iKbw/ Frame BC6D 		60 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/4ujk1dJ75aJdvanom5iKbw/q9nuqxng6mHpCPDq5JXfRQJP_-8ZxkgVmLzZYcv4wbI.KFBRQKKQ.mjs
Requested by
Host: predictable-person-269392.framer.app
URL: https://predictable-person-269392.framer.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
16feb5c96ca90d6eaede7b7766fcb6dec80e26c55221dcefcc333f83d57397de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://predictable-person-269392.framer.app/
Origin
https://predictable-person-269392.framer.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 17:25:47 GMT
x-amz-version-id
1_NMDxrTXuwXeFaSdyu9VcCwZFiI.UZr
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 27 Sep 2023 18:21:19 GMT
server
CloudFront
etag
W/"f39a23da4016a9ca115c4ba8ac59ef32"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
RsjU1TMD14qI3hpMWHa-BfmuoJM9eysiVpejazdPfCoc4dlyReklSg==
chunk-R2WN3EGW.mjs
framerusercontent.com/sites/4ujk1dJ75aJdvanom5iKbw/ Frame BC6D 		1000 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/4ujk1dJ75aJdvanom5iKbw/chunk-R2WN3EGW.mjs
Requested by
Host: predictable-person-269392.framer.app
URL: https://predictable-person-269392.framer.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
73bf6e70c1cfd3e0554a97341e8c1eb157e6703d58f508551e6d8a177c5891ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://predictable-person-269392.framer.app/
Origin
https://predictable-person-269392.framer.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 17:25:47 GMT
x-amz-version-id
EhwwQxH3hNrm.5RjiAxNcEPQQBJsYfHf
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 27 Sep 2023 18:21:19 GMT
server
CloudFront
etag
W/"155151134618ec6555d5871c92fd9833"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
h8cgdTk0sCfljwgmUBPpGQfc7uPbPbIU2iQrOTF8rgiRPTtUZmsggA==
chunk-5CPMZHGY.mjs
framerusercontent.com/sites/4ujk1dJ75aJdvanom5iKbw/ Frame BC6D 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/4ujk1dJ75aJdvanom5iKbw/chunk-5CPMZHGY.mjs
Requested by
Host: predictable-person-269392.framer.app
URL: https://predictable-person-269392.framer.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
07ecbb4ab69da4cb8f590a7f0d06f0b5d6f4286de6996bccb68a06331bf5ba1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://predictable-person-269392.framer.app/
Origin
https://predictable-person-269392.framer.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 17:25:47 GMT
x-amz-version-id
m3RyEF4w9ryd9xfE3l0R4TqtNSyMXk6T
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 27 Sep 2023 18:21:19 GMT
server
CloudFront
etag
W/"40fb8b02f7b3fcf12c3c21a85a22cabb"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
4_TaArJN9Pb1TFCiyiEsNXeXAwLstYspMPGjzWRhkX4rTTmc-1a02w==
chunk-2VN6ZXSY.mjs
framerusercontent.com/sites/4ujk1dJ75aJdvanom5iKbw/ Frame BC6D 		736 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/4ujk1dJ75aJdvanom5iKbw/chunk-2VN6ZXSY.mjs
Requested by
Host: predictable-person-269392.framer.app
URL: https://predictable-person-269392.framer.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
7f363e3eda5d2a6dbe8e5c3e643c885f43f6e0dc036c0ac428c87d7cfa441261
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://predictable-person-269392.framer.app/
Origin
https://predictable-person-269392.framer.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 17:25:47 GMT
x-amz-version-id
7551QurzDNcCRjJh5DEvX.JK7kQLnKIt
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
736
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 27 Sep 2023 18:21:19 GMT
server
CloudFront
etag
"d841ce6474c9456af4c6e110fcb42a85"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
x-amz-cf-id
thMsBW97WuVzuz3_TaHhoXw8R9H_hWlRyD6ZQu5UluPwRMGj5jkbrA==
chunk-42U43NKG.mjs
framerusercontent.com/sites/4ujk1dJ75aJdvanom5iKbw/ Frame BC6D 		44 B
790 B 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/4ujk1dJ75aJdvanom5iKbw/chunk-42U43NKG.mjs
Requested by
Host: predictable-person-269392.framer.app
URL: https://predictable-person-269392.framer.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
7b2faec4335de81abbf1ebf794f91a4f2b870b317093448b84082b5f411c741c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://predictable-person-269392.framer.app/
Origin
https://predictable-person-269392.framer.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 17:25:47 GMT
x-amz-version-id
GHHmGYtV8XtioOFOJrFCPVfSWmZ2T16p
