www.google.com Open in urlscan Pro
2a00:1450:4001:82a::2004 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://happyeasterimages.org/
Effective URL:
https://www.google.com/
Submission: On April 21 via manual (April 21st 2022, 6:52:24 pm UTC) from IN — Scanned from DE

Summary HTTP 91 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 20 domains to perform 91 HTTP transactions. The main IP is 2a00:1450:4001:82a::2004, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.google.com. The Cisco Umbrella rank of the primary domain is 4.
TLS certificate: Issued by GTS CA 1C3 on March 28th 2022. Valid for: 3 months.

This is the only time www.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 7	111.90.143.157 111.90.143.157	45839 (SHINJIRU-...) (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	143.204.98.74 143.204.98.74	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2600:9000:20e... 2600:9000:20eb:b200:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.127.31.227 3.127.31.227	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:401... 2a00:1450:4014:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	167.71.64.21 167.71.64.21	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 3	188.166.68.96 188.166.68.96	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 3	94.130.51.235 94.130.51.235	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	() ()
91	24

27 2a06:98c1:3120::7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

happyeasterimages.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 111.90.143.157 (Kuala Lumpur, Malaysia) 2 redirects

ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
PTR: server1.kamon.la

print.legendarytable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
local.specialadves.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
brend.specialadves.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-74.fra50.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:b200:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.31.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-31-227.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4014:80b::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.71.64.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

xxxconent.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0.xxxconent.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.166.68.96 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

clarifyspotify.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0.clarifyspotify.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.130.51.235 (Heilbronn, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.235.51.130.94.clients.your-server.de

seventrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clickprocess.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	happyeasterimages.org 1 redirects happyeasterimages.org	175 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 128	297 KB
10	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 77 www.google.com — Cisco Umbrella Rank: 4 google.com — Cisco Umbrella Rank: 1 apis.google.com	97 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 40	47 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	100 KB
5	specialadves.com 2 redirects local.specialadves.com — Cisco Umbrella Rank: 343794 brend.specialadves.com — Cisco Umbrella Rank: 378602 Failed	3 KB
3	clarifyspotify.online clarifyspotify.online — Cisco Umbrella Rank: 862968 Failed 0.clarifyspotify.online	37 KB
3	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 5091 buttons-config.sharethis.com — Cisco Umbrella Rank: 6017 l.sharethis.com — Cisco Umbrella Rank: 4704	43 KB
2	clickprocess.click clickprocess.click	426 B
2	xxxconent.biz xxxconent.biz — Cisco Umbrella Rank: 492868 Failed 0.xxxconent.biz	79 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2657 pixel.wp.com — Cisco Umbrella Rank: 2521	3 KB
2	legendarytable.com print.legendarytable.com — Cisco Umbrella Rank: 409496	816 B
1	seventrk.com 1 redirects seventrk.com	376 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 262	63 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	37 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 7579	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 794	654 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	38 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
91	20

	Domain	Requested by
27	happyeasterimages.org	1 redirects happyeasterimages.org
8	tpc.googlesyndication.com	happyeasterimages.org googleads.g.doubleclick.net tpc.googlesyndication.com
7	www.google.com	1 redirects www.google.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com happyeasterimages.org googleads.g.doubleclick.net
4	brend.specialadves.com	local.specialadves.com happyeasterimages.org
4	pagead2.googlesyndication.com	happyeasterimages.org pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
3	fonts.gstatic.com	fonts.googleapis.com www.google.com
2	www.gstatic.com	www.google.com
2	clickprocess.click	happyeasterimages.org
2	0.clarifyspotify.online	1 redirects happyeasterimages.org
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	print.legendarytable.com	happyeasterimages.org
1	apis.google.com	www.gstatic.com
1	google.com	1 redirects
1	seventrk.com	1 redirects
1	clarifyspotify.online	brend.specialadves.com
1	0.xxxconent.biz	happyeasterimages.org
1	xxxconent.biz	brend.specialadves.com
1	s0.2mdn.net	tpc.googlesyndication.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	pixel.wp.com	happyeasterimages.org
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	local.specialadves.com	print.legendarytable.com
1	stats.wp.com	happyeasterimages.org
1	www.googletagmanager.com	happyeasterimages.org
1	platform-api.sharethis.com	happyeasterimages.org
1	fonts.googleapis.com	happyeasterimages.org
91	31

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-13` - `2022-07-12`	a year	crt.sh
print.legendarytable.com R3	`2022-03-31` - `2022-06-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
sharethis.com Amazon	`2021-07-19` - `2022-08-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
local.specialadves.com R3	`2022-03-25` - `2022-06-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
brend.specialadves.com R3	`2022-03-19` - `2022-06-17`	3 months	crt.sh
0.xxxconent.biz R3	`2022-04-19` - `2022-07-18`	3 months	crt.sh
0.di09.biz R3	`2022-04-03` - `2022-07-02`	3 months	crt.sh
clickprocess.click R3	`2022-04-21` - `2022-07-20`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.google.com/
Frame ID: CA8B2487B3DEDE0DBC263B655A1128F1
Requests: 81 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220419/r20190131/zrt_lookup.html
Frame ID: 3440344452F539B1F75F56533AE0DC7C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2525651058144004&output=html&h=280&slotname=1290808203&adk=639361911&adf=3475174654&pi=t.ma~as.1290808203&w=950&fwrn=4&fwrnh=100&lmt=1650563073&rafmt=1&psa=0&format=950x280&url=https%3A%2F%2Fhappyeasterimages.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650567139255&bpp=3&bdt=867&idt=79&shv=r20220419&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&correlator=1789634493417&frm=20&pv=2&ga_vid=450699855.1650567139&ga_sid=1650567139&ga_hid=1449046529&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=41&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067067%2C31061828&oid=2&pvsid=4348535962623703&pem=575&tmod=11204558&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=svCcYBN9gV&p=https%3A//happyeasterimages.org&dtd=92
Frame ID: CB439B6871CD94C3F23A42EAA8FD9591
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2525651058144004&output=html&adk=1812271804&adf=3025194257&lmt=1650563073&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhappyeasterimages.org%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650567139299&bpp=1&bdt=910&idt=73&shv=r20220419&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=950x280&nras=1&correlator=1789634493417&frm=20&pv=1&ga_vid=450699855.1650567139&ga_sid=1650567139&ga_hid=1449046529&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067067%2C31061828&oid=2&pvsid=4348535962623703&pem=575&tmod=11204558&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=79
Frame ID: 3B66DCA6A5979062AFCA5F40B21F20D7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12776505942335662031/970x250/verti_970x250.html
Frame ID: 71A995024C77F91A242BB8BCD07AC37F
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CjAIw46dhYoWVGYzy6gTFq4rYAqTj58xp2qHC2PMPloLNhYgWEAEgnO7YLGCV4pCCoAegAZHv4v8CyAEJqQLvAms80jKyPqgDAcgDSKoE1wFP0Nshovss7kxETuK-8WxzquLDTtT7iI0_G0lyYdkDjRb6XS1ZMA0SAr9GMskhgM7G2R5_1Ko2YmNEZSHMDOKBdmgB3EyiIZA7b4cUEEpZPNEHWfGp8K3cUpjW-9-IHi-twqso3qadrIvTSou5WwsLXmwG5L7uFyBPBdMJuxkIQ6m0o9z4dZ8j7BhDnfW8jali-SSJdhd76_BaeG0UocH8Lavw6OgU8XXJ8faX2p3PLKs8W8_7AXhte_EScsnQs-0BubGOYXd_gk0fTIZK3gw4q5awZ2BZvcAExYq8-fIDkgUECAQYAZIFBAgFGASgBi6AB9eQnYABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQirUO0ggJCIDhgHAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTI1MjU2NTEwNTgxNDQwMDQYAA&sigh=Es7aeLByCGc&uach_m=[UACH]&template_id=419
Frame ID: D0288AA57191898292C61C96CFADBD77
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F5FC7F8D5647D57F2D8DAAEB3FD87959
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://happyeasterimages.org/ HTTP 301
https://happyeasterimages.org/ Page URL
https://brend.specialadves.com/location.php?spec=8579&p=2285&get=0042 HTTP 302
https://brend.specialadves.com/away.php?id=3475&sid=2242&pid=0043 Page URL
https://xxxconent.biz/go/grsdozbyme5doojwgy?subid1=special&subid2=train Page URL
https://0.xxxconent.biz/index.php?p=grsdozbyme5doojwgy&subid1=special&subid2=train Page URL
https://brend.specialadves.com/small.php?id=12&sid=7457&pid=6634 HTTP 302
https://brend.specialadves.com/big.php?id=552&sid=4579&pid=1153 Page URL
https://clarifyspotify.online/?p=me3tqn3emq5gi3bpgy4tmmy&sub1=clarkeone&sub2=drumst Page URL
https://0.clarifyspotify.online/?p=me3tqn3emq5gi3bpgy4tmmy&sub1=clarkeone&sub2=drumst Page URL
https://0.clarifyspotify.online/?auf=gjqteytcme5diojygyxtmojwgmxtemrpge3dkmbvgy3tcnbs&s=1&sub1=clarkeone&sub... HTTP 302
https://seventrk.com/c.php?k=lanhm73ap1a5k8rht760&price=0.00552&feed=feed14986&hash=bf7e9aaf&crea... HTTP 302
https://clickprocess.click/nlp/index.php?duplication=1&url_bnm_redirect=https://google.com Page URL
https://clickprocess.click/nlp/index.php?url_bnm_redirect=https%3A%2F%2Fgoogle.com Page URL
https://google.com/ HTTP 301
https://www.google.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

