everhelper.me Open in urlscan Pro
44.193.126.230 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://everhelper.me/
Effective URL:
https://everhelper.me/
Submission: On October 28 via api (October 28th 2021, 1:21:03 pm UTC) from JP — Scanned from JP

Summary HTTP 52 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 8 domains to perform 52 HTTP transactions. The main IP is 44.193.126.230, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is everhelper.me.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 28th 2021. Valid for: a year.

This is the only time everhelper.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 30	44.193.126.230 44.193.126.230	14618 (AMAZON-AES) (AMAZON-AES)
6	2404:6800:400... 2404:6800:4004:823::2002	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:826::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::15	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:820::2002	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:825::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.161.34 172.217.161.34	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:824::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:821::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:81d::2001	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:811::2004	15169 (GOOGLE) (GOOGLE)
52	11

30 44.193.126.230 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-126-230.compute-1.amazonaws.com

everhelper.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:823::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:826::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::15 (United States)

ASN15169 (GOOGLE, US)

metrics.everhelper.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:820::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:825::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.161.34 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s23-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:824::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:821::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:81d::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:811::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	everhelper.me 1 redirects everhelper.me metrics.everhelper.me	447 KB
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	182 KB
4	google-analytics.com www.google-analytics.com	20 KB
3	googletagmanager.com www.googletagmanager.com	133 KB
2	google.com adservice.google.com www.google.com	2 KB
2	doubleclick.net googleads.g.doubleclick.net	5 KB
1	google.co.jp adservice.google.co.jp	792 B
1	googleadservices.com partner.googleadservices.com	610 B
52	8

	Domain	Requested by
30	everhelper.me	1 redirects everhelper.me
6	pagead2.googlesyndication.com	everhelper.me pagead2.googlesyndication.com tpc.googlesyndication.com
4	www.google-analytics.com	everhelper.me www.google-analytics.com www.googletagmanager.com
3	www.googletagmanager.com	everhelper.me www.googletagmanager.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	metrics.everhelper.me	everhelper.me www.googletagmanager.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.jp	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
52	11

This site contains links to these domains. Also see Links.

Domain
www.everhelper.me
chrome.google.com
nimbusweb.me

Subject Issuer	Validity	Valid
*.everhelper.me Sectigo RSA Domain Validation Secure Server CA	`2021-06-28` - `2022-06-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
metrics.everhelper.me GTS CA 1D4	`2021-09-30` - `2021-12-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://everhelper.me/
Frame ID: FD38EF41A2DEE6D20AEBEE66A493B112
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20190131/zrt_lookup.html
Frame ID: 1D8540A99A023A0D91F6C9E24C838A99
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8568998613366461&output=html&adk=1812271804&adf=3025194257&lmt=1635427257&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Feverhelper.me%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635427256990&bpp=2&bdt=1240&idt=184&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4988675135548&frm=20&pv=2&ga_vid=450848112.1635427257&ga_sid=1635427257&ga_hid=188098125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063316%2C31063139%2C31063166&oid=2&pvsid=1907190360317586&pem=858&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=199
Frame ID: 2E5F09261482296D183C20D9ABDEBBB4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: DA92FDB92D35F6EA9E73AD07603C72BA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 84C57B28DC0B2FB7434CF50E443B1498
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Everhelper - FVD Speed Dial, GetThemAll and other products.

Page URL History Show full URLs

http://everhelper.me/ HTTP 301
https://everhelper.me/ Page URL

Page Statistics

52
Requests

100 %
HTTPS

82 %
IPv6

8
Domains

11
Subdomains

11
IPs

2
Countries

790 kB
Transfer

1492 kB
Size

10
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.everhelper.me/speed_dial.php
Title: FVD Speed Dial

Search URL Search Domain Scan URL

URL: https://www.everhelper.me/synchronizer.php
Title: EverSync

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/button-for-google-calenda/lfjnmopldodmmdhddmeacgjnjeakjpki?utm_source=everhelper.me&utm_medium=menu
Title: Button for Google Calendar™

Search URL Search Domain Scan URL

URL: https://www.everhelper.me/everhelperplans.php
Title: Get Premium

Search URL Search Domain Scan URL

URL: https://nimbusweb.me/s/share/3886862/dkaxk26sgp601n9gwdom
Title: Help

Search URL Search Domain Scan URL

URL: http://www.everhelper.me/speed_dial.php
Title: FVD Speed Dial

Search URL Search Domain Scan URL

URL: http://www.everhelper.me/synchronizer.php
Title: Eversync

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://everhelper.me/ HTTP 301
https://everhelper.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
everhelper.me/
Redirect Chain

http://everhelper.me/
https://everhelper.me/

11 KB
3 KB

857ms
286ms

Document
text/html

44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://everhelper.me/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