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
44
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 27 Sep 2023 18:21:19 GMT
server
CloudFront
etag
"f5fe0cab78140e0e5aa29f68ce8c2888"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
x-amz-cf-id
OQ8gIrccbk-Zkveo_OyfBdMeL0KTTnGjcJ-b00zoBgtmJoL6X5upPQ==
script
events.framer.com/ Frame BC6D 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/script
Requested by
Host: predictable-person-269392.framer.app
URL: https://predictable-person-269392.framer.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.222.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-222-38.lhr61.r.cloudfront.net
Software
/
Resource Hash
1ead087aefba734350a34fc18289ab83b03ab93901970edaaf19b14cec96fb3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://predictable-person-269392.framer.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 17:25:46 GMT
via
1.1 1acbf665fe00b4d436f38e8eeb0ab540.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
15617
x-amz-cf-pop
LHR61-C2
x-amzn-trace-id
Root=1-6560dc9a-2bc1ec605289279f7375edc4
x-amzn-requestid
714a9d50-b93e-4cfb-bfa2-018bc9d7766e
x-cache
Miss from cloudfront
content-type
text/javascript
timestamp
Fri, 24 Nov 2023 17:22:07 GMT
x-amz-apigw-id
O6doNH_FoAMEfMQ=
content-length
15617
x-amz-cf-id
HAdqRTq8WDVRbz2FfJwZvguPOy2JP8jyRvzdrLCSU8PCe4hUQCOrAQ==
preview_script0.2DBMCXVX.mjs
framerusercontent.com/sites/4ujk1dJ75aJdvanom5iKbw/ Frame BC6D 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/4ujk1dJ75aJdvanom5iKbw/preview_script0.2DBMCXVX.mjs
Requested by
Host: predictable-person-269392.framer.app
URL: https://predictable-person-269392.framer.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
d35451ab0e5ae4f3b2e7e0feee4295dcaa78ec54f66fff633c9ee0c35e0567fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://predictable-person-269392.framer.app/
Origin
https://predictable-person-269392.framer.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 17:25:47 GMT
x-amz-version-id
fbxemv0iobj6qwjCyxav4NymTPjgkVfS
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 27 Sep 2023 18:21:19 GMT
server
CloudFront
etag
W/"f324c93c46871679236a39f8177db445"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
tgsjY4OXB2EYr7xJO69Dz9QLw3olWqZbcvRcKrF_PJicGkIa2Oh5Lw==
Inter-Regular.latin-JLQMKCHE.woff2
app.framerstatic.com/ Frame BC6D 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.framerstatic.com/Inter-Regular.latin-JLQMKCHE.woff2
Requested by
Host: predictable-person-269392.framer.app
URL: https://predictable-person-269392.framer.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:5400:d:6b42:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
c68a6f081906c9d9be0fc4f3dd09a212d53039747f676fa524692af4c7c170d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://predictable-person-269392.framer.app/
Origin
https://predictable-person-269392.framer.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 06:30:21 GMT
x-amz-version-id
null
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
3322526
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19024
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 16 Oct 2023 21:34:41 GMT
server
CloudFront
etag
"e8e69f41b1da2a7b6e6fcb959e00e736"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
32-H-1nH3OA0mIhkzW__zU63T2O4L8x9yccHLvMODrGUJlWyyLSjtA==
Inter-SemiBold.latin-RDYY2AG2.woff2
app.framerstatic.com/ Frame BC6D 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.framerstatic.com/Inter-SemiBold.latin-RDYY2AG2.woff2
Requested by
Host: predictable-person-269392.framer.app
URL: https://predictable-person-269392.framer.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:5400:d:6b42:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
fc7298db7d88e095c67673d0dae268cd4fc070571692a6df810e80d8cba03157
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://predictable-person-269392.framer.app/
Origin
https://predictable-person-269392.framer.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 01:12:43 GMT
x-amz-version-id
null
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
3600784
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20072
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 13 Oct 2023 17:01:49 GMT
server
CloudFront
etag
"6a7880ce1bd9abb417faf126dccfd935"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
XKmZsd03vbeA6SXp8aQZGaBVkjCuMWKN3-VYzV9IBoIZWr662ofmBw==