91
Requests

89 %
HTTPS

67 %
IPv6

20
Domains

31
Subdomains

24
IPs

5
Countries

1055 kB
Transfer

2785 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://happyeasterimages.org/ HTTP 301
https://happyeasterimages.org/ Page URL
https://brend.specialadves.com/location.php?spec=8579&p=2285&get=0042 HTTP 302
https://brend.specialadves.com/away.php?id=3475&sid=2242&pid=0043 Page URL
https://xxxconent.biz/go/grsdozbyme5doojwgy?subid1=special&subid2=train Page URL
https://0.xxxconent.biz/index.php?p=grsdozbyme5doojwgy&subid1=special&subid2=train Page URL
https://brend.specialadves.com/small.php?id=12&sid=7457&pid=6634 HTTP 302
https://brend.specialadves.com/big.php?id=552&sid=4579&pid=1153 Page URL
https://clarifyspotify.online/?p=me3tqn3emq5gi3bpgy4tmmy&sub1=clarkeone&sub2=drumst Page URL
https://0.clarifyspotify.online/?p=me3tqn3emq5gi3bpgy4tmmy&sub1=clarkeone&sub2=drumst Page URL
https://0.clarifyspotify.online/?auf=gjqteytcme5diojygyxtmojwgmxtemrpge3dkmbvgy3tcnbs&s=1&sub1=clarkeone&sub2=drumst&sub3=&sub4=&cpc=0&cpm=0 HTTP 302
https://seventrk.com/c.php?k=lanhm73ap1a5k8rht760&price=0.00552&feed=feed14986&hash=bf7e9aaf&creative=0&platform=Windows&browser=Chrome&subday=0 HTTP 302
https://clickprocess.click/nlp/index.php?duplication=1&url_bnm_redirect=https://google.com Page URL
https://clickprocess.click/nlp/index.php?url_bnm_redirect=https%3A%2F%2Fgoogle.com Page URL
https://google.com/ HTTP 301
https://www.google.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://happyeasterimages.org/ HTTP 301
https://happyeasterimages.org/

Request Chain 62

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 68

https://brend.specialadves.com/location.php?spec=8579&p=2285&get=0042 HTTP 302
https://brend.specialadves.com/away.php?id=3475&sid=2242&pid=0043

Request Chain 80

https://brend.specialadves.com/small.php?id=12&sid=7457&pid=6634 HTTP 302
https://brend.specialadves.com/big.php?id=552&sid=4579&pid=1153

Request Chain 86

https://0.clarifyspotify.online/?auf=gjqteytcme5diojygyxtmojwgmxtemrpge3dkmbvgy3tcnbs&s=1&sub1=clarkeone&sub2=drumst&sub3=&sub4=&cpc=0&cpm=0 HTTP 302
https://seventrk.com/c.php?k=lanhm73ap1a5k8rht760&price=0.00552&feed=feed14986&hash=bf7e9aaf&creative=0&platform=Windows&browser=Chrome&subday=0 HTTP 302
https://clickprocess.click/nlp/index.php?duplication=1&url_bnm_redirect=https://google.com

91 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
happyeasterimages.org/
Redirect Chain

http://happyeasterimages.org/
https://happyeasterimages.org/

44 KB
10 KB

206ms
154ms

Document
text/html

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://happyeasterimages.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be5b5a6e45b62084e1286b6917e1a853f918e7df07f9b75013bce4c4efa1e61

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6ff850e60f665f9b-MRS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 21 Apr 2022 18:52:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Thu, 21 Apr 2022 17:44:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4x%2F84lzWSmFksHOcBrYFlrY0Mj81cy9ejGn3DVL2SL9eNwkgLImk9xB46AeTKB6p%2BIgad09ih7bzJtjfBQhohByejG2DlWNgsdrIxG82y4qi215JXAO75SBgXsfvHXn%2BcywOF4EYy7hKyu3JkTynh0qtW3Q%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding

Redirect headers

CF-RAY: 6ff850e57e1941c5-MRS
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 21 Apr 2022 18:52:18 GMT
Expires: Thu, 21 Apr 2022 19:52:18 GMT
Location: https://happyeasterimages.org/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lY2N8b8eHBHpb4diduNIDVVLMK%2Felb%2BfqyilVjWDdZdo9Sq4DaNwHiwJnWIiEdiAdDx%2F6oHtVqBmnMF2InHfEBm9nuvowqUxDzWydggW0RjGn8UXpgaSW4O44EJ2h3wIHAabgnxxV1XUmHlHmC1nLMT9CxA%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK news.js Show response
print.legendarytable.com/ 251 B
408 B 794ms
176ms Script
text/plain 111.90.143.157
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://print.legendarytable.com/news.js?v=6.3.2
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 111.90.143.157 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx /
Resource Hash: a95f94ea3ba957f9222676793ece3a58507723fea6d802718f2d65465f3fa1e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 22 Apr 2022 02:52:20 GMT
Server: nginx
Connection: keep-alive
Content-Length: 251
Content-Type: text/plain; charset=utf-8

GET
H2 200 style.min.css
happyeasterimages.org/wp-includes/css/dist/block-library/ 81 KB
12 KB 150ms
146ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://happyeasterimages.org/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Apr 2022 03:10:54 GMT
server: cloudflare
etag: W/"145db-5dbf3b5a540a9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K0zyirfdHyxaAy6BZAyU7sMKhJaN6DLfyaXfnUvBXVRWZdKFacwlWT%2F7fRhSz8hfiPR8kvZRcXWtwjMwCEVrb0dEZpYv38lggC6LXkubDKfsCoMKwsoDKnqNnD6lm8wAy4bFjvB%2F0%2BkPgL2A3wroqEKzpsk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6ff850e719b85f9b-MRS
expires: Fri, 21 Apr 2023 07:23:25 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
happyeasterimages.org/wp-includes/js/mediaelement/ 11 KB
3 KB 139ms
135ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://happyeasterimages.org/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Apr 2022 12:57:16 GMT
server: cloudflare
etag: W/"2bf8-5db975171c3c2-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8LR1gbqxwA80NkrfOUIe40qO%2BpTfre%2FwLaYPTTRYjwCYNyQ%2FQ7WTHgcwZFPL03KJPPRVLzlZ7ZqeoDAZeck%2BkVjOLc%2FEumNBxo3R5k%2BbQf%2FWhjCmWgWp6dAE3U3GOQLGwR8mBz0t1P6EscmCesVVYKfXJYc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6ff850e719be5f9b-MRS
expires: Thu, 20 Apr 2023 17:54:11 GMT

GET
H2 200 wp-mediaelement.min.css
happyeasterimages.org/wp-includes/js/mediaelement/ 4 KB
1 KB 161ms
157ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://happyeasterimages.org/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.9.3
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Dec 2019 06:50:33 GMT
server: cloudflare
etag: W/"105a-599cca0c95f86-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8EsO1UzWR032vIxgerU%2BjxoJeIhhxUTQ0JqHJapx6S3an%2B46gDXJ5ieEJqwJ8iaozo4FCtwhAi2RDET7zk2bqmcV%2FLckLvjfJDAElq8BUzB85oZfmJnJVPJA99OM%2FLAwfhUgB7JtoVWT3ZKjx8huskwPaM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6ff850e719c15f9b-MRS
expires: Thu, 20 Apr 2023 17:54:11 GMT

GET
H2 200 styles.css
happyeasterimages.org/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1 KB 151ms
147ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://happyeasterimages.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb12708d973e6b9354f367a6780e5a166b0da7d2721d856da7f9d57130883eaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2731
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Apr 2022 12:57:53 GMT
server: cloudflare
etag: W/"aab-5db9753a83bea-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9L2m3zWjMrkjfXs70QDSz7mza25O52lQSbI51JZPrdZZRjf8Z2cjhKhWw2XppZhpsYBdkVt1y3fM1b1Hayqpms6BLDt7Ee5zZ1yxBpw4Rnu0FGSTwsomuYfHUuJoPIh6H0c5NMG618HDSFwGtynPLRSTS4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6ff850e719c55f9b-MRS
expires: Thu, 20 Apr 2023 17:54:11 GMT

GET
H2 200 mu-style.css
happyeasterimages.org/wp-content/plugins/sharethis-share-buttons/css/ 0
378 B 144ms
141ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://happyeasterimages.org/wp-content/plugins/sharethis-share-buttons/css/mu-style.css?ver=1648817798
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=26
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Apr 2022 12:56:38 GMT
server: cloudflare
etag: W/"1a-5db974f2dbed7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtceAE35Anbgj2ZoEAmIzdUXE%2BHdNT9NJ3uuYSx05Ssvgcu74EgCMu7cMMflXqygKLOCrvmEM5hiZ9ee%2B0hMZGlQO4Qv1aiyqB0ieH7xuHer2F3Z2cIcUg%2FXJvON8JwmQhAn5q0pEGwSMbf60FRaArw590M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6ff850e719c65f9b-MRS
expires: Thu, 20 Apr 2023 18:34:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 44ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=5.9.3

Requested by

Host: happyeasterimages.org
URL: https://happyeasterimages.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ee7d120bfb658a74e2eed5639288c54e6ee416d53aefc612224d731ddb8c09b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:44:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 21 Apr 2022 18:52:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Apr 2022 18:52:18 GMT

GET
H2 200 genericons.css
happyeasterimages.org/wp-content/plugins/jetpack/_inc/genericons/genericons/ 26 KB
16 KB 137ms
134ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://happyeasterimages.org/wp-content/plugins/jetpack/_inc/genericons/genericons/genericons.css?ver=3.1
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44e77b4ab0368538b8c5a3fbcb36c31bc07d2798a8bc2fceeea6feaf8cbec859

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=28266
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 09 Apr 2022 09:15:25 GMT
server: cloudflare
etag: W/"6e6a-5dc3526c8d037-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCz0t2ngMXNgfQ1hjiHlHickcRpHIAf4YcqdMb73tFuybd41klmPUJkbKAXwg4qIMMoA7C%2BHLT%2F2JipnksWJej2MQWrV5r%2BtYJxhvRtOuKZu1uiqz1gEwWkAeo9x6WA7ErxFw51PcTwXEGfKUCfmmkxeczo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6ff850e719c85f9b-MRS
expires: Fri, 21 Apr 2023 07:23:25 GMT