Apache/2.4.38 / PHP/7.3.13

Resource Hash

c483eb98cd622d520b737bda63c3d983beeefb0bc8349ae4f5ecc96b437b2748

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9

Response headers

Date: Thu, 28 Oct 2021 13:20:55 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 3141
Connection: keep-alive
Server: Apache/2.4.38
X-Powered-By: PHP/7.3.13
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; preload
X-Content-Type-Options: nosniff

Redirect headers

Server: nginx
Date: Thu, 28 Oct 2021 13:20:54 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://everhelper.me/

GET
H/1.1 200
OK style.css
everhelper.me/style/ 41 KB
9 KB 285ms
284ms Stylesheet
text/css 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://everhelper.me/style/style.css

Requested by

Host: everhelper.me
URL: https://everhelper.me/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

Apache/2.4.38 /

Resource Hash

dc3ff0d31a5aac0376414926c87a0201abf106b319714d573a3270273f8e887e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 27 Sep 2021 11:19:50 GMT
Server: Apache/2.4.38
ETag: "a46d-5ccf84680696b-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; preload
Accept-Ranges: bytes
Content-Length: 8633

GET
H/1.1 200
OK query.css
everhelper.me/style/ 4 KB
2 KB 576ms
288ms Stylesheet
text/css 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://everhelper.me/style/query.css

Requested by

Host: everhelper.me
URL: https://everhelper.me/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

Apache/2.4.38 /

Resource Hash

251ace2ba4f7fa7edee4ae3db2320eb3b10ce2637b11dc666618052a2bd03d2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Sep 2021 08:12:59 GMT
Server: Apache/2.4.38
ETag: "f4c-5cb9faf020716-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; preload
Accept-Ranges: bytes
Content-Length: 1186

GET
H/1.1 200
OK flex.css
everhelper.me/style/ 22 KB
2 KB 790ms
258ms Stylesheet
text/css 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://everhelper.me/style/flex.css

Requested by

Host: everhelper.me
URL: https://everhelper.me/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

Apache/2.4.38 /

Resource Hash

458065d06b557b1e123d3cc722bf4f72b1abb0ca3d1b3850a8cb25b3cd8afa08

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Sep 2021 08:12:59 GMT
Server: Apache/2.4.38
ETag: "57d4-5cb9faf020716-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; preload
Accept-Ranges: bytes
Content-Length: 1716

GET
H/1.1 200
OK jquery.js Show response
everhelper.me/js/ 94 KB
33 KB 875ms
296ms Script
application/javascript 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://everhelper.me/js/jquery.js

Requested by

Host: everhelper.me
URL: https://everhelper.me/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

Apache/2.4.38 /

Resource Hash

ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Sep 2021 08:12:57 GMT
Server: Apache/2.4.38
ETag: "176d5-5cb9faee3b177-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; preload
Accept-Ranges: bytes
Content-Length: 33279

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 116ms
74ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: everhelper.me
URL: https://everhelper.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8542d4a8df5d3b127a5fae867228626d51d6bacc3a422352ce6d88dce68eeec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 13:20:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51607
x-xss-protection: 0
server: cafe
etag: 9530579684203666975
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 13:20:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 127 KB
50 KB 91ms
49ms Script
application/javascript 2404:6800:4004:826::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GG9CMZD310

Requested by

Host: everhelper.me
URL: https://everhelper.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5e57ce9b19e29f6248f0a35a85e6cd14ae0d0f546f50920bb37e3428c719cbd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 13:20:56 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 50439
x-xss-protection: 0
expires: Thu, 28 Oct 2021 13:20:56 GMT

GET
H/1.1 200
OK js.js Show response
everhelper.me/js/ 241 B
536 B 899ms
307ms Script
application/javascript 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://everhelper.me/js/js.js

Requested by

Host: everhelper.me
URL: https://everhelper.me/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

Apache/2.4.38 /

Resource Hash

663ba3e1805235f3f8e9b768c912213fad9af9a82f23f1cf77ea09d946a848bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Sep 2021 08:12:57 GMT
Server: Apache/2.4.38
ETag: "f1-5cb9faee3b177-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; preload
Accept-Ranges: bytes
Content-Length: 141

GET
H/1.1 200
OK logo.png
everhelper.me/images/ 6 KB
7 KB 308ms
307ms Image
image/png 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everhelper.me/images/logo.png

Requested by

Host: everhelper.me
URL: https://everhelper.me/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7474cc2abe8a8d969693d5a1e45d1a17be1abcf0a396fb1e99853fd4a5c7965c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:56 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Sep 2021 08:12:57 GMT
Server: nginx
ETag: "613b1389-1965"
Strict-Transport-Security: max-age=63072000; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6501

GET
H/1.1 200
OK ava.png
everhelper.me/images/ 19 KB
20 KB 292ms
291ms Image
image/png 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everhelper.me/images/ava.png