anonymous
events.framer.com/ Frame BC6D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/anonymous
Requested by
Host: events.framer.com
URL: https://events.framer.com/script
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.222.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-222-38.lhr61.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://predictable-person-269392.framer.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 24 Nov 2023 17:25:47 GMT
via
1.1 1acbf665fe00b4d436f38e8eeb0ab540.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-C2
x-amzn-trace-id
Root=1-6560dc9b-20c7f90111c2ca6f0e7aa0d8;Sampled=1;lineage=c457ad49:0
x-amzn-requestid
f68faecf-d182-4552-bf67-6f2b0f768f36
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
O6doUEUNoAMEQtg=
content-length
0
x-amz-cf-id
X1ew54sb3fys3AsWMmGw5fxcYtp4uJwO5RPPm9tXZpagANdkVwFQRQ==
anonymous
events.framer.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/anonymous
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.222.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-222-38.lhr61.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://predictable-person-269392.framer.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Fri, 24 Nov 2023 17:25:47 GMT
via
1.1 1acbf665fe00b4d436f38e8eeb0ab540.cloudfront.net (CloudFront)
x-amz-apigw-id
O6doRGKTIAMEq8Q=
x-amz-cf-id
D0v-WKHdmCrlWy3Wxx0_su7oNtPFTuVDatpQHzY6C6FreiNlF61bfQ==
x-amz-cf-pop
LHR61-C2
x-amzn-requestid
21917231-62ac-4c60-87dc-2305da4edf77
x-cache
Miss from cloudfront
__framer-badge.X4COM5PP.mjs
framerusercontent.com/sites/4ujk1dJ75aJdvanom5iKbw/ Frame BC6D 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/4ujk1dJ75aJdvanom5iKbw/__framer-badge.X4COM5PP.mjs
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/4ujk1dJ75aJdvanom5iKbw/preview_script0.2DBMCXVX.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
799d6fe7089370c907c637e1699ceb041f43d2d74528c7ed2a240582a433d4a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://framerusercontent.com/sites/4ujk1dJ75aJdvanom5iKbw/preview_script0.2DBMCXVX.mjs
Origin
https://predictable-person-269392.framer.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 17:25:48 GMT
x-amz-version-id
.LxIYpnXx_Et4dYjP96R_DH0BeV7VPYs
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 27 Sep 2023 18:21:19 GMT
server
CloudFront
etag
W/"b77e11335b84049f6551e2b46def17af"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
ef8uAKkCe9u6Gcc3WEftyD9V_bErXQn0c_LzPDhSGKJ3xm84biRNhw==
jefJqrFzS1k7oiQC6010jjSRlso7mnDsJNBNOk5kf7c.OY4QGVSI.mjs
framerusercontent.com/sites/4ujk1dJ75aJdvanom5iKbw/ Frame BC6D 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/4ujk1dJ75aJdvanom5iKbw/jefJqrFzS1k7oiQC6010jjSRlso7mnDsJNBNOk5kf7c.OY4QGVSI.mjs
Requested by
Host: framerusercontent.com
URL: https://framerusercontent.com/sites/4ujk1dJ75aJdvanom5iKbw/preview_script0.2DBMCXVX.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2490:5200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
97d2b3d4c70270d5b436bd1c27b0546ed7641d3a547806cad621932c01231f38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://framerusercontent.com/sites/4ujk1dJ75aJdvanom5iKbw/preview_script0.2DBMCXVX.mjs
Origin
https://predictable-person-269392.framer.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 17:25:48 GMT
x-amz-version-id
QHoiUN73x3nl5M5.cz3Y_z7bUsy6uGZA
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
via
1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 27 Sep 2023 18:21:19 GMT
server
CloudFront
etag
W/"e5b59aee00589179c6c0a03e6a9dd45c"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
O-KkPpZkF-4-cEN4tKKOXPomnE5LMMRt60yxkkKM-3iR91JLk0YcLQ==
Instagram.js
framerusercontent.com/modules/rtZJYMVbOOBOJxaDcExt/yFMT7H1cV097JQs3uEgI/ Frame BC6D
Redirect Chain
  • https://framer.com/m/iconoir-icons/Instagram.js@0.0.11
  • https://framerusercontent.com/modules/rtZJYMVbOOBOJxaDcExt/yFMT7H1cV097JQs3uEgI/Instagram.js
632 B
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/modules/rtZJYMVbOOBOJxaDcExt/yFMT7H1cV097JQs3uEgI/Instagram.js
Protocol
H3
Server
2600:9000:2490:5200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5a457c58bb4c04a5f62036e24391d7613e066cee6e7a308c8cabbe08cbec975b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://framerusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 18:49:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
