berriesinthesnow.com Open in urlscan Pro
45.40.149.34 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://berriesinthesnow.com/
Submission: On January 21 via manual (January 21st 2021, 9:14:34 pm UTC) from CA

Summary HTTP 114 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 20 domains to perform 114 HTTP transactions. The main IP is 45.40.149.34, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is berriesinthesnow.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 5th 2020. Valid for: a year.

This is the only time berriesinthesnow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
37	45.40.149.34 45.40.149.34	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
5	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
6	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
23	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1 2	2a00:1450:400... 2a00:1450:4001:81f::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	184.73.100.94 184.73.100.94	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1	216.58.207.66 216.58.207.66	15169 (GOOGLE) (GOOGLE)
1	54.147.47.240 54.147.47.240	14618 (AMAZON-AES) (AMAZON-AES)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	107.20.140.231 107.20.140.231	14618 (AMAZON-AES) (AMAZON-AES)
1	65.9.73.70 65.9.73.70	16509 (AMAZON-02) (AMAZON-02)
2	34.249.191.98 34.249.191.98	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
114	25

37 45.40.149.34 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-45-40-149-34.ip.secureserver.net

berriesinthesnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

cdn.shareaholic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m9m6e2w5.stackpathcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.73.100.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-100-94.compute-1.amazonaws.com

www.shareaholic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.147.47.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-47-240.compute-1.amazonaws.com

analytics.shareaholic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.20.140.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-140-231.compute-1.amazonaws.com

partner.shareaholic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.70 (Seattle, United States)

ASN16509 (AMAZON-02, US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.191.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-191-98.eu-west-1.compute.amazonaws.com

api.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	berriesinthesnow.com berriesinthesnow.com	2 MB
32	wp.com c0.wp.com i0.wp.com i1.wp.com s0.wp.com stats.wp.com i2.wp.com pixel.wp.com	2 MB
8	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	100 B
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	196 KB
4	stackpathcdn.com m9m6e2w5.stackpathcdn.com	99 KB
4	gstatic.com fonts.gstatic.com	75 KB
4	google-analytics.com 1 redirects ssl.google-analytics.com www.google-analytics.com	36 KB
3	viglink.com cdn.viglink.com api.viglink.com	30 KB
2	shareaholic.com analytics.shareaholic.com partner.shareaholic.com	648 B
2	facebook.net connect.facebook.net	62 KB
2	shareaholic.net cdn.shareaholic.net www.shareaholic.net	6 KB
1	facebook.com www.facebook.com
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	169 B
1	google.de adservice.google.de	169 B
1	googleadservices.com partner.googleadservices.com	588 B
1	googletagmanager.com www.googletagmanager.com	39 KB
1	googleapis.com fonts.googleapis.com	880 B
0	blogfoster.com Failed insights.blogfoster.com Failed
0	chitika.net Failed cdn.chitika.net Failed
114	20

	Domain	Requested by
37	berriesinthesnow.com	berriesinthesnow.com
14	i0.wp.com	berriesinthesnow.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com
7	i1.wp.com	berriesinthesnow.com
6	pagead2.googlesyndication.com	berriesinthesnow.com pagead2.googlesyndication.com
6	c0.wp.com	berriesinthesnow.com
4	m9m6e2w5.stackpathcdn.com	cdn.shareaholic.net berriesinthesnow.com
4	fonts.gstatic.com	fonts.googleapis.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	api.viglink.com	cdn.viglink.com
2	www.google-analytics.com	www.googletagmanager.com berriesinthesnow.com
2	connect.facebook.net	berriesinthesnow.com connect.facebook.net
2	i2.wp.com	berriesinthesnow.com
2	ssl.google-analytics.com	1 redirects berriesinthesnow.com
1	cdn.viglink.com	m9m6e2w5.stackpathcdn.com
1	partner.shareaholic.com	m9m6e2w5.stackpathcdn.com
1	pixel.wp.com	berriesinthesnow.com
1	www.facebook.com	connect.facebook.net
1	analytics.shareaholic.com	m9m6e2w5.stackpathcdn.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	berriesinthesnow.com
1	www.shareaholic.net	cdn.shareaholic.net
1	stats.wp.com	berriesinthesnow.com
1	s0.wp.com	berriesinthesnow.com
1	www.googletagmanager.com	berriesinthesnow.com
1	fonts.googleapis.com	berriesinthesnow.com
1	cdn.shareaholic.net	berriesinthesnow.com
0	insights.blogfoster.com Failed	berriesinthesnow.com
0	cdn.chitika.net Failed	berriesinthesnow.com
114	32

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
instagram.com
pinterest.com
bloglovin.com
feeds.feedburner.com
www.instagram.com
www.bntnews.co.uk
www.etudehouse.com
www.gofeminin.de