GET
H2 200 style.css
happyeasterimages.org/wp-content/themes/frontier/ 18 KB
5 KB 162ms
159ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://happyeasterimages.org/wp-content/themes/frontier/style.css?ver=1.3.3
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8786285ff4c33a400812f8e9892d5137a1d2844fd3a3bd6a3b2c94f2f5c40a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=26075
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 07 Feb 2019 12:19:17 GMT
server: cloudflare
etag: W/"65db-5814cd9ea737f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2B%2BXfKPXKGbCyGhXByr6i4zAKbrEOre%2FNGOMyR2nAPEsza%2F3fkj7z9NRGkGyk5bEXq%2BgXrIyHbq%2B55kt%2FcQ%2Fv%2FNi9kckJB%2BuScXP%2F9dAGUMyA4s5x4Bkizx6AebzIZqv2M3aXd3Zh6PEoHwv18sGngmACQ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6ff850e719cb5f9b-MRS
expires: Fri, 21 Apr 2023 08:55:03 GMT

GET
H2 200 responsive.css
happyeasterimages.org/wp-content/themes/frontier/ 3 KB
1 KB 135ms
132ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://happyeasterimages.org/wp-content/themes/frontier/responsive.css?ver=1.3.3
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98da34ae2dff3024e0f005cb4fcd863ad9ca72101d627b88881abdc4b8dfe848

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3388
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 07 Feb 2019 12:19:17 GMT
server: cloudflare
etag: W/"d3c-5814cd9ea92bf-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZhcT6fyLrbCYg%2BJZ9JFdZdM30Dbix%2FxKnexOxCr6Wf776pyQ3Qa%2F7%2Fm0Y2Mqiq%2BeZcsj8FNB7lln4cimT%2BIqwYjmr7%2BefazjbGZ1XFlz7BbScmg6iWcjqY%2B1b90vur1ayPl8AA%2Fq7ItZYizUiwilDIyYDsM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6ff850e719ce5f9b-MRS
expires: Thu, 20 Apr 2023 17:54:11 GMT

GET
H2 200 jetpack.css
happyeasterimages.org/wp-content/plugins/jetpack/css/ 86 KB
17 KB 151ms
148ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://happyeasterimages.org/wp-content/plugins/jetpack/css/jetpack.css?ver=10.8
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 482168bb347537d7b4cd160c07385a0007462c042ccf8ec0fb6db6c57acd76fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=88148
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 09 Apr 2022 09:15:25 GMT
server: cloudflare
etag: W/"15854-5dc3526c8ef77-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GTOnYzZmFnmf9pZ3bJolrWdAoPNyhEyanpTSLBxl3hi57SexB9oG02iAtsWZBVYeAw4LF%2FpQTCTk1bNGA9Vuzw0Qy9%2FxmHesTSsBKeWithtucD8L3HN1DFv8bo5EjvAAu1bLC%2B8PKa4Tstjoz%2FkkGhFUMw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6ff850e719d05f9b-MRS
expires: Thu, 20 Apr 2023 17:54:12 GMT

GET
H2 200 jquery.min.js Show response
happyeasterimages.org/wp-includes/js/jquery/ 87 KB
32 KB 172ms
169ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://happyeasterimages.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Apr 2022 12:57:16 GMT
server: cloudflare
etag: W/"15db1-5db9751720242-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsEi9Dj4xlp9%2B4Y9LN%2FSaECtG46i287qls6QKdXSfCoieI6VRDcxk6uYhRxzSoJqwBbDFJ8uqIXBbUP%2F3DTU4LYMO4NOCFw4SJ1J9xFyv0XHLYYGhTSKYxYS1yumLLTX9Bfhc%2BX04%2FKaW72%2BlxkGD4BcIjM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 6ff850e719d15f9b-MRS
expires: Fri, 21 Apr 2023 08:55:03 GMT

GET
H2 200 jquery-migrate.min.js Show response
happyeasterimages.org/wp-includes/js/jquery/ 11 KB
5 KB 158ms
156ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://happyeasterimages.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Apr 2022 12:57:16 GMT
server: cloudflare
etag: W/"2bd8-5db9751720242-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8Ps99Y2%2BmpAzWeDtbO%2FabfUxNmQhfLv1PiLpVNXjcLotOgVMCELE4oA21jG5iPLPD3iIrDimDJrhUC3S2NgtWZDp4j1NM5pWJQElacvJUvMlLV0I6LJW4nBBAnNQTXmL%2FDGtubj0cp9Zi%2BaDg63rCMTNzg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 6ff850e74a0a5f9b-MRS
expires: Fri, 21 Apr 2023 07:23:25 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 184 KB
41 KB 48ms
8ms Script
text/javascript 143.204.98.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js?ver=1.5.7

Requested by

Host: happyeasterimages.org
URL: https://happyeasterimages.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-74.fra50.r.cloudfront.net

Software

Resource Hash

414363cb8150c2f60382da1d5a33f260caad65a54d6933e6b28534763d388db8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:43:52 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 518
etag: W/"2e0e3-tEY0wJEY/wwExgi0NrFi684gQTw"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: FRA50-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: LP_PSHyFyu31DWoEcVoZzI-YWSRDYgafyYHYF1itgy-Ohtuat-SJNg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 43ms
21ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-116656574-1

Requested by

Host: happyeasterimages.org
URL: https://happyeasterimages.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a2aafaf9c6300faaee8b48cb22a1add47b4ffc42fdfffbdaaa1e8bf0975ba421

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38747
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Apr 2022 18:52:18 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
54 KB 74ms
30ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: happyeasterimages.org
URL: https://happyeasterimages.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf8c1dd6a0907d70aebc7d9b3ae0fd8476e9792ad4fbe2949f329656a026fbf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54293
x-xss-protection: 0
server: cafe
etag: 9150904131119706941
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 18:52:18 GMT

GET
H2 200 regenerator-runtime.min.js Show response
happyeasterimages.org/wp-includes/js/dist/vendor/ 6 KB
3 KB 180ms
178ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://happyeasterimages.org/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Apr 2022 12:57:16 GMT
server: cloudflare
etag: W/"195e-5db9751759c23-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfR%2FpYpNElffYAdY8qCkjE3F7syAib%2F7tHvd6ov1Y6HuciA6Igqki2R4IStYwxYf8eW6X%2FU6v1oUbuyU71HzUqa1gG73tSNBombvQIzUTZCjXdYPmc2%2B00hcgd2gnq5zDorjeSpzrta4Jq6DRZuHX00ODsI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 6ff850e74a0b5f9b-MRS
expires: Sun, 09 Apr 2023 21:13:55 GMT

GET
H2 200 wp-polyfill.min.js Show response
happyeasterimages.org/wp-includes/js/dist/vendor/ 19 KB
7 KB 158ms
156ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://happyeasterimages.org/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Apr 2022 12:57:16 GMT
server: cloudflare
etag: W/"4b3d-5db9751759c23-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cM1Ae3q5laJWKVe5db6UvePVaSYcXikvCIcVnmKZWv8ULqnlMkY%2Fac1hzNfimLDNKb%2F5yYh5FzFxzOXUs0GcqQhn3Tx70rmjKoI1d3yYlPla0VK%2F7JsJ7pOYAc2REyemcXwCY4uspu39Z6aoE2mkJOe6%2Bd8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 6ff850e74a0d5f9b-MRS
expires: Sun, 09 Apr 2023 21:13:55 GMT

GET
H2 200 index.js Show response
happyeasterimages.org/wp-content/plugins/contact-form-7/includes/js/ 9 KB
4 KB 164ms
162ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://happyeasterimages.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Apr 2022 12:57:53 GMT
server: cloudflare
etag: W/"25f8-5db9753a82c4a-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7oX2rV4uuFkoH0F08KpTFtKsmNP%2BSVTxR%2FqSbGuRkL%2Bd%2FNBuhI5zcxCNeT3nRoaAHu5UTl7ZPjRatqrxQxvOzqc5FKSr0QP9c%2FW6h%2BKrb2kVc%2F2moMPHw8AlkgWvZnDKiDqsTp9mgHE7XcYcYY1e9BXqKXc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 6ff850e74a105f9b-MRS
expires: Sun, 09 Apr 2023 21:13:55 GMT

GET
H2 200 intersection-observer.js Show response
happyeasterimages.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 9 KB
3 KB 159ms
157ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://happyeasterimages.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=d9298cd9df65ad92eff12a3a90a1a5b8
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 09 Apr 2022 09:15:25 GMT
server: cloudflare
etag: W/"2317-5dc3526c3fdd6-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkO8RZmAq8YMqHNhdXBj%2B%2FOl341hmtBac7vCSFnlpD82G0Xpow7jXBVCBU%2FDoTJT2vxRMVTB%2FAYPjvxfx5xPmVn4zvqaq1ntH0z0OpqaieKyy4FnKqwOIT0u0B3yFgKHVxTGQEh%2FQoJ39DW0q37A88YnA9g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 6ff850e74a115f9b-MRS
expires: Fri, 21 Apr 2023 07:34:32 GMT

GET
H2 200 lazy-images.js Show response
happyeasterimages.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 2 KB
1 KB 159ms
158ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://happyeasterimages.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=a902a338e584591be6603d4879c43367
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a4e9b3f33edb851ba930430bdbf317a3b95e0974763617d68ec0b555a3bb8fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 09 Apr 2022 09:15:25 GMT
server: cloudflare
etag: W/"925-5dc3526c3fdd6-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p129f%2BfYQ18WQRK9oahoV1TRsIvDkV423dN8cQQRfDwOxf4%2F%2FoUac7rfsMgBcQVo3EgY0ruj0MAq%2BQ3jXxj3zyV6zI1UESnqyhYQtHTeyf%2BxKfD22E5nQrnoxK8ZL%2BJXNzf7cRumt354xj%2Fn99f3FUUA2Xg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 6ff850e74a125f9b-MRS
expires: Sun, 09 Apr 2023 21:13:55 GMT