age
254174
x-amz-cf-pop
FRA56-P6
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
632
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
x-amz-cf-id
6lcuo0CODhQMklFHQHzr7xH607TqTl_Rw_NGxFp5zHB_bJol6fflpg==

Redirect headers

date
Fri, 24 Nov 2023 17:07:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 bf1322673c76eb0dbc1cb8544c47f1e2.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P2
age
1080
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
115
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/html; charset=utf-8
location
https://framerusercontent.com/modules/rtZJYMVbOOBOJxaDcExt/yFMT7H1cV097JQs3uEgI/Instagram.js
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
j1NmiN8S0byW-CZIuGFfh5B7ZrifYh574OMA-CQZzTCcO87jxCdZgQ==
Send.js
framerusercontent.com/modules/7nwGkd38LlPIshqtRSKo/26qJHqrvVifQw9QESNcY/ Frame BC6D
Redirect Chain
  • https://framer.com/m/material-icons/Send.js@0.0.32
  • https://framerusercontent.com/modules/7nwGkd38LlPIshqtRSKo/26qJHqrvVifQw9QESNcY/Send.js
139 B
500 B 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/modules/7nwGkd38LlPIshqtRSKo/26qJHqrvVifQw9QESNcY/Send.js
Protocol
H3
Server
2600:9000:2490:5200:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6cb3f87377e1d539b6fe31e4673b8cfa2cce219d6c14f35ad1812626c30f923f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://framerusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 17:43:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
age
517309
x-amz-cf-pop
FRA56-P6
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
139
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
x-amz-cf-id
WsrTIkPcdnZrwgr2BTi-nIXTFLKurPZWAC4CpIGTBKTKkn5jpSk34A==

Redirect headers

date
Fri, 24 Nov 2023 16:46:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 bf1322673c76eb0dbc1cb8544c47f1e2.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P2
age
2361
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
110
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/html; charset=utf-8
location
https://framerusercontent.com/modules/7nwGkd38LlPIshqtRSKo/26qJHqrvVifQw9QESNcY/Send.js
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
s7ckuL2TeC5pEzwLvSD6Md8mVJNwlilPVhh4rS9rz9_BD9s_SNoWIQ==
truncated
/ Frame BC6D 		254 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a852e0caa2a81cd62b8264e46e91092b49013faf44e8e5f09e44c5984aa033fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame BC6D 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22668234d8364958181dfb5e4acf3206a18d9aa17a01f6f7b91943b6ebb5d54f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://dub.lunarove.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
http://play.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 24 Nov 2023 17:25:48 GMT
expires
Fri, 24 Nov 2023 17:25:48 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ 		0
0
logImpressions
dub.lunarove.com/_/view/ 		16 B
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dub.lunarove.com/_/view/logImpressions?authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.6jXoBlOTb50.O/am=EAY/d=1/rs=AGEqA5nGxHmzzChVafClIzr1lhXm64Ju2A/m=view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dub.lunarove.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 17:25:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
cspreport
drive.google.com/_/DriveOsidBootstrap/ Frame A317 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Domain
drive.google.com
URL
https://drive.google.com/_/DriveOsidBootstrap/cspreport

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture object| DOCS_timing function| _DumpException object| _docs_flag_initialData object| _docs_flag_cek function| gapiLoaded object| _at_config object| globals object| messages object| gapi object| ___jsl function| bgImgLoaded object| default_vw object| _F_toggles function| _F_installCss object| _bind object| closure_lm_420504 object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis function| _getTimingInstance function| _docsTiming function| MicroscopeImageMetadata object| MicroscopeMaximizeMode object| MicroscopeBackgroundStyle function| MicroscopeState function| MicroscopeSize object| MicroscopeResizeMode object| MicroscopeZoomWidgetMode function| Microscope object| userfeedback object| help