Subject Issuer	Validity	Valid
berriesinthesnow.com Go Daddy Secure Certificate Authority - G2	`2020-03-05` - `2021-05-04`	a year	crt.sh
cdn.shareaholic.net R3	`2021-01-14` - `2021-04-14`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
*.stackpathcdn.com Go Daddy Secure Certificate Authority - G2	`2019-06-27` - `2021-06-27`	2 years	crt.sh
*.shareaholic.net R3	`2021-01-17` - `2021-04-17`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
shareaholic.com Amazon	`2020-07-03` - `2021-08-03`	a year	crt.sh
*.shareaholic.com R3	`2021-01-17` - `2021-04-17`	3 months	crt.sh
viglink.com Amazon	`2020-12-13` - `2022-01-11`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://berriesinthesnow.com/
Frame ID: 359A9F40FBD3B649F5100AD0725E68F1
Requests: 106 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210113/r20210113/zrt_lookup.html
Frame ID: 8EE5CCDB413F689C6EE2EBA92F305861
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9542962661355933&output=html&adk=1812271804&adf=3025194257&lmt=1611263651&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fberriesinthesnow.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1611263651302&bpp=13&bdt=474&idt=145&shv=r20210113&cbv=r20210113&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2119746050945&frm=20&pv=2&ga_vid=285385821.1611263651&ga_sid=1611263651&ga_hid=1577432680&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=3297564328928729&pem=305&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=163
Frame ID: 97F291875D51365A303AE1C3C7EADB0E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.3/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df112d3041a6bba%26domain%3Dberriesinthesnow.com%26origin%3Dhttps%253A%252F%252Fberriesinthesnow.com%252Ff222340fa7c89dc%26relation%3Dparent.parent&container_width=260&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fberriesinthesnow&locale=en_US&sdk=joey&show_facepile=true&show_posts=false
Frame ID: CC087A3450749C7BA464D9304B8E30AB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9542962661355933&output=html&h=90&adk=2987094877&adf=3296512626&pi=t.aa~a.2697327017~rp.4&w=1080&fwrn=4&fwrnh=100&lmt=1611263651&rafmt=1&to=qs&pwprc=7539733161&psa=0&format=1080x90&url=https%3A%2F%2Fberriesinthesnow.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611263651967&bpp=1&bdt=1138&idt=-M&shv=r20210113&cbv=r20210113&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae860a5ad44b5381-2252bc4d9bb9005b%3AT%3D1611263651%3ART%3D1611263651%3AS%3DALNI_MZbaKy8a0Sadoe-G1s6M5hCT3yj4g&prev_fmts=0x0&nras=1&correlator=2119746050945&frm=20&pv=1&ga_vid=285385821.1611263651&ga_sid=1611263651&ga_hid=1577432680&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=1308&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=3297564328928729&pem=305&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=WNziSthf3y&p=https%3A//berriesinthesnow.com&dtd=14
Frame ID: B04D5ABBEA645039B406715137E1C009
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9542962661355933&output=html&h=60&adk=2217445766&adf=1567633289&pi=t.aa~a.372871807~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1611263651&rafmt=1&to=qs&pwprc=7539733161&psa=0&format=1080x60&url=https%3A%2F%2Fberriesinthesnow.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611263651967&bpp=1&bdt=1139&idt=1&shv=r20210113&cbv=r20210113&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae860a5ad44b5381-2252bc4d9bb9005b%3AT%3D1611263651%3ART%3D1611263651%3AS%3DALNI_MZbaKy8a0Sadoe-G1s6M5hCT3yj4g&prev_fmts=0x0%2C1080x90&nras=1&correlator=2119746050945&frm=20&pv=1&ga_vid=285385821.1611263651&ga_sid=1611263651&ga_hid=1577432680&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=1408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=3297564328928729&pem=305&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vW89MEaRiz&p=https%3A//berriesinthesnow.com&dtd=19
Frame ID: E372FD9EB9E11835D6751BC440B61142
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9542962661355933&output=html&h=600&slotname=8486623608&adk=1594669142&adf=105494186&pi=t.ma~as.8486623608&w=260&fwrn=4&fwrnh=100&lmt=1611263652&rafmt=1&psa=0&format=260x600&url=https%3A%2F%2Fberriesinthesnow.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1611263651321&bpp=1&bdt=492&idt=157&shv=r20210113&cbv=r20210113&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae860a5ad44b5381-2252bc4d9bb9005b%3AT%3D1611263651%3ART%3D1611263651%3AS%3DALNI_MZbaKy8a0Sadoe-G1s6M5hCT3yj4g&prev_fmts=0x0%2C1080x90%2C1080x60&nras=1&correlator=2119746050945&frm=20&pv=1&ga_vid=285385821.1611263651&ga_sid=1611263651&ga_hid=1577432680&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1080&ady=3790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=3297564328928729&pem=305&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=3&fsb=1&xpc=m2VC3TbqWJ&p=https%3A//berriesinthesnow.com&dtd=691
Frame ID: 5995A1B09636DF7867C22603B7B31D94
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9542962661355933&output=html&h=600&slotname=6897203207&adk=2287347046&adf=606830807&pi=t.ma~as.6897203207&w=260&fwrn=4&fwrnh=100&lmt=1611263652&rafmt=1&psa=0&format=260x600&url=https%3A%2F%2Fberriesinthesnow.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1611263651315&bpp=6&bdt=487&idt=161&shv=r20210113&cbv=r20210113&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae860a5ad44b5381-2252bc4d9bb9005b%3AT%3D1611263651%3ART%3D1611263651%3AS%3DALNI_MZbaKy8a0Sadoe-G1s6M5hCT3yj4g&prev_fmts=0x0%2C1080x90%2C1080x60%2C260x600&nras=1&correlator=2119746050945&frm=20&pv=1&ga_vid=285385821.1611263651&ga_sid=1611263651&ga_hid=1577432680&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1080&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=3297564328928729&pem=305&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=8320&bc=31&ifi=1&uci=a!1&btvi=4&fsb=1&xpc=G2JjhYP3ax&p=https%3A//berriesinthesnow.com&dtd=746
Frame ID: EF75A9A97272CCCCECCCB9D2F2D3FC1D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210113/r20210113/zrt_lookup.html?fsb=1
Frame ID: 8445D4C79AB5F8AB4FCC1BA1B7794E84
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: FA6C1D54D5639A093FAAC73E3E8E80AF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