GET
H2 200 smush-lazy-load.min.js Show response
happyeasterimages.org/wp-content/plugins/wp-smushit/app/assets/js/ 8 KB
4 KB 163ms
161ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://happyeasterimages.org/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.9.5
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Apr 2022 12:56:39 GMT
server: cloudflare
etag: W/"1ef2-5db974f38bb5a-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6%2Bj%2BIL8gpPKJ4UKbyTKoaxgQ87jkAMhuGnGaY8IoTNJY5h%2FSqZM6OwpHo8y9acmsUJFeL%2Baq%2F3iywJaEfP6NznTUBhologE0SWCF%2FfK18Hj7%2FoumpYvZ%2ByiGfKHMkBQqbVTcoTXOnw4mbePRFdBxQ3b0Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 6ff850e74a135f9b-MRS
expires: Sun, 09 Apr 2023 21:13:55 GMT

GET
H2 200 e-202216.js Show response
stats.wp.com/ 9 KB
3 KB 21ms
6ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202216.js
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-nc: HIT hhn
date: Thu, 21 Apr 2022 18:52:18 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 09 Apr 2023 23:15:21 GMT

GET
H/1.1 200
OK YWktkM
local.specialadves.com/ 621 B
1 KB 1321ms
703ms Script
text/plain 111.90.143.157
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://local.specialadves.com/YWktkM
Requested by: Host: print.legendarytable.com
URL: https://print.legendarytable.com/news.js?v=6.3.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 111.90.143.157 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Apr 2022 02:52:22 GMT
Last-Modified: Thu, 21 Apr 2022 18:52:20 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Content-Length: 621
Expires: 0

GET
H3 200 wp-emoji-release.min.js Show response
happyeasterimages.org/wp-includes/js/ 432 B
913 B 135ms
135ms Script
application/x-javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://happyeasterimages.org/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d48436f99b8351b5bbe106de141701a70ae9ae6b699afee4b2b584aa3993221

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Apr 2022 19:03:43 GMT
server: cloudflare
etag: W/"1b0-5dc0105265dfd-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ia1KtME%2B1UKSD99XRPUljJyzRmaLnl3tELoNbX53nSHh6ASlV2CSK4klXpZfTrgxCpJDnZ%2Fxw%2FfNFNMdYmthgGBzKLjZaNlNPfdv035WzerKl%2BRBE2D3My%2F%2BRKefRGiXWld8T8p3MLswUkOiovLSNZqKuMY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 6ff850ec2cc7733f-MRS
expires: Thu, 20 Apr 2023 17:39:48 GMT

GET
H2 200 5cbc0e209eaba6001253ffd1.js Show response
buttons-config.sharethis.com/js/ 677 B
1 KB 427ms
396ms Script
text/javascript 2600:9000:20eb:b200:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/5cbc0e209eaba6001253ffd1.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=1.5.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:b200:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

de83a714df7e94eec77286f67f037de6cf698d6688ace46a0687cc1b05ec8794

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 21 Apr 2022 18:52:20 GMT
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified: Sun, 21 Apr 2019 06:32:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "00717df964f9318e4c62ca3ffdc68cb5"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: max-age=60,public
accept-ranges: bytes
content-length: 677
x-amz-cf-id: 0SK7yCxduVW1yO0b66Q__ODpexSWpw8quq6wLbe6o8UEreFx9lidbQ==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
408 B 52ms
8ms XHR
text/plain 3.127.31.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=happyeasterimages.org&location=%2F&product=unknown&url=https%3A%2F%2Fhappyeasterimages.org%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Happy%20Easter%202020%20Images%2C%20Greetings%2C%20Quotes%2C%20Wishes%20-%20One%20Stop%20Solution%20For%20Happy%20Easter%20Images%202020%7C%20Easter%20Pictures%2C%20Easter%20Bunny%20Photos%2C%20Easter%20Egg%20Pictures%2C%20HD%20Wallpapers%20Free%20Download%20%7C%20Happy%20Easter%202020%20Images%20Pics%2C%20Happy%20Easter%20Quotes%2C%20Easter%20Wishes%2C%20Messages%2C%20Speeches%2C%20Greetings%2C%20Cards%2C%20Funny%20Easter%20Memes%2C%20Clipart%2C%20Coloring%20Pages%2C%20Good%20Friday%20Images%2C%20Passover%20Images%20For%20Friends%2C%20Family.&cms=unknown&publisher=5cbc0e209eaba6001253ffd1&sop=true&version=st_sop.js&lang=en&description=One%20Stop%20Solution%20For%20Happy%20Easter%20Images%202020%7C%20Easter%20Pictures%2C%20Easter%20Bunny%20Photos%2C%20Easter%20Egg%20Pictures%2C%20HD%20Wallpapers%20Free%20Download%20%7C%20Happy%20Easter%202020%20Images%20Pics%2C%20Happy%20Easter%20Quotes%2C%20Easter%20Wishes%2C%20Messages%2C%20Speeches%2C%20Greetings%2C%20Cards%2C%20Funny%20Easter%20Memes%2C%20Clipart%2C%20Coloring%20Pages%2C%20Good%20Friday%20Images%2C%20Passover%20Images%20For%20Friends%2C%20Family.

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js?ver=1.5.7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.127.31.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-127-31-227.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 21 Apr 2022 18:52:19 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin: https://happyeasterimages.org
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H3 200 honeycomb.png
happyeasterimages.org/wp-content/themes/frontier/images/ 265 B
898 B 132ms
131ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://happyeasterimages.org/wp-content/themes/frontier/images/honeycomb.png
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ff46b82c72bcf5b303048058fff29bbc9a760a0fd65c75682b45c43ddfab637

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 265
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 07 Feb 2019 12:19:17 GMT
server: cloudflare
etag: "109-5814cd9ea737f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CROd7i21rOkXwSjg%2FFhBVxxzFGYES1hmKu4yuYFfgxGPHi2er65FD94JzQp75bX7wZrTk8D6o%2Bip3gw4wuTkWc4ZOWGYPIKKiPTFFsxstw4SIhkxXky7PWVm%2FAfX0r8s5L4IUGBHcCjbV97FxNR4FEiX79s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6ff850ec5d23733f-MRS
expires: Thu, 20 Apr 2023 17:39:48 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
16 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=5.9.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://happyeasterimages.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:20:19 GMT
x-content-type-options: nosniff
age: 160320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 22:20:19 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/ 303 KB
108 KB 46ms
31ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2525651058144004&plah=happyeasterimages.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f5cb2b34a4ed70d592e0bed755169c223121aff40b3a3d0a0c4d991831d5cd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110910
x-xss-protection: 0
server: cafe
etag: 2652897997708375538
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Apr 2022 18:52:19 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220419/r20190131/ Frame 3440 10 KB
5 KB 59ms
14ms Document
text/html 2a00:1450:4014:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220419/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80b::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://happyeasterimages.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59012
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 02:28:47 GMT
etag: 14837630671339829333
expires: Thu, 05 May 2022 02:28:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-116656574-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4649
date: Thu, 21 Apr 2022 17:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 21 Apr 2022 19:34:50 GMT

GET
H3 200 P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v26/ 18 KB
18 KB 22ms
8ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v26/P5sMzZCDf9_T_10ZxCE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=5.9.3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad69e547e43620390c7d7e192a4d00959602042fecd2be1e131a0a9b3398a36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://happyeasterimages.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 23:21:16 GMT
x-content-type-options: nosniff
age: 156663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18364
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:07:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 23:21:16 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin: https://happyeasterimages.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 8ms
7ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.8&blog=142527722&post=0&tz=0&srv=happyeasterimages.org&host=happyeasterimages.org&ref=&fcp=1405&rand=0.7692800409746998
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 21 Apr 2022 18:52:19 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H3 200 Happy-Easter-Images-150x150.jpg
happyeasterimages.org/wp-content/uploads/2018/01/ 7 KB
8 KB 179ms
178ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://happyeasterimages.org/wp-content/uploads/2018/01/Happy-Easter-Images-150x150.jpg
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b3c1bef127b6d64d86fc574ab32bdb7cb7cdae515156650fa8bb41852445d8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7377
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Mar 2018 18:06:32 GMT
server: cloudflare
etag: "1cd1-56854a2441418"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUm2vUpePYMYE24ylenAL%2FfWo6kXTgbAr11oRjJy%2FHBxFLrHxI9l%2Fxp0Jeh%2FLgxmrv5P%2BtMckeXVBFctIab2dTXWynNACkQ%2FRoylAFd3Vqw7QOpxGgDeJGVkm%2FVf7V5F23ueIk8aBjJ6rYykc%2FGDp3dVob8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6ff850ecce9a733f-MRS
expires: Fri, 21 Apr 2023 18:52:19 GMT

GET
H3 200 Happy-Easter-Pictures-150x150.jpg
happyeasterimages.org/wp-content/uploads/2019/04/ 8 KB
9 KB 154ms
154ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://happyeasterimages.org/wp-content/uploads/2019/04/Happy-Easter-Pictures-150x150.jpg
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4848f9fdb06b078e2bd334c655d269d3c389a6beb479f7c5b22b53775382670

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8216
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Apr 2019 04:34:08 GMT
server: cloudflare
etag: "2018-58702dcda50df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMkK%2Bs88NoC1ayYi7Cjs8V6VaJIwSO00LyMNxeFTVyaiFUrLujsmzORZY%2BMSXOakw7NV6Ovvl5%2FtaNh%2FG%2FEck%2BFFTfBePe4uaJ6KO7AydYE1uVrRU%2BShGioJ1WkPBgpNQ94qxvkK%2BrNQjnm4IWEtzb%2Fk9to%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6ff850ecce9f733f-MRS
expires: Fri, 21 Apr 2023 18:52:19 GMT

GET
H3 200 Happy-Easter-Quotes-150x150.jpg
happyeasterimages.org/wp-content/uploads/2018/01/ 7 KB
8 KB 177ms
177ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://happyeasterimages.org/wp-content/uploads/2018/01/Happy-Easter-Quotes-150x150.jpg
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6797e2527a1b283b9b6296e049d7d715aa4614829f3f266ee2082aaa3d2b4d3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7557
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Mar 2018 18:06:29 GMT
server: cloudflare
etag: "1d85-56854a216c9f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cvCdfaktt%2B79MQ7HVw%2B0xjWTLg9E%2BZoCGZlg6Ny9mLCY6qHqf0aP5mpM%2FjCWFcfaLLyBgytbLHistJ5OfPRGAlTt%2BTXJPOQUYvauG6XwGKk50%2Bnu%2FX%2BceHsIFhHiNp6AONGTxVYmHMOOKwlYzOqtOlgvjs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6ff850eccea2733f-MRS
expires: Fri, 21 Apr 2023 18:52:19 GMT