Requested by

Host: everhelper.me
URL: https://everhelper.me/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2ad97827d583eeee6304731693365f11fc2c77ada8e87ab83a200158ee0c90ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:56 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Sep 2021 08:12:57 GMT
Server: nginx
ETag: "613b1389-4dcd"
Strict-Transport-Security: max-age=63072000; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19917

GET
H/1.1 200
OK visa1.jpg
everhelper.me/ 15 KB
15 KB 568ms
567ms Image
image/jpeg 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everhelper.me/visa1.jpg

Requested by

Host: everhelper.me
URL: https://everhelper.me/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3f9203ded5fb23ffb92eb8bf440c40f574e5f6bc65a0b73f4abb3affd6691ec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:56 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Sep 2021 08:12:53 GMT
Server: nginx
ETag: "613b1385-3bdc"
Strict-Transport-Security: max-age=63072000; preload
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15324

GET
H/1.1 200
OK mastercard1.jpg
everhelper.me/ 13 KB
13 KB 307ms
307ms Image
image/jpeg 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everhelper.me/mastercard1.jpg

Requested by

Host: everhelper.me
URL: https://everhelper.me/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a31349f4e0e928aefe62ee5b18a1faf95dadd77164f0aeede7e3897d8ffb1e3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Sep 2021 08:12:52 GMT
Server: nginx
ETag: "613b1384-3225"
Strict-Transport-Security: max-age=63072000; preload
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12837

GET
H2 200 gtm.js Show response
metrics.everhelper.me/ 74 KB
32 KB 317ms
272ms Script
application/javascript 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.everhelper.me/gtm.js?id=GTM-T5VH954
Requested by: Host: everhelper.me
URL: https://everhelper.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e8c754a06a76fc8f27e11b160e47c680ecad7d4068ba917a273ca706edc9da61

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 13:20:57 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 12:00:00 GMT
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-cloud-trace-context: 96b0c67dfc342edc80c595f6db0fd8a0;o=1
cache-control: private, max-age=450
content-length: 33000
expires: Thu, 28 Oct 2021 13:21:20 GMT

GET
H/1.1 200
OK head.jpg
everhelper.me/images/ 1 KB
2 KB 292ms
292ms Image
image/jpeg 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everhelper.me/images/head.jpg

Requested by

Host: everhelper.me
URL: https://everhelper.me/style/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d18667e7dae2c9486fcca5c2b48f3c47fb1e878903a039d37cbc3afa9ae31847

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:56 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Sep 2021 08:12:57 GMT
Server: nginx
ETag: "613b1389-4ca"
Strict-Transport-Security: max-age=63072000; preload
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1226

GET
H/1.1 200
OK grad.jpg
everhelper.me/images/ 14 KB
14 KB 1528ms
293ms Image
image/jpeg 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everhelper.me/images/grad.jpg

Requested by

Host: everhelper.me
URL: https://everhelper.me/style/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4708d5baf0b2ceeeade9e9366785319968b9d9961241f78e3c458cb4f1827352

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Sep 2021 08:12:57 GMT
Server: nginx
ETag: "613b1389-389f"
Strict-Transport-Security: max-age=63072000; preload
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14495

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110250101/ 269 KB
97 KB 93ms
93ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110250101/show_ads_impl_fy2019.js?bust=31063316

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf6b44660d1b98724df6c10895fd53b9cf7c8870b2b8b714eedc483a6dce3755

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 13:20:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98674
x-xss-protection: 0
server: cafe
etag: 2421781623665387570
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 13:20:57 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211026/r20190131/ Frame 1D85 10 KB
5 KB 47ms
3ms Document
text/html 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211026/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 28 Oct 2021 05:47:23 GMT
expires: Thu, 11 Nov 2021 05:47:23 GMT
content-type: text/html; charset=UTF-8
etag: 15765991816257340444
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4703
x-xss-protection: 0
age: 27214
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK top_grad.png
everhelper.me/images/ 321 B
639 B 1193ms
317ms Image
image/png 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everhelper.me/images/top_grad.png

Requested by

Host: everhelper.me
URL: https://everhelper.me/style/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

87b079d6dd4a9a23e1097e6d6fc012430abb04c0fd343e22f1dcd9d864f30bd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Sep 2021 08:12:57 GMT
Server: nginx
ETag: "613b1389-141"
Strict-Transport-Security: max-age=63072000; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 321

GET
H/1.1 200
OK top_web_clipper.png
everhelper.me/images/ 90 KB
90 KB 833ms
305ms Image
image/png 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everhelper.me/images/top_web_clipper.png

Requested by

Host: everhelper.me
URL: https://everhelper.me/style/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

09c7385ab643ae95d988c871549d7a80d3514bbfec418b44f55f624df2c591fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Sep 2021 08:12:57 GMT
Server: nginx
ETag: "613b1389-1662a"
Strict-Transport-Security: max-age=63072000; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91690