1 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=kO6Nk5WI3fY_r7Nqm3WUbRcl2Cob27DuYAK4h8bJqB7Kut8Y5ntIZF0_WHZBLwy7DLzA116Hm_IyYAqJklS5C30bzK49tT0FFW3aV_vwm-ZHRf4Ez29IFDx8gxW54620mSj6u2vw3xsp6HWJ9fCPkwV9QnutqaorJn59aDwu42s

7 Console Messages

Source Level URL
Text
security warning URL: about:blank
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript error URL: https://dub.lunarove.com/
Message:
Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true&authuser=0' from origin 'https://dub.lunarove.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network error URL: https://play.google.com/log?format=json&hasfast=true&authuser=0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://dub.lunarove.com/
Message:
Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true&authuser=0' from origin 'https://dub.lunarove.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network error URL: https://play.google.com/log?format=json&hasfast=true&authuser=0
Message:
Failed to load resource: net::ERR_FAILED
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://drive.google.com/start
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-zgplrbyVjCQzmCS4QrNWVw' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1160897509-atari-embeds.googleusercontent.com
apis.google.com
app.framerstatic.com
drive.google.com
dub.lunarove.com
events.framer.com
fonts.googleapis.com
fonts.gstatic.com
framer.com
framerusercontent.com
play.google.com
predictable-person-269392.framer.app
www.gstatic.com
drive.google.com
play.google.com
13.224.222.38
2600:9000:223e:5400:d:6b42:4ec0:93a1
2600:9000:2394:d600:10:9b9d:b9c0:93a1
2600:9000:2490:5200:d:ada1:a280:93a1
2a00:1450:4001:809::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:813::2013
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
34.251.49.25
04b4fecb7946b0d9e6c275685179c3cd54b9946d1adb8a01faee81e2e560ca7f
07ecbb4ab69da4cb8f590a7f0d06f0b5d6f4286de6996bccb68a06331bf5ba1f
12e1236578ce282c9342bd42d2529f1cf97708838d57704a2af089bfe3cf262e
16feb5c96ca90d6eaede7b7766fcb6dec80e26c55221dcefcc333f83d57397de
1ead087aefba734350a34fc18289ab83b03ab93901970edaaf19b14cec96fb3b
22668234d8364958181dfb5e4acf3206a18d9aa17a01f6f7b91943b6ebb5d54f
267ba29bb8160d1ad7a383ee2befcf4d59e26b45f18289195c8ee0ac322e708e
2dfa3bceb249c735a7936c072cc3937fc8c8169c8f58c9f1fdcadf5f7d43d471
3691026b21b883801b6f0f4df2e35d5c862a4dc92445d48a00fc43147d1c70c8
3cfe790335dc4ff07f0f501fb361687f88edca78273d2424e0797457924462ea
476db26502cebc8fe2237bd366df9c46246f57f9a47a72f4c703cd94cc04d4fc
4a2e8f6c07744ff59534fab4d21430272beab3638bc74f724496b90d923d1468
4e0ea1029eab3b7c0bb3183eaa684b29064f2de371720317b8a35519fe26589e
4e901ebb09fa9903e237ef74d0578bede0331fb3ef264ea7dabf79f894dd9556
5a457c58bb4c04a5f62036e24391d7613e066cee6e7a308c8cabbe08cbec975b
62a6f498745a8c0d41320c240871c195acf506fede511488de4fae9b40b68d8d
642dfda084729a922bb9482852d4ef3b0d4565224ea8451b85872fa7ae322df7
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
679ba56363c3d1c0bf54da32cb56451f65006b90daa1635bb760a507d2dc6fe3
6cb3f87377e1d539b6fe31e4673b8cfa2cce219d6c14f35ad1812626c30f923f
7392c7268eb0a211595278571a2b50f7dd3fa5cd07f6a3da1de6b651fbc9fa9b
73bf6e70c1cfd3e0554a97341e8c1eb157e6703d58f508551e6d8a177c5891ae
799d6fe7089370c907c637e1699ceb041f43d2d74528c7ed2a240582a433d4a6
7b2faec4335de81abbf1ebf794f91a4f2b870b317093448b84082b5f411c741c
7f363e3eda5d2a6dbe8e5c3e643c885f43f6e0dc036c0ac428c87d7cfa441261
80e142904c9feeca9d8c64af55dabfda8032b2ac29fc26ca11d59aa1abddc6ab
8b4b662e2036717f99e7375341c7ac83ebccae6f17c2b681c7b4b3d9ea2eabe2
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
97d2b3d4c70270d5b436bd1c27b0546ed7641d3a547806cad621932c01231f38
9ce0e10c2dca1b14f16a8a44db0af71a4c62228a1a370bf1f6eac5356c1a5f83
a852e0caa2a81cd62b8264e46e91092b49013faf44e8e5f09e44c5984aa033fe
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bd66fbe5727f360107bf6af2903aaa6b78da9fd697b0cce2263d5f5f6a5dc6ab
c68a6f081906c9d9be0fc4f3dd09a212d53039747f676fa524692af4c7c170d5
c72b19ebb808a59ca0614d0e0d1f94e785b3054dc1629788eab3ba9dc9b9e7e8
cf4925be72da48ceaed81cdefd7060d276a622dad113bc4dbe44c66477a5e347
d35451ab0e5ae4f3b2e7e0feee4295dcaa78ec54f66fff633c9ee0c35e0567fd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec2ce662a2d0521b901d7c1146952f2150c25a04b5768f34b02fbfdc13a126f2
f4de02f4d3d995221d554f93fb5398b6db8c7ebd64ff1a1ffdd69aadb74b82f6
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc7298db7d88e095c67673d0dae268cd4fc070571692a6df810e80d8cba03157