GET
H3 200 Happy-Easter-Greetings-150x150.jpg
happyeasterimages.org/wp-content/uploads/2019/03/ 6 KB
7 KB 177ms
177ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://happyeasterimages.org/wp-content/uploads/2019/03/Happy-Easter-Greetings-150x150.jpg
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3470b7028fd66e400091fdc06d6a5f64f5400431a9e909b853f1dca91c77b39a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6244
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Mar 2019 06:17:55 GMT
server: cloudflare
etag: "1864-5852183d2e000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUPlMfZ6K7sX0CbbDkYYsEL3%2FVNGP%2BDjmhNcZCUWpH37WyVYNVuX0O%2BIFyYI9AESZv28cE3qP86jmS5BKJoSMTMecWYnshKVjEzkwVv88v%2BnPOnORv2TACsiTyFelkQbLv6oJrhtGFgkF23R0yv%2Fj3Zmozs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6ff850eccea9733f-MRS
expires: Fri, 21 Apr 2023 18:52:19 GMT

GET
H3 200 Happy-Easter-Wishes-150x150.jpg
happyeasterimages.org/wp-content/uploads/2018/01/ 9 KB
10 KB 176ms
175ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://happyeasterimages.org/wp-content/uploads/2018/01/Happy-Easter-Wishes-150x150.jpg
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a301bc8526518fce7e08290eb403a5b18ae240631e89318508de62905dd0046e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9687
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Mar 2018 18:06:30 GMT
server: cloudflare
etag: "25d7-56854a22967c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbGROVLknXIj5W7Sgo4WIsEcBn623tewKUPlyhyP3jYLFJzQr1J3bT6Si4WMtYRV3ikBS%2B6AOGNZFKpvXvqSGHXLS9N%2FDOiAtJcYW83zf7kvdh8rAM%2B6mWY0UOIhemZFdxmVroPxF72Uy6yg3U%2FgVVWVjBM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6ff850ecceab733f-MRS
expires: Fri, 21 Apr 2023 18:52:19 GMT

GET
H3 200 Happy-Easter-Meme-150x150.jpg
happyeasterimages.org/wp-content/uploads/2019/03/ 6 KB
7 KB 154ms
154ms Image
image/jpeg 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://happyeasterimages.org/wp-content/uploads/2019/03/Happy-Easter-Meme-150x150.jpg
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08a110eff579f48f7dac8b69ca7f3a5daaa9ee67c43a89ff6b410834c1d10945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:19 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6025
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 30 Mar 2019 11:24:49 GMT
server: cloudflare
etag: "1789-5854e090ca459"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ySVmboS0iyN0EmqaRrvCKSblYNZbZ6BVBtLmCIk5aVv2137fmQDbyq8fEY%2F4SJPPXimZwsWtVl0nzNGHW%2F7jAc0BI%2FaLAEClf7bEBp%2BZuRCdgwXfy5mmrcQMeBwnWHal%2BJJCp2%2BsjXlBkUDjIFMo25qk2dc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6ff850eccead733f-MRS
expires: Fri, 21 Apr 2023 18:52:19 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 29ms
14ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1449046529&t=pageview&_s=1&dl=https%3A%2F%2Fhappyeasterimages.org%2F&ul=en-us&de=UTF-8&dt=Happy%20Easter%202020%20Images%2C%20Greetings%2C%20Quotes%2C%20Wishes%20-%20One%20Stop%20Solution%20For%20Happy%20Easter%20Images%202020%7C%20Easter%20Pictures%2C%20Easter%20Bunny%20Photos%2C%20Easter%20Egg%20Pictures%2C%20HD%20Wallpapers%20Free%20Download%20%7C%20Happy%20Easter%202020%20Images%20Pics%2C%20Happy%20Easter%20Quotes%2C%20Easter%20Wishes%2C%20Messages%2C%20Speeches%2C%20Greetings%2C%20Cards%2C%20Funny%20Easter%20Memes%2C%20Clipart%2C%20Coloring%20Pages%2C%20Good%20Friday%20Images%2C%20Passover%20Images%20For%20Friends%2C%20Family.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1555721624&gjid=1493317287&cid=450699855.1650567139&tid=UA-116656574-1&_gid=1278363910.1650567139&_r=1&gtm=2ou4i1&z=264566371

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://happyeasterimages.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 18:52:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://happyeasterimages.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 225 B
654 B 94ms
27ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=happyeasterimages.org&callback=_gfp_s_&client=ca-pub-2525651058144004

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2525651058144004&plah=happyeasterimages.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a4185b317b7b51e6b2915c6819e0fa9963fdf675f7551b1050b112ebf4b265db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 210
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 88ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=happyeasterimages.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Apr 2022 18:52:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 59ms
17ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=happyeasterimages.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Apr 2022 18:52:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CB43 132 KB
42 KB 515ms
485ms Document
text/html 2a00:1450:4014:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2525651058144004&output=html&h=280&slotname=1290808203&adk=639361911&adf=3475174654&pi=t.ma~as.1290808203&w=950&fwrn=4&fwrnh=100&lmt=1650563073&rafmt=1&psa=0&format=950x280&url=https%3A%2F%2Fhappyeasterimages.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650567139255&bpp=3&bdt=867&idt=79&shv=r20220419&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&correlator=1789634493417&frm=20&pv=2&ga_vid=450699855.1650567139&ga_sid=1650567139&ga_hid=1449046529&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=41&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067067%2C31061828&oid=2&pvsid=4348535962623703&pem=575&tmod=11204558&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=svCcYBN9gV&p=https%3A//happyeasterimages.org&dtd=92

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed4bb46fc65dcc687e4ef62869ac6d2c213585f593138361edc00cdddd53c2ce

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12776505942335662031/970x250/verti_970x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12776505942335662031/970x250/verti_970x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMWSl-DppfcCFQy5mgodxZUCKw&gqi=46dhYtDOGPy7iQbj6onADw&layout=/sadbundle/%24csp%253Der3%24/12776505942335662031/970x250/verti_970x250.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://happyeasterimages.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 42719
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12776505942335662031/970x250/verti_970x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12776505942335662031/970x250/verti_970x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMWSl-DppfcCFQy5mgodxZUCKw&gqi=46dhYtDOGPy7iQbj6onADw&layout=/sadbundle/%24csp%253Der3%24/12776505942335662031/970x250/verti_970x250.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 18:52:19 GMT
expires: Thu, 21 Apr 2022 18:52:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3B66 0
19 B 102ms
102ms Document
text/html 2a00:1450:4014:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2525651058144004&output=html&adk=1812271804&adf=3025194257&lmt=1650563073&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhappyeasterimages.org%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650567139299&bpp=1&bdt=910&idt=73&shv=r20220419&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=950x280&nras=1&correlator=1789634493417&frm=20&pv=1&ga_vid=450699855.1650567139&ga_sid=1650567139&ga_hid=1449046529&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067067%2C31061828&oid=2&pvsid=4348535962623703&pem=575&tmod=11204558&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=79

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://happyeasterimages.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 18:52:19 GMT
expires: Thu, 21 Apr 2022 18:52:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK stable.js Show response
print.legendarytable.com/ 251 B
408 B 690ms
689ms Script
text/plain 111.90.143.157
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://print.legendarytable.com/stable.js?v=9.4.9
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 111.90.143.157 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx /
Resource Hash: a95f94ea3ba957f9222676793ece3a58507723fea6d802718f2d65465f3fa1e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://happyeasterimages.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 22 Apr 2022 02:52:21 GMT
Server: nginx
Connection: keep-alive
Content-Length: 251
Content-Type: text/plain; charset=utf-8

GET
H2 200 verti_970x250.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12776505942335662031/970x250/ Frame 71A9 3 KB
3 KB 34ms
11ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12776505942335662031/970x250/verti_970x250.html

Requested by

Host: happyeasterimages.org
URL: https://happyeasterimages.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a71d456fb662ac92acf4e257737fac893465afb4b87dd21b3a5e433b60cee3a3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 187925
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1511
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Apr 2022 14:40:14 GMT
expires: Wed, 19 Apr 2023 14:40:14 GMT
last-modified: Mon, 14 Mar 2022 09:52:43 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D028 0
0 57ms
56ms Fetch
text/html 2a00:1450:4014:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjAIw46dhYoWVGYzy6gTFq4rYAqTj58xp2qHC2PMPloLNhYgWEAEgnO7YLGCV4pCCoAegAZHv4v8CyAEJqQLvAms80jKyPqgDAcgDSKoE1wFP0Nshovss7kxETuK-8WxzquLDTtT7iI0_G0lyYdkDjRb6XS1ZMA0SAr9GMskhgM7G2R5_1Ko2YmNEZSHMDOKBdmgB3EyiIZA7b4cUEEpZPNEHWfGp8K3cUpjW-9-IHi-twqso3qadrIvTSou5WwsLXmwG5L7uFyBPBdMJuxkIQ6m0o9z4dZ8j7BhDnfW8jali-SSJdhd76_BaeG0UocH8Lavw6OgU8XXJ8faX2p3PLKs8W8_7AXhte_EScsnQs-0BubGOYXd_gk0fTIZK3gw4q5awZ2BZvcAExYq8-fIDkgUECAQYAZIFBAgFGASgBi6AB9eQnYABqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQirUO0ggJCIDhgHAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTI1MjU2NTEwNTgxNDQwMDQYAA&sigh=Es7aeLByCGc&uach_m=[UACH]&template_id=419