GET
H/1.1 200
OK step_first.jpg
everhelper.me/images/ 72 KB
72 KB 819ms
604ms Image
image/jpeg 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everhelper.me/images/step_first.jpg

Requested by

Host: everhelper.me
URL: https://everhelper.me/style/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

74b8a17720e8fd607e2bcfbbd2f5c0c4601d1cbfaa308225b76ffbca55043902

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Sep 2021 08:12:57 GMT
Server: nginx
ETag: "613b1389-1202a"
Strict-Transport-Security: max-age=63072000; preload
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 73770

GET
H/1.1 200
OK step_number.jpg
everhelper.me/images/ 3 KB
3 KB 1431ms
292ms Image
image/jpeg 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everhelper.me/images/step_number.jpg

Requested by

Host: everhelper.me
URL: https://everhelper.me/style/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c1dc043f809dd11fd1ff9c4ef10c5234b8068c6d1f17e8043b787c2a19aecc13

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Sep 2021 08:12:57 GMT
Server: nginx
ETag: "613b1389-ae3"
Strict-Transport-Security: max-age=63072000; preload
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2787

GET
H/1.1 200
OK products_info_speed_dial.jpg
everhelper.me/images/ 58 KB
58 KB 569ms
305ms Image
image/jpeg 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everhelper.me/images/products_info_speed_dial.jpg

Requested by

Host: everhelper.me
URL: https://everhelper.me/style/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5a79d8905da7a5cfc9894510c6dec76a93ec0a452b81074d3f08beccf9fd95cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Sep 2021 08:12:57 GMT
Server: nginx
ETag: "613b1389-e89a"
Strict-Transport-Security: max-age=63072000; preload
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 59546

GET
H/1.1 200
OK products_info_block_speed_dial.png
everhelper.me/images/ 1 KB
2 KB 872ms
319ms Image
image/png 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everhelper.me/images/products_info_block_speed_dial.png

Requested by

Host: everhelper.me
URL: https://everhelper.me/style/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6aff0bd779e24fd0d7ac9a7fdf321cecfcbde4228922a464f4fc6ae2012095a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Sep 2021 08:12:57 GMT
Server: nginx
ETag: "613b1389-57e"
Strict-Transport-Security: max-age=63072000; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1406

GET
H/1.1 200
OK speed_dial_icon.png
everhelper.me/images/ 2 KB
2 KB 1189ms
311ms Image
image/png 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everhelper.me/images/speed_dial_icon.png

Requested by

Host: everhelper.me
URL: https://everhelper.me/style/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b189661ad9a0603b81ab480539d65f81609516b4492fefa7895eb822d5950261

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Sep 2021 08:12:57 GMT
Server: nginx
ETag: "613b1389-7bb"
Strict-Transport-Security: max-age=63072000; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1979

GET
H/1.1 200
OK products_info_container_separator.png
everhelper.me/images/ 815 B
1 KB 1428ms
319ms Image
image/png 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everhelper.me/images/products_info_container_separator.png

Requested by

Host: everhelper.me
URL: https://everhelper.me/style/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f85f8b25c50f8ae4381c5345e2851b705b5f54309cb5e380aee41500ff90b5f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Sep 2021 08:12:57 GMT
Server: nginx
ETag: "613b1389-32f"
Strict-Transport-Security: max-age=63072000; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 815

GET
H/1.1 200
OK products_info_synchronizer.jpg
everhelper.me/images/ 44 KB
44 KB 813ms
285ms Image
image/jpeg 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everhelper.me/images/products_info_synchronizer.jpg

Requested by

Host: everhelper.me
URL: https://everhelper.me/style/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3acca5920e3241f9d00af384c0d8c430d664802efc0ecc7567b2cf6e01d42485

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Sep 2021 08:12:57 GMT
Server: nginx
ETag: "613b1389-af80"
Strict-Transport-Security: max-age=63072000; preload
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44928

GET
H/1.1 200
OK products_info_block_synchronizer.png
everhelper.me/images/ 1 KB
2 KB 873ms
301ms Image
image/png 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everhelper.me/images/products_info_block_synchronizer.png

Requested by

Host: everhelper.me
URL: https://everhelper.me/style/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f7d8a1c0fd3cbb4b3a11f13d044d21098aa98e0aee64dfe7ad71cc92aef19ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Sep 2021 08:12:57 GMT
Server: nginx
ETag: "613b1389-500"
Strict-Transport-Security: max-age=63072000; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1280

GET
H/1.1 200
OK synchronizer_icon.png
everhelper.me/images/ 2 KB
2 KB 1161ms
285ms Image
image/png 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everhelper.me/images/synchronizer_icon.png

Requested by

Host: everhelper.me
URL: https://everhelper.me/style/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5e43d33d1abeb892f04db9c94e402a9f24cc37fba463ac0fbf011b88ab163410