114
Requests

98 %
HTTPS

50 %
IPv6

20
Domains

32
Subdomains

25
IPs

4
Countries

4681 kB
Transfer

6101 kB
Size

10
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/berriesinthesnow

Search URL Search Domain Scan URL

URL: https://twitter.com/MissLaven

Search URL Search Domain Scan URL

URL: https://instagram.com/misslaven/

Search URL Search Domain Scan URL

URL: https://pinterest.com/frlschnee/

Search URL Search Domain Scan URL

URL: https://bloglovin.com/blogs/berries-in-snow-12322323

Search URL Search Domain Scan URL

URL: http://feeds.feedburner.com/BerriesInTheSnow

Search URL Search Domain Scan URL

URL: https://www.instagram.com/misslaven/

Search URL Search Domain Scan URL

URL: http://www.bntnews.co.uk/

Search URL Search Domain Scan URL

URL: http://www.etudehouse.com/

Search URL Search Domain Scan URL

URL: http://www.gofeminin.de/event/bloggerclub/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1025238871&utmhn=berriesinthesnow.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Berries%20in%20the%20Snow%20%7C%20-%20beautifying%20attempts%20by%20Miss%20Laven&utmhid=1577432680&utmr=-&utmp=%2F&utmht=1611263651278&utmac=UA-64021627-1&utmcc=__utma%3D80640644.285385821.1611263651.1611263651.1611263651.1%3B%2B__utmz%3D80640644.1611263651.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=1224102678&utmredir=1&utmu=qAQAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-64021627-1&cid=285385821.1611263651&jid=1224102678&_v=5.7.2&z=1025238871

114 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
berriesinthesnow.com/ 63 KB
15 KB 730ms
336ms Document
text/html 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

153c8b0d3945a5d36bb0dde455960dd3f8fed42185648c052a628838220cf55c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: berriesinthesnow.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: openresty
date: Thu, 21 Jan 2021 21:14:10 GMT
content-type: text/html; charset=UTF-8
content-length: 14711
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=300 max-age=31536000; includeSubDomains
x-cacheable: YES:Forced
age: 6337
vary: Accept-Encoding, User-Agent
x-cache: cached
x-cache-hit: HIT
x-backend: all_requests
accept-ranges: none

GET
H2 200 shareaholic.js Show response
cdn.shareaholic.net/assets/pub/ 9 KB
4 KB 109ms
39ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Requested by: Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 8b7aae781975d4a0a2396701a6e5ab1272a81bb21d2cc4cdfcdddd22f5bb877f

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 21:14:10 GMT
content-encoding: gzip
last-modified: Mon, 18 Jan 2021 15:34:08 GMT
server: nginx
x-amz-request-id: 34EE8412D2F31D2E
etag: "07b5e5785eaa34d9ef85609887a4a2b7"
x-hw: 1611263650.cds041.sk1.hn,1611263650.cds201.sk1.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=900, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 3699
x-amz-id-2: 2hrMYsqx2iQ0IcbPj2bdpPZSPoSTB/J6SCeb9y8rkppYSbz4BHCSBE6HVowkCZmerXkCCGzrXOw=

GET
H2 200 ppibfi_pinterest.css
berriesinthesnow.com/wp-content/plugins/pinterest-pin-it-button-for-images/ 3 KB
2 KB 340ms
333ms Stylesheet
text/css 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/plugins/pinterest-pin-it-button-for-images/ppibfi_pinterest.css?ver=2494c3313413735fed7d479aea3f37ad

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

8c6516c51b202951576f01cbd52689a72b7c3281b23f14febe1f72c88e1f1708

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 251150
x-cache: cached
content-length: 1247
x-xss-protection: 1; mode=block
last-modified: Sat, 24 May 2014 16:09:44 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:10 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 cv.css
berriesinthesnow.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/ 76 KB
12 KB 194ms
187ms Stylesheet
text/css 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/css/cv.css?ver=2.2.0

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

dbd21434a01bdc63075bfc9259c20b6a06b628267d25ee9683939ed2f088fffd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 577833
x-cache: cached
content-length: 11725
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Oct 2019 20:17:05 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:10 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 sb-instagram-2-1.min.css
berriesinthesnow.com/wp-content/plugins/instagram-feed/css/ 15 KB
3 KB 195ms
189ms Stylesheet
text/css 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/plugins/instagram-feed/css/sb-instagram-2-1.min.css?ver=2.1.2

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

e0c9ee5a100adf1b0a999529865b09ca9512717df088b366ddd757c01c2b68d9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 577833
x-cache: cached
content-length: 2580
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Nov 2019 06:21:38 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:10 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 style.min.css
c0.wp.com/c/5.6/wp-includes/css/dist/block-library/ 50 KB
7 KB 109ms
37ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.6/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 21 Jan 2021 21:14:10 GMT
content-encoding: br
last-modified: Tue, 01 Dec 2020 12:21:40 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Fri, 21 Jan 2022 21:14:10 GMT

GET
H2 200 aalb_basics.css
berriesinthesnow.com/wp-content/plugins/amazon-associates-link-builder/css/ 3 KB
1 KB 196ms
190ms Stylesheet
text/css 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/plugins/amazon-associates-link-builder/css/aalb_basics.css?ver=1.9.3

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

e7be98b44cfeff4fe548e4ce712fac1e09fd299e0dbae9feeec35bf2f43b86f2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 577833
x-cache: cached
content-length: 1014
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Oct 2019 20:16:58 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:10 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 styles.css
berriesinthesnow.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1020 B 334ms
327ms Stylesheet
text/css 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.4