Requested by

Host: happyeasterimages.org
URL: https://happyeasterimages.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2525651058144004&output=html&h=280&slotname=1290808203&adk=639361911&adf=3475174654&pi=t.ma~as.1290808203&w=950&fwrn=4&fwrnh=100&lmt=1650563073&rafmt=1&psa=0&format=950x280&url=https%3A%2F%2Fhappyeasterimages.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650567139255&bpp=3&bdt=867&idt=79&shv=r20220419&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&correlator=1789634493417&frm=20&pv=2&ga_vid=450699855.1650567139&ga_sid=1650567139&ga_hid=1449046529&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=41&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067067%2C31061828&oid=2&pvsid=4348535962623703&pem=575&tmod=11204558&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=svCcYBN9gV&p=https%3A//happyeasterimages.org&dtd=92
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 21 Apr 2022 18:52:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Apr 2022 18:52:19 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220419/r20110914/ Frame D028 19 KB
8 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220419/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2525651058144004&output=html&h=280&slotname=1290808203&adk=639361911&adf=3475174654&pi=t.ma~as.1290808203&w=950&fwrn=4&fwrnh=100&lmt=1650563073&rafmt=1&psa=0&format=950x280&url=https%3A%2F%2Fhappyeasterimages.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650567139255&bpp=3&bdt=867&idt=79&shv=r20220419&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&correlator=1789634493417&frm=20&pv=2&ga_vid=450699855.1650567139&ga_sid=1650567139&ga_hid=1449046529&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=41&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067067%2C31061828&oid=2&pvsid=4348535962623703&pem=575&tmod=11204558&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=svCcYBN9gV&p=https%3A//happyeasterimages.org&dtd=92

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 May 2022 18:48:32 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/ Frame D028 3 KB
1 KB 30ms
9ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:51:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 May 2022 18:51:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D028 119 KB
37 KB 40ms
17ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Apr 2022 18:52:19 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/ Frame D028 15 KB
6 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220419/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2d5acc40b303c5c7b8d41a3472de6bea841871f10f3b219d0add5c0d673106b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:51:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6421
x-xss-protection: 0
server: cafe
etag: 15269590465493672714
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 May 2022 18:51:05 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F5FC 143 B
163 B 14ms
13ms Document
text/html 2a00:1450:4014:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2525651058144004&output=html&h=280&slotname=1290808203&adk=639361911&adf=3475174654&pi=t.ma~as.1290808203&w=950&fwrn=4&fwrnh=100&lmt=1650563073&rafmt=1&psa=0&format=950x280&url=https%3A%2F%2Fhappyeasterimages.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650567139255&bpp=3&bdt=867&idt=79&shv=r20220419&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&correlator=1789634493417&frm=20&pv=2&ga_vid=450699855.1650567139&ga_sid=1650567139&ga_hid=1449046529&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=325&ady=41&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067067%2C31061828&oid=2&pvsid=4348535962623703&pem=575&tmod=11204558&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=svCcYBN9gV&p=https%3A//happyeasterimages.org&dtd=92
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1701
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 21 Apr 2022 18:23:58 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 71A9 9 KB
3 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12776505942335662031/970x250/verti_970x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 09:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 22 Apr 2022 09:36:14 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 71A9 26 KB
10 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12776505942335662031/970x250/verti_970x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 16:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9520
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 22 Apr 2022 16:13:39 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 71A9 236 KB
63 KB 54ms
17ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12776505942335662031/970x250/verti_970x250.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Apr 2022 18:52:19 GMT

GET
H3 200 verti_970x250.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12776505942335662031/970x250/ Frame 71A9 151 KB
35 KB 25ms
9ms Script
application/x-javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12776505942335662031/970x250/verti_970x250.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12776505942335662031/970x250/verti_970x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf307fc76f1bba962ab2c529539aba4d150c6a0ed1b891686319414ff0e4b56

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 188549
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36165
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 09:52:43 GMT
server: sffe
date: Tue, 19 Apr 2022 14:29:50 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 19 Apr 2023 14:29:50 GMT

GET
DATA 200
OK truncated
/ Frame D028 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3bc0650fdb91b42f148795e8b4136fd0f837fdee11885215d577f80fb0aac1d3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F5FC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

84ms
83ms

Document
text/html

2a00:1450:4014:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 21 Apr 2022 18:52:20 GMT
expires: Thu, 21 Apr 2022 18:52:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 21 Apr 2022 18:52:20 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 verti_970x250_atlas_P_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12776505942335662031/970x250/images/ Frame 71A9 54 KB
54 KB 9ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12776505942335662031/970x250/images/verti_970x250_atlas_P_1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23b90f716ff021cae00458064511d771d64cfbdd6e6d4766ffb105054f5b2db6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 188549
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55082
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 09:52:43 GMT
server: sffe
date: Tue, 19 Apr 2022 14:29:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 19 Apr 2023 14:29:51 GMT

GET
H3 200 k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 71A9 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/k-Lxrj_3cR5KhrMTVpzAVOH1CgwXrUvkekFpn42ZeoQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93e2f1ae3ff7711e4a86b313569cc054e1f50a0c17ad4be47a41699f8d997a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:21:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13613
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Apr 2023 18:21:40 GMT

GET location.php
brend.specialadves.com/ 0
0

GET
H/1.1

200
OK

away.php
brend.specialadves.com/
Redirect Chain

https://brend.specialadves.com/location.php?spec=8579&p=2285&get=0042
https://brend.specialadves.com/away.php?id=3475&sid=2242&pid=0043

828 B
612 B

169ms
167ms

Document
text/html

111.90.143.157
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://brend.specialadves.com/away.php?id=3475&sid=2242&pid=0043
Requested by: Host: local.specialadves.com
URL: https://local.specialadves.com/YWktkM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 111.90.143.157 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx /
Resource Hash

Request headers

Referer: https://happyeasterimages.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 409
Content-Type: text/html; charset=UTF-8
Date: Fri, 22 Apr 2022 02:52:23 GMT
Server: nginx
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Fri, 22 Apr 2022 02:52:23 GMT
Location: https://brend.specialadves.com/away.php?id=3475&sid=2242&pid=0043
Server: nginx

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D028 42 B
64 B 59ms
43ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5VCBM4GmgC7LO8JXMW7oAlWsAZOLh1VKwH1J_aj8NG4b8o8ufFbhP4CZQBnUwpFKu8q3Kds4TG6BE1sGjUWzhjJsiLMrIwmlq2GISGWbDquNNTLG8Eg&sai=AMfl-YSkKgQCExTzQWKYwibe3FCAawE-NQKZEQO3gjWszzRYyXEFnKSOuSA9OkgWTYZorGhv9DPh2El0rGSi&sig=Cg0ArKJSzJmRdzSyFcJKEAE&id=lidar2&mcvt=1000&p=1,0,245.875,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=639361911&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650567139880&rpt=134&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Apr 2022 18:52:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame D028 0
0

GET grsdozbyme5doojwgy
xxxconent.biz/go/ 0
0

GET
H2 200 grsdozbyme5doojwgy
xxxconent.biz/go/ 50 KB
51 KB 93ms
36ms Document
text/html 167.71.64.21
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://xxxconent.biz/go/grsdozbyme5doojwgy?subid1=special&subid2=train

Requested by

Host: brend.specialadves.com
URL: https://brend.specialadves.com/away.php?id=3475&sid=2242&pid=0043

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.71.64.21 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://brend.specialadves.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-security-policy: img-src https: data:; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 21 Apr 2022 18:52:22 GMT
server: nginx
strict-transport-security: max-age=31536000

GET w725ac25a.js
xxxconent.biz/ Frame 0
0

GET
DATA 200
OK truncated
/ 24 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 index.php Show response
0.xxxconent.biz/ 28 KB
29 KB 62ms
35ms Document
text/html 167.71.64.21
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://0.xxxconent.biz/index.php?p=grsdozbyme5doojwgy&subid1=special&subid2=train

Requested by

Host: happyeasterimages.org
URL: https://happyeasterimages.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.71.64.21 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

52cd39a1b6479d0e18a11676203029c22ceeda73496071437da5fe945d9f344f

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://xxxconent.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-security-policy: img-src https: data:; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 21 Apr 2022 18:52:22 GMT
server: nginx
strict-transport-security: max-age=31536000

GET w725ac25a.js
0.xxxconent.biz/ Frame 0
0

GET
DATA 200
OK truncated
/ 15 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

big.php
brend.specialadves.com/
Redirect Chain

https://brend.specialadves.com/small.php?id=12&sid=7457&pid=6634
https://brend.specialadves.com/big.php?id=552&sid=4579&pid=1153

874 B
619 B

167ms
167ms

Document
text/html

111.90.143.157
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://brend.specialadves.com/big.php?id=552&sid=4579&pid=1153
Requested by: Host: happyeasterimages.org
URL: https://happyeasterimages.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 111.90.143.157 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS: server1.kamon.la
Software: nginx /
Resource Hash

Request headers

Referer: https://0.xxxconent.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 416
Content-Type: text/html; charset=UTF-8
Date: Fri, 22 Apr 2022 02:52:24 GMT
Server: nginx
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Fri, 22 Apr 2022 02:52:24 GMT
Location: https://brend.specialadves.com/big.php?id=552&sid=4579&pid=1153
Server: nginx

GET /
clarifyspotify.online/ 0
0

GET
H2 200 / Show response
clarifyspotify.online/ 18 KB
18 KB 66ms
20ms Document
text/html 188.166.68.96
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://clarifyspotify.online/?p=me3tqn3emq5gi3bpgy4tmmy&sub1=clarkeone&sub2=drumst

Requested by

Host: brend.specialadves.com
URL: https://brend.specialadves.com/big.php?id=552&sid=4579&pid=1153

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.68.96 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

8f14981e2f769f047dfbcacb97f1176a8aca8c34aadea60c5692d54d8c899e6e

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://brend.specialadves.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-security-policy: img-src https: data:; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 21 Apr 2022 18:52:22 GMT
server: nginx
strict-transport-security: max-age=31536000

GET w56899721.js
clarifyspotify.online/ Frame 0
0

GET
H2 200 /
0.clarifyspotify.online/ 18 KB
18 KB 46ms
20ms Document
text/html 188.166.68.96
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://0.clarifyspotify.online/?p=me3tqn3emq5gi3bpgy4tmmy&sub1=clarkeone&sub2=drumst