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Sep 2021 08:12:57 GMT
Server: nginx
ETag: "613b1389-79c"
Strict-Transport-Security: max-age=63072000; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1948

GET
H/1.1 200
OK testimonial_bg.png
everhelper.me/images/ 683 B
1001 B 526ms
294ms Image
image/png 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everhelper.me/images/testimonial_bg.png

Requested by

Host: everhelper.me
URL: https://everhelper.me/style/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

28d1acf62fe136dcd5ed3eabd3883bf768cd21e2b0ab8f7220a85393e7778596

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Sep 2021 08:12:57 GMT
Server: nginx
ETag: "613b1389-2ab"
Strict-Transport-Security: max-age=63072000; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 683

GET
H/1.1 200
OK testimonial_text.png
everhelper.me/images/ 9 KB
10 KB 551ms
300ms Image
image/png 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everhelper.me/images/testimonial_text.png

Requested by

Host: everhelper.me
URL: https://everhelper.me/style/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

14d0298cdbb453b6e82b5b674a70fd6c94c4601a8877c93eea58fea97c42ec36

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Sep 2021 08:12:57 GMT
Server: nginx
ETag: "613b1389-25ff"
Strict-Transport-Security: max-age=63072000; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9727

GET
H/1.1 200
OK testimonial_quote_top.png
everhelper.me/images/ 874 B
1 KB 1502ms
312ms Image
image/png 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everhelper.me/images/testimonial_quote_top.png

Requested by

Host: everhelper.me
URL: https://everhelper.me/style/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a67020000204432b7f7aa7b6874a5cd55656f5387c9a3d87dd619b7ce540bdaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Sep 2021 08:12:57 GMT
Server: nginx
ETag: "613b1389-36a"
Strict-Transport-Security: max-age=63072000; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 874

GET
H/1.1 200
OK testimonial_quote_bot.png
everhelper.me/images/ 883 B
1 KB 1448ms
284ms Image
image/png 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everhelper.me/images/testimonial_quote_bot.png

Requested by

Host: everhelper.me
URL: https://everhelper.me/style/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4feb8f5f18ff61fc55cfb73b8b36fd86b1ab04d19033db7e0f3279c831acc856

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Sep 2021 08:12:57 GMT
Server: nginx
ETag: "613b1389-373"
Strict-Transport-Security: max-age=63072000; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 883

GET
H/1.1 200
OK footer_grad.png
everhelper.me/images/ 329 B
647 B 324ms
323ms Image
image/png 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everhelper.me/images/footer_grad.png

Requested by

Host: everhelper.me
URL: https://everhelper.me/style/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8e2d8f13cf2a88aad08bf426034c808f52bed408176f21e176fbe6290df40f8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Sep 2021 08:12:57 GMT
Server: nginx
ETag: "613b1389-149"
Strict-Transport-Security: max-age=63072000; preload
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 329

GET
H/1.1 200
OK copy.jpg
everhelper.me/images/ 3 KB
3 KB 275ms
274ms Image
image/jpeg 44.193.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://everhelper.me/images/copy.jpg

Requested by

Host: everhelper.me
URL: https://everhelper.me/style/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.193.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-126-230.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5d86930c23444429f272c5d7abe728a9b0f9433af8a2190ab619c5b5402ae901

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/style/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 13:20:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 10 Sep 2021 08:12:57 GMT
Server: nginx
ETag: "613b1389-a45"
Strict-Transport-Security: max-age=63072000; preload
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2629

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 47ms
3ms Script
text/javascript 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: everhelper.me
URL: https://everhelper.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 6782
date: Thu, 28 Oct 2021 11:27:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 28 Oct 2021 13:27:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 47ms
46ms Script
application/javascript 2404:6800:4004:826::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-67774717-36&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GG9CMZD310

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0037cb7f9afdd010c9c79a628d8a1fcfbc3cbe8534371eebacba4bf20b1ca86e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 13:20:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35752
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Oct 2021 13:20:57 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 39ms
39ms XHR
text/plain 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=188098125&t=pageview&_s=1&dl=https%3A%2F%2Feverhelper.me%2F&ul=en-us&de=UTF-8&dt=Everhelper%20-%20FVD%20Speed%20Dial%2C%20GetThemAll%20and%20other%20products.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=466795084&gjid=1984444620&cid=450848112.1635427257&tid=UA-38359382-1&_gid=927424492.1635427257&_r=1&_slc=1&z=730784445

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://everhelper.me/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 13:20:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://everhelper.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
68 B 36ms
35ms XHR
text/plain 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=188098125&t=pageview&_s=1&dl=https%3A%2F%2Feverhelper.me%2F&ul=en-us&de=UTF-8&dt=Everhelper%20-%20FVD%20Speed%20Dial%2C%20GetThemAll%20and%20other%20products.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=6338727&gjid=486618228&cid=450848112.1635427257&tid=UA-67774717-36&_gid=927424492.1635427257&_r=1&gtm=2ouar0&z=1306667394