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 577832
x-cache: cached
content-length: 651
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Oct 2019 20:17:03 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:10 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 wp125.css
berriesinthesnow.com/wp-content/plugins/wp125/ 555 B
678 B 339ms
333ms Stylesheet
text/css 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/plugins/wp125/wp125.css?ver=2494c3313413735fed7d479aea3f37ad

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

ae25bcce5f1fca7cc47fdd8f78bd7834bb6b4594c445b756b89f0b7b00e9eaa1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 264563
x-cache: cached
content-length: 309
x-xss-protection: 1; mode=block
last-modified: Thu, 22 Oct 2015 18:51:26 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:10 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 style.css
berriesinthesnow.com/wp-content/themes/rosemary/ 67 KB
13 KB 338ms
332ms Stylesheet
text/css 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/themes/rosemary/style.css?ver=1.6.2

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

028be14e426bdb09c7f9cbc280bb16978dd1a45908a5b292c10a237d6b29751e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 577831
x-cache: cached
content-length: 13193
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Oct 2019 21:16:57 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:10 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 font-awesome.min.css
berriesinthesnow.com/wp-content/themes/rosemary/css/ 28 KB
7 KB 185ms
180ms Stylesheet
text/css 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/themes/rosemary/css/font-awesome.min.css?ver=2494c3313413735fed7d479aea3f37ad

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

7bc15c522a05ce0e56b8cb3fff83bc6e770130afdd840d469869db69663d78fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 256898
x-cache: cached
content-length: 6664
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Oct 2019 21:16:57 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:10 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 responsive.css
berriesinthesnow.com/wp-content/themes/rosemary/css/ 5 KB
1 KB 186ms
180ms Stylesheet
text/css 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/themes/rosemary/css/responsive.css?ver=1.6.2

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

11f7775213c1f8a011d2bfa76e6e8e4f2bac337191a33c2d2fdded1691469273

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 577831
x-cache: cached
content-length: 1052
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Oct 2019 21:16:57 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:10 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 css
fonts.googleapis.com/ 9 KB
880 B 20ms
15ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic%26subset%3Dlatin%2Clatin-ext%7CPlayfair+Display%3A400%2C700%2C400italic%2C700italic%26subset%3Dlatin%2Clatin-ext&ver=1.6

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d361bbadce5225a3fd7d3877d1b943bdc835d77f52d279fabbaa60a01ea32332

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Jan 2021 21:14:10 GMT
server: ESF
date: Thu, 21 Jan 2021 21:14:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Jan 2021 21:14:10 GMT

GET
H2 200 style.css
berriesinthesnow.com/wp-content/plugins/simple-social-icons/css/ 1 KB
806 B 186ms
181ms Stylesheet
text/css 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/plugins/simple-social-icons/css/style.css?ver=3.0.1

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

f230538018f9156f925bd667c6ac4f437ae4541b9d421424728592d359b499c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 577831
x-cache: cached
content-length: 437
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Oct 2019 20:17:18 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:10 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 cookieconsent.css
berriesinthesnow.com/wp-content/plugins/ga-germanized/assets/css/ 5 KB
2 KB 340ms
335ms Stylesheet
text/css 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/plugins/ga-germanized/assets/css/cookieconsent.css?ver=3.1.1

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

0705d1bbb274982c3c3e0e7f58eff289fb5c2f086cb7039a58fafc541f5a5ef9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 577830
x-cache: cached
content-length: 1297
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Oct 2019 20:17:09 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:10 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 form-basic.min.css
berriesinthesnow.com/wp-content/plugins/mailchimp-for-wp/assets/css/ 3 KB
1 KB 338ms
334ms Stylesheet
text/css 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/plugins/mailchimp-for-wp/assets/css/form-basic.min.css?ver=4.7

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

2a8c2e0fd09605162cb7823dfa4ef28779072b2c3f5b6fbc23be0d47f518d9d2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 577830
x-cache: cached
content-length: 693
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Nov 2019 15:02:27 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:10 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 front.css
berriesinthesnow.com/wp-content/plugins/wp-gdpr-compliance/assets/css/ 9 KB
2 KB 344ms
339ms Stylesheet
text/css 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/plugins/wp-gdpr-compliance/assets/css/front.css?ver=1571861853

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

159062ffbab42bcb309df50bb9aaf28042e0241b05b341d9d4ee239bb7d4c579

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 577830
x-cache: cached
content-length: 1915
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Oct 2019 20:17:33 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:10 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/7.9/css/ 70 KB
12 KB 125ms
55ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/7.9/css/jetpack.css

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

068e2f18d47e3c6e38eee71beaa5d568af8a7729e5f2be2c4be47eafb4e458de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 21 Jan 2021 21:14:10 GMT
content-encoding: br
last-modified: Tue, 22 Oct 2019 15:04:13 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Fri, 21 Jan 2022 21:14:10 GMT

GET
H2 200 commentluv.css
berriesinthesnow.com/wp-content/plugins/commentluv/css/ 4 KB
1 KB 342ms
338ms Stylesheet
text/css 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/plugins/commentluv/css/commentluv.css?ver=2494c3313413735fed7d479aea3f37ad

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

e2962b21cc4e3a4d4521003fb5d716931ecea8c5a02fc3b592fcf79136532d2c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 256898
x-cache: cached
content-length: 1154
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Nov 2019 15:02:01 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:10 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/5.6/wp-includes/js/jquery/ 87 KB
30 KB 125ms
55ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.6/wp-includes/js/jquery/jquery.min.js