Requested by

Host: happyeasterimages.org
URL: https://happyeasterimages.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.68.96 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://clarifyspotify.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-security-policy: img-src https: data:; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 21 Apr 2022 18:52:22 GMT
server: nginx
strict-transport-security: max-age=31536000

GET w56899721.js
0.clarifyspotify.online/ Frame 0
0

GET
H2

200

index.php Show response
clickprocess.click/nlp/
Redirect Chain

https://0.clarifyspotify.online/?auf=gjqteytcme5diojygyxtmojwgmxtemrpge3dkmbvgy3tcnbs&s=1&sub1=clarkeone&sub2=drumst&sub3=&sub4=&cpc=0&cpm=0
https://seventrk.com/c.php?k=lanhm73ap1a5k8rht760&price=0.00552&feed=feed14986&hash=bf7e9aaf&creative=0&platform=Windows&browser=Chrome&subday=0
https://clickprocess.click/nlp/index.php?duplication=1&url_bnm_redirect=https://google.com

83 B
223 B

51ms
13ms

Document
text/html

94.130.51.235
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://clickprocess.click/nlp/index.php?duplication=1&url_bnm_redirect=https://google.com

Requested by

Host: happyeasterimages.org
URL: https://happyeasterimages.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

94.130.51.235 Heilbronn, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.235.51.130.94.clients.your-server.de

Software

nginx/1.18.0 /

Resource Hash

59088c815f20a680864f427fe89baeda558835a887ab0d81f1ed09ba2b9497a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://0.clarifyspotify.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 21 Apr 2022 18:52:23 GMT
server: nginx/1.18.0
strict-transport-security: max-age=31536000

Redirect headers

content-type: text/html; charset=UTF-8
date: Thu, 21 Apr 2022 18:52:23 GMT
location: https://clickprocess.click/nlp/index.php?duplication=1&url_bnm_redirect=https://google.com
server: nginx/1.18.0
strict-transport-security: max-age=31536000

GET
H2 200 index.php Show response
clickprocess.click/nlp/ 63 B
203 B 13ms
12ms Document
text/html 94.130.51.235
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://clickprocess.click/nlp/index.php?url_bnm_redirect=https%3A%2F%2Fgoogle.com

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

94.130.51.235 Heilbronn, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.235.51.130.94.clients.your-server.de

Software

nginx/1.18.0 /

Resource Hash

788604d2e0ba169ded92c73bd306a3dd273470e5db4383820d47b82770c98e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://clickprocess.click/nlp/index.php?duplication=1&url_bnm_redirect=https://google.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 21 Apr 2022 18:52:23 GMT
server: nginx/1.18.0
strict-transport-security: max-age=31536000

GET
H3

200

Primary Request / Show response
www.google.com/
Redirect Chain

https://google.com/
https://www.google.com/

176 KB
53 KB

100ms
82ms

Document
text/html

2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

1de52708669d3a918009e248d659a8ee1d87a9b8776caa60d7e6fa9a6c8d789e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://clickprocess.click/nlp/index.php?url_bnm_redirect=https%3A%2F%2Fgoogle.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in: unload
cache-control: private, max-age=0
content-encoding: br
content-length: 54339
content-type: text/html; charset=UTF-8
date: Thu, 21 Apr 2022 18:52:23 GMT
expires: -1
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: gws
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in: unload
cache-control: private, max-age=2592000
content-length: 220
content-type: text/html; charset=UTF-8
date: Thu, 21 Apr 2022 18:52:23 GMT
expires: Thu, 21 Apr 2022 18:52:23 GMT
location: https://www.google.com/
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: gws
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 6 KB
6 KB 16ms
16ms Image
image/png 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Requested by

Host: www.google.com
URL: https://www.google.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5969
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 21 Apr 2022 18:52:23 GMT

GET
H3 200 24px.svg
fonts.gstatic.com/s/i/productlogos/googleg/v6/ 742 B
465 B 25ms
9ms Image
image/svg+xml 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/googleg/v6/24px.svg

Requested by

Host: www.google.com
URL: https://www.google.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed9087d76cdc6d1c53698f6068f79872e77e87c8d012c0cfdad13b05b6ccb37c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 15:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 438
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 09:57:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Apr 2023 15:28:24 GMT

GET
DATA 200
OK truncated
/ 315 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfc968774223d526b5bd576d65d52926560be675eb4d289e4b50b6b2d1c4c34c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 978df3db598e6be70fb5ee7167b89bf3e1a21e3aaca1f13cce091afc3f863fbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 204 gen_204
www.google.com/ 0
15 B 18ms
18ms Ping
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/gen_204?ei=56dhYtXMJvqQxc8PgOmi6A0&vet=10ahUKEwiV3Jji6aX3AhV6SPEDHYC0CN0QhJAHCBc..s&gl=DE&pc=SEARCH_HOMEPAGE&isMobile=false

Requested by

Host: www.google.com
URL: https://www.google.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

bfcache-opt-in: unload
date: Thu, 21 Apr 2022 18:52:23 GMT
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 desktop_searchbox_sprites318_hr.webp
www.google.com/images/searchbox/ 660 B
682 B 15ms
15ms Image
image/webp 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/searchbox/desktop_searchbox_sprites318_hr.webp

Requested by

Host: www.google.com
URL: https://www.google.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d788f86be22112bb53762545989c0f1bbdb7343161130952c9ba3834ff81e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 18:52:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Apr 2020 22:00:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/webp
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 660
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 21 Apr 2022 18:52:23 GMT

GET
DATA 200
OK truncated
/ 775 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4e87a291421960991f7dc87a09944b898dc61c8847728a7af3da84dd12df56c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 438 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 422f74f8c2d63353df49f69830938937d9a0ac9aca5b25137ef13033d6344ed2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 422 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 419c3cd0a05480f6987f6bcbae1f6b45881b6d233e1aa94b109b75f2db95c83e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 338 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f94605120506432619545f62edabb4d37a4d59966a888aacfa1ceffb1a915923

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9acf2bba553f1dbf551effc6c67bd825cffc3bc41c9dda80ba07f8dc83e8bc8a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 204 gen_204
www.google.com/ 0
15 B 19ms
19ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=56dhYtXMJvqQxc8PgOmi6A0&zx=1650567143750

Requested by

Host: www.google.com
URL: https://www.google.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Thu, 21 Apr 2022 18:52:23 GMT
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 rs=AA2YrTshJ7rMgELB7P1bkV0inIKSumTmkw Show response
www.gstatic.com/og/_/js/k=og.qtm.en_US.dPyW-2_N-wg.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald/exm=qaaw,qadd,qaid,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/ 186 KB
64 KB 467ms
9ms Script
text/javascript 2a00:1450:4001:812::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/og/_/js/k=og.qtm.en_US.dPyW-2_N-wg.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald/exm=qaaw,qadd,qaid,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/rs=AA2YrTshJ7rMgELB7P1bkV0inIKSumTmkw

Requested by

Host: www.google.com
URL: https://www.google.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c0539e73c3e2c2d3aeb45a73420e59b6926a37e81f45b4eb32f751539e4b0a9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 07:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65432
x-xss-protection: 0
last-modified: Sat, 09 Apr 2022 01:30:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
vary: Accept-Encoding, Origin
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Apr 2023 07:54:32 GMT

GET
H2 200 rs=AA2YrTsnLAdAgt1VWQcVq_eeK8BYToqDWg
www.gstatic.com/og/_/ss/k=og.qtm.h09LOwQKClw.L.W.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/ct=zgms/ 3 KB
1 KB 466ms
9ms Stylesheet
text/css 2a00:1450:4001:812::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/og/_/ss/k=og.qtm.h09LOwQKClw.L.W.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/ct=zgms/rs=AA2YrTsnLAdAgt1VWQcVq_eeK8BYToqDWg

Requested by

Host: www.google.com
URL: https://www.google.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f28d0b343718301f59504b6b769120292157a9af113ac5343b229a00efe9c6a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:21:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 622
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 01:34:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
vary: Accept-Encoding, Origin
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Apr 2023 08:21:30 GMT

POST
H3 204 gen_204
www.google.com/ 0
15 B 17ms
17ms Ping
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=56dhYtXMJvqQxc8PgOmi6A0&rt=wsrt.147,aft.43,afti.43&wh=1200&imn=4&ima=4&imad=0&aftp=-1&bl=UvNk

Requested by

Host: www.google.com
URL: https://www.google.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

bfcache-opt-in: unload
date: Thu, 21 Apr 2022 18:52:23 GMT
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.Yozr9QYVVr4.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8ePFN_mLj5L9BxNRnarRImlQEt0w/ 108 KB
36 KB 37ms
8ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.Yozr9QYVVr4.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8ePFN_mLj5L9BxNRnarRImlQEt0w/cb=gapi.loaded_0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.dPyW-2_N-wg.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald/exm=qaaw,qadd,qaid,qein,qhaw,qhbr,qhch,qhga,qhid,qhin,qhpr/d=1/ed=1/rs=AA2YrTshJ7rMgELB7P1bkV0inIKSumTmkw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9116edf13689453d881cdbdba279389a1276e5583c60dee50c9b19b11c9e19af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 17:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36669
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 15:22:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Apr 2023 17:11:43 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: brend.specialadves.com
URL: https://brend.specialadves.com/location.php?spec=8579&p=2285&get=0042

Domain: brend.specialadves.com
URL: https://brend.specialadves.com/location.php?spec=8579&p=2285&get=0042

Domain: brend.specialadves.com
URL: https://brend.specialadves.com/location.php?spec=8579&p=2285&get=0042

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5VCBM4GmgC7LO8JXMW7oAlWsAZOLh1VKwH1J_aj8NG4b8o8ufFbhP4CZQBnUwpFKu8q3Kds4TG6BE1sGjUWzhjJsiLMrIwmlq2GISGWbDquNNTLG8Eg&sai=AMfl-YSkKgQCExTzQWKYwibe3FCAawE-NQKZEQO3gjWszzRYyXEFnKSOuSA9OkgWTYZorGhv9DPh2El0rGSi&sig=Cg0ArKJSzJmRdzSyFcJKEAE&id=lidartos&mcvt=1995&p=1,0,245.875,950&mtos=1995,1995,1995,1995,1995&tos=1995,0,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=639361911&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=b&rst=1650567139880&rpt=134&ec=0&met=mue&wmsd=0