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://everhelper.me/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 13:20:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://everhelper.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
56 B 40ms
40ms Ping
text/plain 2404:6800:4004:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-GG9CMZD310&gtm=2oear0&_p=188098125&sr=1600x1200&ul=en-us&cid=450848112.1635427257&_s=1&dl=https%3A%2F%2Feverhelper.me%2F&dt=Everhelper%20-%20FVD%20Speed%20Dial%2C%20GetThemAll%20and%20other%20products.&sid=1635427257&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GG9CMZD310
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://everhelper.me/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 13:20:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://everhelper.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
610 B 117ms
38ms Script
text/javascript 172.217.161.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=everhelper.me&callback=_gfp_s_&client=ca-pub-8568998613366461

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110250101/show_ads_impl_fy2019.js?bust=31063316

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.161.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s23-in-f2.1e100.net

Software

cafe /

Resource Hash

b3774e85cb167e1c6d310aa29cfab4d16f38a9a3f4c3a20cd9e635d3efb52db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 13:20:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 81ms
40ms Script
application/javascript 2404:6800:4004:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=everhelper.me

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110250101/show_ads_impl_fy2019.js?bust=31063316

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Oct 2021 13:20:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 78ms
38ms Script
application/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=everhelper.me

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110250101/show_ads_impl_fy2019.js?bust=31063316

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Oct 2021 13:20:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2E5F 0
188 B 90ms
90ms Document
text/html 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8568998613366461&output=html&adk=1812271804&adf=3025194257&lmt=1635427257&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Feverhelper.me%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635427256990&bpp=2&bdt=1240&idt=184&shv=r20211026&mjsv=m202110250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4988675135548&frm=20&pv=2&ga_vid=450848112.1635427257&ga_sid=1635427257&ga_hid=188098125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063316%2C31063139%2C31063166&oid=2&pvsid=1907190360317586&pem=858&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=199

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110250101/show_ads_impl_fy2019.js?bust=31063316

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 28 Oct 2021 13:20:57 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Thu, 28 Oct 2021 13:20:57 GMT
cache-control: private

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 125 KB
48 KB 62ms
62ms Script
application/javascript 2404:6800:4004:826::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6TBW1D2LF5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GG9CMZD310

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bdb2449df79d08a76b820aa463a57fd4a566c858635b7216b172c6b7dffca3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 13:20:57 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 49543
x-xss-protection: 0
expires: Thu, 28 Oct 2021 13:20:57 GMT

POST
H2 200 collect
metrics.everhelper.me/g/ 0
386 B 218ms
217ms Ping
text/html 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.everhelper.me/g/collect?v=2&tid=G-6TBW1D2LF5&gtm=2oear0&_p=188098125&sr=1600x1200&ul=en-us&cid=450848112.1635427257&_fplc=0&_s=1&dl=https%3A%2F%2Feverhelper.me%2F&dt=Everhelper%20-%20FVD%20Speed%20Dial%2C%20GetThemAll%20and%20other%20products.&sid=1635427257&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6TBW1D2LF5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://everhelper.me/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-cloud-trace-context: 727512f75fa3477580a954faa3d68a93
cache-control: private
server: Google Frontend
content-type: text/html
date: Thu, 28 Oct 2021 13:20:57 GMT
content-length: 0
expires: Thu, 28 Oct 2021 13:20:57 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 94ms
50ms XHR
application/json 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211026&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110250101/show_ads_impl_fy2019.js?bust=31063316

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc148ae801791256ca12ad80bac415ce6d630528c831cfc2e8fd25cc077e6920

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Oct 2021 13:20:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8412
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 102ms
56ms Script
text/javascript 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110250101/show_ads_impl_fy2019.js?bust=31063316

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 13:20:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 28 Oct 2021 13:20:58 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame DA92 12 KB
5 KB 5ms
3ms Document
text/html 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 27 Oct 2021 09:25:56 GMT
expires: Thu, 27 Oct 2022 09:25:56 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 100502
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 84C5 783 B
1 KB 86ms
42ms Document
text/html 2404:6800:4004:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e4714246d1f0facc41ac993fc2836b88efdefa69f4f0eb51d60565049a1b1c91