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 21 Jan 2021 21:14:10 GMT
content-encoding: br
last-modified: Wed, 07 Oct 2020 16:33:25 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Fri, 21 Jan 2022 21:14:10 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.6/wp-includes/js/jquery/ 11 KB
4 KB 125ms
56ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.6/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 21 Jan 2021 21:14:10 GMT
content-encoding: br
last-modified: Thu, 19 Nov 2020 09:31:13 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Fri, 21 Jan 2022 21:14:10 GMT

GET
H2 200 ppibfi_pinterest.js Show response
berriesinthesnow.com/wp-content/plugins/pinterest-pin-it-button-for-images/ 500 B
718 B 342ms
338ms Script
application/javascript 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/plugins/pinterest-pin-it-button-for-images/ppibfi_pinterest.js?ver=2494c3313413735fed7d479aea3f37ad

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

ba8d7dc3194fb691cf8a345f85dab4333490651036c6c3730bc075eb98ce161e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 250616
x-cache: cached
content-length: 339
x-xss-protection: 1; mode=block
last-modified: Sat, 24 May 2014 16:09:44 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:10 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 commentluv.js Show response
berriesinthesnow.com/wp-content/plugins/commentluv/js/ 14 KB
4 KB 341ms
337ms Script
application/javascript 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/plugins/commentluv/js/commentluv.js?ver=3.0.3

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

b924bacce6c4ba47c6731f2673afeeaca8a5a64c042dbf08c2f8164b485be71a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 577830
x-cache: cached
content-length: 4086
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Nov 2019 15:02:01 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:10 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 svgxuse.js Show response
berriesinthesnow.com/wp-content/plugins/simple-social-icons/ 9 KB
3 KB 337ms
334ms Script
application/javascript 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/plugins/simple-social-icons/svgxuse.js?ver=1.1.21

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

860e4b944663ab48a4929f7f995379090822e06521ab6321612490be84de42fd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 577830
x-cache: cached
content-length: 2373
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Oct 2019 20:17:18 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:10 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 pfp.css
berriesinthesnow.com/wp-content/plugins/posts-for-page/ 177 B
494 B 342ms
339ms Stylesheet
text/css 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/plugins/posts-for-page/pfp.css

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

e72c6b12adc3fb109514049e7fa2663eb841c3c433a41f353c79102af45d4c54

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 577830
x-cache: cached
content-length: 125
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Jun 2015 21:38:07 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:10 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: text/css
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 36ms
30ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-64021627-1

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dfaf936772357794378f8d9c4c6dbad4564d2cfac53ddee6db91e4fe95a963a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 21:14:11 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39537
x-xss-protection: 0
expires: Thu, 21 Jan 2021 21:14:11 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 57ms
52ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73956ff5d3780ac5990dbf4725170c9526b037601ea8dbb9162147b3d5a2fd14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 21:14:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47518
x-xss-protection: 0
server: cafe
etag: 6368370779655079576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Jan 2021 21:14:11 GMT

GET
H2 200 banner_test.jpg
berriesinthesnow.com/wp-content/uploads/2019/10/ 95 KB
96 KB 502ms
497ms Image
image/jpeg 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berriesinthesnow.com/wp-content/uploads/2019/10/banner_test.jpg

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

513e1179f1f442cf45420a067a23f7c788cb7619c648972ff76f2e1b9d03cca7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 573210
x-cache: cached
content-length: 97767
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Oct 2019 21:28:13 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:11 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: image/jpeg
x-cache-hit: HIT
etag: "17de7-5959a9828ced8"
accept-ranges: bytes

GET
H2 200 PSX_20181004_194427-01.jpeg
berriesinthesnow.com/wp-content/uploads/2019/10/ 170 KB
170 KB 197ms
192ms Image
image/jpeg 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berriesinthesnow.com/wp-content/uploads/2019/10/PSX_20181004_194427-01.jpeg

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

52861f1b9c1911e175fca9d177a0c0381e2e860a2ff5c02df3870dea124cf8d4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 573210
x-cache: cached
content-length: 173887
x-xss-protection: 1; mode=block
last-modified: Mon, 28 Oct 2019 20:01:46 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:11 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: image/jpeg
x-cache-hit: HIT
etag: "2a73f-595fdf82c64fb"
accept-ranges: bytes

GET
H2 200 logo-bnt-girls.png
i0.wp.com/berriesinthesnow.com/wp-content/uploads/2015/03/ 4 KB
5 KB 129ms
48ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/berriesinthesnow.com/wp-content/uploads/2015/03/logo-bnt-girls.png?resize=140%2C140&ssl=1

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

a5f261b09cef3198be2e64d4c4aea8d99b0ece1ce8ea430c3c5d719863931bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 5
date: Thu, 21 Jan 2021 21:14:11 GMT
x-content-type-options: nosniff
x-bytes-saved: 10399
last-modified: Thu, 11 Jun 2020 09:58:21 GMT
server: nginx
etag: "e9ae363c91269fd5"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://berriesinthesnow.com/wp-content/uploads/2015/03/logo-bnt-girls.png>; rel="canonical"
content-length: 4544
expires: Sat, 11 Jun 2022 21:58:21 GMT

GET
H2 200 pink_bird_1.jpg
i0.wp.com/berriesinthesnow.com/wp-content/uploads/2015/12/ 2 KB
2 KB 130ms
48ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/berriesinthesnow.com/wp-content/uploads/2015/12/pink_bird_1.jpg?resize=140%2C140&ssl=1