Domain: xxxconent.biz
URL: https://xxxconent.biz/go/grsdozbyme5doojwgy?subid1=special&subid2=train

Domain: xxxconent.biz
URL: https://xxxconent.biz/w725ac25a.js

Domain: 0.xxxconent.biz
URL: https://0.xxxconent.biz/w725ac25a.js

Domain: clarifyspotify.online
URL: https://clarifyspotify.online/?p=me3tqn3emq5gi3bpgy4tmmy&sub1=clarkeone&sub2=drumst

Domain: clarifyspotify.online
URL: https://clarifyspotify.online/w56899721.js

Domain: 0.clarifyspotify.online
URL: https://0.clarifyspotify.online/w56899721.js

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.happyeasterimages.org/	1970-01-20 20:00:39	Name: _ga Value: GA1.2.450699855.1650567139
.happyeasterimages.org/	1970-01-20 02:30:53	Name: _gid Value: GA1.2.1278363910.1650567139
.happyeasterimages.org/	1970-01-20 02:29:27	Name: _gat_gtag_UA_116656574_1 Value: 1
.happyeasterimages.org/	1970-01-20 11:51:03	Name: __gads Value: ID=a860631e5ff1cc64-22ba14137dcd0007:T=1650567139:RT=1650567139:S=ALNI_MYu3OYObYDepaAngVAsBD81pb0ojQ
.doubleclick.net/	1970-01-20 11:51:03	Name: IDE Value: AHWqTUnKVwq40yAUH9Zik8Q9oWuCwZYLzSoFt-Kr0m_Dc5624TeZqS-5EQFteA6x9zo
.doubleclick.net/	1970-01-20 02:29:30	Name: DSID Value: NO_DATA
.xxxconent.biz/	1970-01-20 03:12:39	Name: uuid Value: 09bfc276-3a65-4e74-877f-2f0f353bee5e
.0.xxxconent.biz/	1970-01-20 03:12:39	Name: uuid Value: 09bfc276-3a65-4e74-877f-2f0f353bee5e
.clarifyspotify.online/	1970-01-20 03:12:39	Name: uuid Value: 6c83ebab-67aa-4746-bf65-c5ace5520b8b
.0.clarifyspotify.online/	1970-01-20 03:12:39	Name: uuid Value: 6c83ebab-67aa-4746-bf65-c5ace5520b8b
0.clarifyspotify.online/	1970-01-20 03:12:39	Name: uuid Value: 6c83ebab-67aa-4746-bf65-c5ace5520b8b
.0.clarifyspotify.online/	1970-01-20 02:30:53	Name: ccid Value: %5B69417%5D
seventrk.com/	1970-01-20 02:30:53	Name: uclick Value: h9zwvc2tbl
seventrk.com/	1970-01-20 02:30:53	Name: uclickhash Value: h9zwvc2tbl-h9zwvc2tbl-u3fy-oji4-b73y-lpd5-lphq-ac53fe
.google.com/	1970-01-20 20:00:39	Name: CONSENT Value: PENDING+325

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.clarifyspotify.online
0.xxxconent.biz
adservice.google.com
adservice.google.de
apis.google.com
brend.specialadves.com
buttons-config.sharethis.com
clarifyspotify.online
clickprocess.click
fonts.googleapis.com
fonts.gstatic.com
google.com
googleads.g.doubleclick.net
happyeasterimages.org
l.sharethis.com
local.specialadves.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
platform-api.sharethis.com
print.legendarytable.com
s0.2mdn.net
seventrk.com
stats.wp.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
xxxconent.biz
0.clarifyspotify.online
0.xxxconent.biz
brend.specialadves.com
clarifyspotify.online
pagead2.googlesyndication.com
xxxconent.biz
111.90.143.157
142.250.186.162
143.204.98.74
167.71.64.21
188.166.68.96
192.0.76.3
2600:9000:20eb:b200:c:abe:f440:93a1
2a00:1450:4001:800::200e
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:812::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2006
2a00:1450:4014:80b::2002
2a06:98c1:3120::7
3.127.31.227
94.130.51.235
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
08a110eff579f48f7dac8b69ca7f3a5daaa9ee67c43a89ff6b410834c1d10945
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1de52708669d3a918009e248d659a8ee1d87a9b8776caa60d7e6fa9a6c8d789e
23b90f716ff021cae00458064511d771d64cfbdd6e6d4766ffb105054f5b2db6
2a4e9b3f33edb851ba930430bdbf317a3b95e0974763617d68ec0b555a3bb8fe
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2f5cb2b34a4ed70d592e0bed755169c223121aff40b3a3d0a0c4d991831d5cd4
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
3470b7028fd66e400091fdc06d6a5f64f5400431a9e909b853f1dca91c77b39a
3bc0650fdb91b42f148795e8b4136fd0f837fdee11885215d577f80fb0aac1d3
414363cb8150c2f60382da1d5a33f260caad65a54d6933e6b28534763d388db8
419c3cd0a05480f6987f6bcbae1f6b45881b6d233e1aa94b109b75f2db95c83e
422f74f8c2d63353df49f69830938937d9a0ac9aca5b25137ef13033d6344ed2
44e77b4ab0368538b8c5a3fbcb36c31bc07d2798a8bc2fceeea6feaf8cbec859
482168bb347537d7b4cd160c07385a0007462c042ccf8ec0fb6db6c57acd76fc
52cd39a1b6479d0e18a11676203029c22ceeda73496071437da5fe945d9f344f
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
59088c815f20a680864f427fe89baeda558835a887ab0d81f1ed09ba2b9497a9
5be5b5a6e45b62084e1286b6917e1a853f918e7df07f9b75013bce4c4efa1e61
5ff46b82c72bcf5b303048058fff29bbc9a760a0fd65c75682b45c43ddfab637
6797e2527a1b283b9b6296e049d7d715aa4614829f3f266ee2082aaa3d2b4d3a
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73d788f86be22112bb53762545989c0f1bbdb7343161130952c9ba3834ff81e3
788604d2e0ba169ded92c73bd306a3dd273470e5db4383820d47b82770c98e64
7d48436f99b8351b5bbe106de141701a70ae9ae6b699afee4b2b584aa3993221
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b3c1bef127b6d64d86fc574ab32bdb7cb7cdae515156650fa8bb41852445d8f
8bf307fc76f1bba962ab2c529539aba4d150c6a0ed1b891686319414ff0e4b56
8f14981e2f769f047dfbcacb97f1176a8aca8c34aadea60c5692d54d8c899e6e
9116edf13689453d881cdbdba279389a1276e5583c60dee50c9b19b11c9e19af
93e2f1ae3ff7711e4a86b313569cc054e1f50a0c17ad4be47a41699f8d997a84
978df3db598e6be70fb5ee7167b89bf3e1a21e3aaca1f13cce091afc3f863fbe
98da34ae2dff3024e0f005cb4fcd863ad9ca72101d627b88881abdc4b8dfe848
9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d
9acf2bba553f1dbf551effc6c67bd825cffc3bc41c9dda80ba07f8dc83e8bc8a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2aafaf9c6300faaee8b48cb22a1add47b4ffc42fdfffbdaaa1e8bf0975ba421
a301bc8526518fce7e08290eb403a5b18ae240631e89318508de62905dd0046e
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a4185b317b7b51e6b2915c6819e0fa9963fdf675f7551b1050b112ebf4b265db
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71d456fb662ac92acf4e257737fac893465afb4b87dd21b3a5e433b60cee3a3
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
a95f94ea3ba957f9222676793ece3a58507723fea6d802718f2d65465f3fa1e5
ad69e547e43620390c7d7e192a4d00959602042fecd2be1e131a0a9b3398a36d
b4848f9fdb06b078e2bd334c655d269d3c389a6beb479f7c5b22b53775382670
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf8c1dd6a0907d70aebc7d9b3ae0fd8476e9792ad4fbe2949f329656a026fbf0
c0539e73c3e2c2d3aeb45a73420e59b6926a37e81f45b4eb32f751539e4b0a9d
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
d4e87a291421960991f7dc87a09944b898dc61c8847728a7af3da84dd12df56c
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
de83a714df7e94eec77286f67f037de6cf698d6688ace46a0687cc1b05ec8794
dfc968774223d526b5bd576d65d52926560be675eb4d289e4b50b6b2d1c4c34c
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed4bb46fc65dcc687e4ef62869ac6d2c213585f593138361edc00cdddd53c2ce
ed9087d76cdc6d1c53698f6068f79872e77e87c8d012c0cfdad13b05b6ccb37c
ee7d120bfb658a74e2eed5639288c54e6ee416d53aefc612224d731ddb8c09b0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
f28d0b343718301f59504b6b769120292157a9af113ac5343b229a00efe9c6a6
f2d5acc40b303c5c7b8d41a3472de6bea841871f10f3b219d0add5c0d673106b
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f8786285ff4c33a400812f8e9892d5137a1d2844fd3a3bd6a3b2c94f2f5c40a1
f94605120506432619545f62edabb4d37a4d59966a888aacfa1ceffb1a915923
fb12708d973e6b9354f367a6780e5a166b0da7d2721d856da7f9d57130883eaa

www.google.com Open in urlscan Pro 2a00:1450:4001:82a::2004 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

91 Requests

89 %HTTPS

67 %IPv6

20 Domains

31 Subdomains

24 IPs

5 Countries

1055 kBTransfer

2785 kBSize

15 Cookies

0 Outgoing links

Page URL History

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.google.com Open in urlscan Pro
2a00:1450:4001:82a::2004 Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

89 %
HTTPS

67 %
IPv6

20
Domains

31
Subdomains

24
IPs

5
Countries

1055 kB
Transfer

2785 kB
Size

15
Cookies

91 HTTP transactions
14 data transactions