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AwI+YRERSPcjjjiPMtXhEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 28 Oct 2021 13:20:59 GMT
date: Thu, 28 Oct 2021 13:20:59 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-AwI+YRERSPcjjjiPMtXhEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js Show response
pagead2.googlesyndication.com/bg/ Frame DA92 35 KB
13 KB 2ms
2ms Script
text/javascript 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 12:40:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 175200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13325
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 26 Oct 2022 12:40:59 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 84C5 0
0 52ms
51ms Image
text/html 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211026&jk=1907190360317586&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 42ms
42ms Image
image/gif 2404:6800:4004:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211026&jk=1907190360317586&bg=!FBelF1PNAAbUs_yW1LM7ACkAdvg8WkfkjKFe5wnfFwHnF4H8YRZrPLV6dSc0u7gKUSqAB-HSNsgI4wIAAABNUgAAAAloAQeZAso3kGeZh3ls9c_uVWcwFY2Ji7Ot8i0IQcu2ygPhq_G65dA3A_pdcB9IccWwH7E5RsBrSRLb-BkYsQSevCdH6aimFocuY2UbmU4aDZw97TqImG7dSXvhIaVRY3qr3LQJV40TU0fgSpRj4tioptET9jsBWbFCdvZGqeqhoi750g2JluJi60f5gfeLkBUVvBnCQvEVfCvj1haXV2QDuB9uU7paMgwJFBusXq36G9gSkqHxK5q5WC12_ce7FAANQ-5v24lvkOacJyR7OZ7SkJBXKHEBsqHaFsaLkWM4b7ZmMa-s3cM1UbNMvKySzNVDjuq7Shfzalvo5cDtTQjUcwc4hmRZRWWhqg8h2PPh4P1H2WDHfUhExdapEroDhU1i_VsPdPlhrd7oz_Gzo3C0dobb6dmFJB-L7A7T-wZVDyE_YZmUZTjdMGi1tnfu4_dWEuxTmMaAJEztVOX8oZFd8dJzmqNX4X7gg4A5UYWCiKuEID137-tMC8InXBBgPjJ3QWNa7IT7Y5vzoc56res2vsO3ThbgCsGMzQDY_43dS6wJM-o0Qx62hRbZSOGpZue-QKbMD5kfes_S1k7O0CyICg5ykVpiV0yoHkfb7BlgrdIHop7RhU8ZCub-XFCI7ca3XFqXsig5OkAaDlXyBMo9HrbPpg_tcK5JHJMpea6YkE00VYIAJ7-mNp6JZYP_1mdd3JQDoSWN4mO-nMok0AAhwAKlqDernpFxXM73_0jHMAK3_emQfr1cb0U90dW0PO6VravwLY_Ac8BLvY_iskfO96FhvRYys0Ec1ydlKXl9oou15ZUy6UgjHg1SBiLh7LoM5NMQJZ99YkBk3p3ZyCQ8p_h6wwYzsQ8gxe8KumtN6PKTa2yBz3CAqMWB-UR1W1fOZcm-aAvgiYZSs0GZpEUrb0rLzgNDNnPST0Kp4lZmkBBaEhrzmolSj-dKkN2R66Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://everhelper.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 13:20:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.everhelper.me/	1970-01-19 22:18:33	Name: _gid Value: GA1.2.927424492.1635427257
.everhelper.me/	1970-01-19 22:17:07	Name: _gat Value: 1
.everhelper.me/	1970-01-19 22:17:07	Name: _gat_gtag_UA_67774717_36 Value: 1
.everhelper.me/	1970-01-20 15:48:19	Name: _ga_GG9CMZD310 Value: GS1.1.1635427257.1.0.1635427257.0
.everhelper.me/	1970-01-20 15:48:19	Name: _ga Value: GA1.1.450848112.1635427257
.doubleclick.net/	1970-01-19 22:17:08	Name: test_cookie Value: CheckForPermission
.everhelper.me/	1970-01-20 07:38:43	Name: __gads Value: ID=d352b7ad93110345-22ad0b5defcc008b:T=1635427257:RT=1635427257:S=ALNI_MboBlXpPWkyw9pmeH43t2cjDzybYw
.everhelper.me/	1970-01-20 15:48:19	Name: _ga_6TBW1D2LF5 Value: GS1.1.1635427257.1.0.1635427257.0
.everhelper.me/	1970-01-19 22:18:19	Name: FPLC Value: KIJY%2F4oQ0GiInTSEAgVt7qTrV6VvZGH7rk%2FLyobwaMtN4zHBoPIqYF2w6%2B%2BSnPEg5Lxx%2FgzEKs3PM3KjTFkurzUSzrwqkuV0WlrF4iaKQM%2FIc2vyo7pFuJEoEwReqA%3D%3D
.everhelper.me/	1970-01-20 15:48:19	Name: FPID Value: FPID2.2.QSrv6EF9iRik3ULBlnBgFxdCxX5CkuKFiT4KyWlx8zU%3D.1635427257