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

bf56290ce805970c2366861f9daa43ac04c90dd13826499eff87fca6e9b376e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 3
date: Thu, 21 Jan 2021 21:14:11 GMT
x-content-type-options: nosniff
x-bytes-saved: 2825
last-modified: Thu, 11 Jun 2020 09:58:21 GMT
server: nginx
etag: "a16cef818af3e991"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://berriesinthesnow.com/wp-content/uploads/2015/12/pink_bird_1.jpg>; rel="canonical"
content-length: 2050
expires: Sat, 11 Jun 2022 21:58:21 GMT

GET
H2 404 badge4_fuchsia.png
i1.wp.com/gofeminin.de/event/bloggerclub/badges/img/ 65 B
65 B 209ms
127ms Image
text/html 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.wp.com/gofeminin.de/event/bloggerclub/badges/img/badge4_fuchsia.png?resize=140%2C140
Requested by: Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: i1.wp.com
Software: nginx /
Resource Hash: 3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: EXPIRED ams 2
date: Thu, 21 Jan 2021 21:14:11 GMT
server: nginx
content-type: text/html; charset=utf-8

GET getads.js
cdn.chitika.net/ 0
0

GET
H2 200 photon.min.js Show response
c0.wp.com/p/jetpack/7.9/_inc/build/photon/ 755 B
443 B 35ms
35ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/7.9/_inc/build/photon/photon.min.js

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

dc844732bd61279e509bda7247ed7fca55e5fced96db9c79eed48ca084e5ce0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 21 Jan 2021 21:14:11 GMT
content-encoding: br
last-modified: Tue, 22 Oct 2019 15:04:13 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Fri, 21 Jan 2022 21:14:11 GMT

GET
H2 200 scripts.js Show response
berriesinthesnow.com/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 182ms
182ms Script
application/javascript 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 577830
x-cache: cached
content-length: 3993
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Oct 2019 20:17:03 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:11 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 cv.js Show response
berriesinthesnow.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/ 23 KB
7 KB 187ms
180ms Script
application/javascript 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.2.0

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

cf9b3937b122b2c960947ecd3ba443b93116241f9d703f6ada39a3bccdf59d99

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 577830
x-cache: cached
content-length: 6654
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Oct 2019 20:17:05 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:11 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 devicepx-jetpack.js Show response
s0.wp.com/wp-content/js/ 10 KB
3 KB 130ms
46ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=202103
Requested by: Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 21 Jan 2021 21:14:11 GMT
content-encoding: gzip
server: nginx
etag: W/"5841a56f-52b6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-ac: 4.ams _dfw
expires: Mon, 17 Jan 2022 13:15:13 GMT

GET
H2 200 jquery.bxslider.min.js Show response
berriesinthesnow.com/wp-content/themes/rosemary/js/ 19 KB
5 KB 189ms
182ms Script
application/javascript 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/themes/rosemary/js/jquery.bxslider.min.js?ver=2494c3313413735fed7d479aea3f37ad

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 256899
x-cache: cached
content-length: 5162
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Oct 2019 21:16:57 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:11 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 jquery.slicknav.min.js Show response
berriesinthesnow.com/wp-content/themes/rosemary/js/ 6 KB
2 KB 190ms
183ms Script
application/javascript 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/themes/rosemary/js/jquery.slicknav.min.js?ver=2494c3313413735fed7d479aea3f37ad

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

0a7a621da9195e29eae2be125bb7594e185410f42070c48a3f9647c53e54597a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 256898
x-cache: cached
content-length: 2057
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Oct 2019 21:16:57 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:11 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 fitvids.js Show response
berriesinthesnow.com/wp-content/themes/rosemary/js/ 3 KB
2 KB 190ms
183ms Script
application/javascript 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/themes/rosemary/js/fitvids.js?ver=2494c3313413735fed7d479aea3f37ad

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

fa2f758609856d2932d4d2b2a59d474bd5db023128b8622ab111bd65078ec7e2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 256898
x-cache: cached
content-length: 1315
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Oct 2019 21:16:57 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:11 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 solopine.js Show response
berriesinthesnow.com/wp-content/themes/rosemary/js/ 865 B
868 B 327ms
321ms Script
application/javascript 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/themes/rosemary/js/solopine.js?ver=2494c3313413735fed7d479aea3f37ad

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

db85233079d987f30add87f05c255e03c42b4459026db010c07b1482e14fab44

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 256898
x-cache: cached
content-length: 489
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Oct 2019 21:16:57 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:11 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 new-tab.min.js Show response
berriesinthesnow.com/wp-content/plugins/page-links-to/js/ 4 KB
3 KB 190ms
184ms Script
application/javascript 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/plugins/page-links-to/js/new-tab.min.js?ver=3.1.2

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

582278063c6f97f70b739bc1530060e16e176bb7b792ec5bd542d2083ed6b21c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 577830
x-cache: cached
content-length: 2285
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Oct 2019 20:17:16 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:11 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 cookieconsent.js Show response
berriesinthesnow.com/wp-content/plugins/ga-germanized/assets/js/ 20 KB
7 KB 510ms
504ms Script
application/javascript 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/plugins/ga-germanized/assets/js/cookieconsent.js?ver=3.1.1

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 577830
x-cache: cached
content-length: 6756
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Oct 2019 20:17:09 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:11 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 gaoptout.js Show response
berriesinthesnow.com/wp-content/plugins/ga-germanized/assets/js/ 565 B
702 B 509ms
503ms Script
application/javascript 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/plugins/ga-germanized/assets/js/gaoptout.js?ver=1.5.2