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.jp
adservice.google.com
everhelper.me
googleads.g.doubleclick.net
metrics.everhelper.me
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
172.217.161.34
2001:4860:4802:34::15
2404:6800:4004:811::2004
2404:6800:4004:81d::2001
2404:6800:4004:820::2002
2404:6800:4004:821::2002
2404:6800:4004:823::2002
2404:6800:4004:824::2002
2404:6800:4004:825::200e
2404:6800:4004:826::2008
44.193.126.230
0037cb7f9afdd010c9c79a628d8a1fcfbc3cbe8534371eebacba4bf20b1ca86e
09c7385ab643ae95d988c871549d7a80d3514bbfec418b44f55f624df2c591fc
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
14d0298cdbb453b6e82b5b674a70fd6c94c4601a8877c93eea58fea97c42ec36
251ace2ba4f7fa7edee4ae3db2320eb3b10ce2637b11dc666618052a2bd03d2b
28d1acf62fe136dcd5ed3eabd3883bf768cd21e2b0ab8f7220a85393e7778596
2ad97827d583eeee6304731693365f11fc2c77ada8e87ab83a200158ee0c90ae
3acca5920e3241f9d00af384c0d8c430d664802efc0ecc7567b2cf6e01d42485
3f9203ded5fb23ffb92eb8bf440c40f574e5f6bc65a0b73f4abb3affd6691ec5
458065d06b557b1e123d3cc722bf4f72b1abb0ca3d1b3850a8cb25b3cd8afa08
4708d5baf0b2ceeeade9e9366785319968b9d9961241f78e3c458cb4f1827352
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4feb8f5f18ff61fc55cfb73b8b36fd86b1ab04d19033db7e0f3279c831acc856
5a79d8905da7a5cfc9894510c6dec76a93ec0a452b81074d3f08beccf9fd95cb
5d86930c23444429f272c5d7abe728a9b0f9433af8a2190ab619c5b5402ae901
5e43d33d1abeb892f04db9c94e402a9f24cc37fba463ac0fbf011b88ab163410
5e57ce9b19e29f6248f0a35a85e6cd14ae0d0f546f50920bb37e3428c719cbd1
663ba3e1805235f3f8e9b768c912213fad9af9a82f23f1cf77ea09d946a848bf
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
6aff0bd779e24fd0d7ac9a7fdf321cecfcbde4228922a464f4fc6ae2012095a1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7474cc2abe8a8d969693d5a1e45d1a17be1abcf0a396fb1e99853fd4a5c7965c
74b8a17720e8fd607e2bcfbbd2f5c0c4601d1cbfaa308225b76ffbca55043902
8542d4a8df5d3b127a5fae867228626d51d6bacc3a422352ce6d88dce68eeec1
87b079d6dd4a9a23e1097e6d6fc012430abb04c0fd343e22f1dcd9d864f30bd5
8e2d8f13cf2a88aad08bf426034c808f52bed408176f21e176fbe6290df40f8a
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a31349f4e0e928aefe62ee5b18a1faf95dadd77164f0aeede7e3897d8ffb1e3e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a67020000204432b7f7aa7b6874a5cd55656f5387c9a3d87dd619b7ce540bdaf
b189661ad9a0603b81ab480539d65f81609516b4492fefa7895eb822d5950261
b3774e85cb167e1c6d310aa29cfab4d16f38a9a3f4c3a20cd9e635d3efb52db4
bdb2449df79d08a76b820aa463a57fd4a566c858635b7216b172c6b7dffca3ed
c1dc043f809dd11fd1ff9c4ef10c5234b8068c6d1f17e8043b787c2a19aecc13
c483eb98cd622d520b737bda63c3d983beeefb0bc8349ae4f5ecc96b437b2748
cc148ae801791256ca12ad80bac415ce6d630528c831cfc2e8fd25cc077e6920
cf6b44660d1b98724df6c10895fd53b9cf7c8870b2b8b714eedc483a6dce3755
d18667e7dae2c9486fcca5c2b48f3c47fb1e878903a039d37cbc3afa9ae31847
dc3ff0d31a5aac0376414926c87a0201abf106b319714d573a3270273f8e887e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4714246d1f0facc41ac993fc2836b88efdefa69f4f0eb51d60565049a1b1c91
e8c754a06a76fc8f27e11b160e47c680ecad7d4068ba917a273ca706edc9da61
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
f7d8a1c0fd3cbb4b3a11f13d044d21098aa98e0aee64dfe7ad71cc92aef19ce1
f85f8b25c50f8ae4381c5345e2851b705b5f54309cb5e380aee41500ff90b5f9
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

everhelper.me Open in urlscan Pro 44.193.126.230 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

52 Requests

100 %HTTPS

82 %IPv6

8 Domains

11 Subdomains

11 IPs

2 Countries

790 kBTransfer

1492 kBSize

10 Cookies

7 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

everhelper.me Open in urlscan Pro
44.193.126.230 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

100 %
HTTPS

82 %
IPv6

8
Domains

11
Subdomains

11
IPs

2
Countries

790 kB
Transfer

1492 kB
Size

10
Cookies

52 HTTP transactions
0 data transactions