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

6168fb23aa5ece3be60cf0d08523790f139c895223315b5e2cf3f5f8c6bc2502

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 577830
x-cache: cached
content-length: 323
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Oct 2019 20:17:09 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:11 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 front.js Show response
berriesinthesnow.com/wp-content/plugins/wp-gdpr-compliance/assets/js/ 16 KB
3 KB 191ms
184ms Script
application/javascript 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/plugins/wp-gdpr-compliance/assets/js/front.js?ver=1571861853

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

39d307d22fc8590aa7973fa24c09edf2c8d91f7d085f76431e3cadae4bde02bf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 577829
x-cache: cached
content-length: 3133
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Oct 2019 20:17:33 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:11 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 wp-embed.min.js Show response
c0.wp.com/c/5.6/wp-includes/js/ 1 KB
721 B 44ms
38ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.6/wp-includes/js/wp-embed.min.js

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 21 Jan 2021 21:14:11 GMT
content-encoding: br
last-modified: Sat, 26 Oct 2019 00:17:07 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Fri, 21 Jan 2022 21:14:11 GMT

GET
H2 200 forms-api.min.js Show response
berriesinthesnow.com/wp-content/plugins/mailchimp-for-wp/assets/js/ 10 KB
4 KB 344ms
338ms Script
application/javascript 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/plugins/mailchimp-for-wp/assets/js/forms-api.min.js?ver=4.7

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

12438c0ba99111a720881c2f9c37975329b4cc457122a39229efee127b250ff5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 577829
x-cache: cached
content-length: 3990
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Nov 2019 15:02:27 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:11 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 e-202103.js Show response
stats.wp.com/ 9 KB
3 KB 127ms
46ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202103.js
Requested by: Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams
date: Thu, 21 Jan 2021 21:14:11 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sun, 09 Jan 2022 23:21:12 GMT

GET 8170.js
insights.blogfoster.com/v1/ 0
0

GET
H2 200 wp-emoji-release.min.js Show response
berriesinthesnow.com/wp-includes/js/ 14 KB
5 KB 190ms
186ms Script
application/javascript 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-includes/js/wp-emoji-release.min.js?ver=2494c3313413735fed7d479aea3f37ad

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 256898
x-cache: cached
content-length: 4671
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Oct 2020 16:55:23 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:11 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: application/javascript
x-cache-hit: HIT
accept-ranges: none

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 9ms
5ms Script
text/javascript 2a00:1450:4001:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3339
date: Thu, 21 Jan 2021 20:18:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 21 Jan 2021 22:18:32 GMT

GET
H2 200 ABYBOM_cleanser_2.jpg
i0.wp.com/berriesinthesnow.com/wp-content/uploads/2019/11/ 143 KB
144 KB 117ms
47ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/berriesinthesnow.com/wp-content/uploads/2019/11/ABYBOM_cleanser_2.jpg?resize=1000%2C1400&ssl=1

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

5cb908e0b97902117cb3d5807382653a4fb19193e2b04400a4bae9065c53477f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 8
date: Thu, 21 Jan 2021 21:14:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Jan 2021 20:55:14 GMT
server: nginx
etag: "26c5f598d3363919"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://berriesinthesnow.com/wp-content/uploads/2019/11/ABYBOM_cleanser_2.jpg>; rel="canonical"
content-length: 146882
expires: Fri, 20 Jan 2023 08:55:14 GMT

GET
H2 200 glimyu_2.jpg
i1.wp.com/berriesinthesnow.com/wp-content/uploads/2019/11/ 84 KB
85 KB 160ms
96ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/berriesinthesnow.com/wp-content/uploads/2019/11/glimyu_2.jpg?resize=1000%2C1400&ssl=1

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

47ae337339a3c5cae022830d3ca05dc4348bbf0580638a948462b91c1019c751

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Thu, 21 Jan 2021 21:14:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 15 Jan 2021 01:06:34 GMT
server: nginx
etag: "5ea0ecabed7ae003"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://berriesinthesnow.com/wp-content/uploads/2019/11/glimyu_2.jpg>; rel="canonical"
content-length: 86292
expires: Sun, 15 Jan 2023 13:06:34 GMT

GET
H2 200 Purito_Centella_Toner_2.jpg
i1.wp.com/berriesinthesnow.com/wp-content/uploads/2019/11/ 204 KB
204 KB 143ms
97ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/berriesinthesnow.com/wp-content/uploads/2019/11/Purito_Centella_Toner_2.jpg?resize=1000%2C1400&ssl=1

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

e3721622ef08c4b76c3b794f76341e7900b3f29eb045e731763f768cda060aaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 21 Jan 2021 21:14:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 Nov 2020 00:07:59 GMT
server: nginx
etag: "7e0fae7a31ac588e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://berriesinthesnow.com/wp-content/uploads/2019/11/Purito_Centella_Toner_2.jpg>; rel="canonical"
content-length: 208486
expires: Wed, 23 Nov 2022 12:07:59 GMT

GET
H2 200 bywishtrend_propolisserum_2.jpg
i0.wp.com/berriesinthesnow.com/wp-content/uploads/2019/10/ 142 KB
143 KB 93ms
48ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/berriesinthesnow.com/wp-content/uploads/2019/10/bywishtrend_propolisserum_2.jpg?resize=1000%2C1400&ssl=1

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

91c73098c58ec5c18f425974e6687b3a46e2a92ea546f4eb03cba7dd9a5990ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Thu, 21 Jan 2021 21:14:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 15 Jan 2021 01:06:35 GMT
server: nginx
etag: "cf926245d2bd6b13"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://berriesinthesnow.com/wp-content/uploads/2019/10/bywishtrend_propolisserum_2.jpg>; rel="canonical"
content-length: 145844
expires: Sun, 15 Jan 2023 13:06:35 GMT

GET
H2 200 Apieu_cushion_blush_3.jpg
i1.wp.com/berriesinthesnow.com/wp-content/uploads/2019/04/ 153 KB
153 KB 143ms
118ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/berriesinthesnow.com/wp-content/uploads/2019/04/Apieu_cushion_blush_3.jpg?resize=1000%2C1400&ssl=1

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

1ef78adfa4f866e00140b0e7927fcd9d28c851ebad602555136613eea3b81f66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 7
date: Thu, 21 Jan 2021 21:14:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Jan 2021 20:55:14 GMT
server: nginx
etag: "c71336bd3833fe73"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://berriesinthesnow.com/wp-content/uploads/2019/04/Apieu_cushion_blush_3.jpg>; rel="canonical"
content-length: 156604
expires: Fri, 20 Jan 2023 08:55:14 GMT

GET
H2 200 InStyleBox_Fall_2019_2.jpg
i2.wp.com/berriesinthesnow.com/wp-content/uploads/2019/10/ 124 KB
124 KB 152ms
59ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/berriesinthesnow.com/wp-content/uploads/2019/10/InStyleBox_Fall_2019_2.jpg?resize=1000%2C1333&ssl=1

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

65c9bfc2cfa3dc12f5a7a8a5c71ac74b746b36881803743f82a23e53ae5c1713

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 8
date: Thu, 21 Jan 2021 21:14:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Jan 2021 20:55:14 GMT
server: nginx
etag: "7dcbe683a6559764"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://berriesinthesnow.com/wp-content/uploads/2019/10/InStyleBox_Fall_2019_2.jpg>; rel="canonical"
content-length: 126940
expires: Fri, 20 Jan 2023 08:55:14 GMT

GET
H2 200 Leaders_Coconut_Bio_Mask_2.jpg
i0.wp.com/berriesinthesnow.com/wp-content/uploads/2019/10/ 262 KB
262 KB 107ms
105ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/berriesinthesnow.com/wp-content/uploads/2019/10/Leaders_Coconut_Bio_Mask_2.jpg?resize=1000%2C1400&ssl=1

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

2124aebe3517a6d9fd7d9fcbe4ff68f455333285d85635fe700a5dbd19d3d05a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Thu, 21 Jan 2021 21:14:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 15 Jan 2021 01:06:35 GMT
server: nginx
etag: "603359fa2eec14d7"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://berriesinthesnow.com/wp-content/uploads/2019/10/Leaders_Coconut_Bio_Mask_2.jpg>; rel="canonical"
content-length: 268128
expires: Sun, 15 Jan 2023 13:06:35 GMT

GET
H2 200 dermalogica_prismaprotect_2.jpg
i0.wp.com/berriesinthesnow.com/wp-content/uploads/2019/04/ 219 KB
220 KB 107ms
106ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/berriesinthesnow.com/wp-content/uploads/2019/04/dermalogica_prismaprotect_2.jpg?resize=1000%2C1400&ssl=1

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

20aa180c6738582bc569dbf0342fdbc55bc89bc25146f56428a1d91a81f6c06d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Thu, 21 Jan 2021 21:14:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 Nov 2020 00:07:59 GMT
server: nginx
etag: "d291637abd7b4c9c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://berriesinthesnow.com/wp-content/uploads/2019/04/dermalogica_prismaprotect_2.jpg>; rel="canonical"
content-length: 224610
expires: Wed, 23 Nov 2022 12:07:59 GMT

GET
H2 200 instyle_spring2019_2.jpg
i0.wp.com/berriesinthesnow.com/wp-content/uploads/2019/04/ 103 KB
103 KB 108ms
106ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/berriesinthesnow.com/wp-content/uploads/2019/04/instyle_spring2019_2.jpg?resize=1000%2C1400&ssl=1

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

786c8a7cc539ed530649df8c3089ff889af872ec065d7a3fdafca5d3b7221780

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 6
date: Thu, 21 Jan 2021 21:14:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Jan 2021 20:55:14 GMT
server: nginx
etag: "8f1c0fa36472eef8"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://berriesinthesnow.com/wp-content/uploads/2019/04/instyle_spring2019_2.jpg>; rel="canonical"
content-length: 105026
expires: Fri, 20 Jan 2023 08:55:14 GMT

GET
H2 200 Brucke_mask_2.jpg
i0.wp.com/berriesinthesnow.com/wp-content/uploads/2019/03/ 108 KB
108 KB 291ms
289ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/berriesinthesnow.com/wp-content/uploads/2019/03/Brucke_mask_2.jpg?resize=1000%2C1400&ssl=1

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

7bf962e983169163df0cc67008916d11004f1446d907ff733b6356d10ec85221

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 5
date: Thu, 21 Jan 2021 21:14:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 15 Jan 2021 01:06:35 GMT
server: nginx
etag: "876990aa96ed5b0f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://berriesinthesnow.com/wp-content/uploads/2019/03/Brucke_mask_2.jpg>; rel="canonical"
content-length: 110460
expires: Sun, 15 Jan 2023 13:06:35 GMT

GET
H2 200 TFS_IceCreamLip_6.jpg
berriesinthesnow.com/wp-content/uploads/2018/10/ 722 KB
723 KB 496ms
494ms Image
image/jpeg 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berriesinthesnow.com/wp-content/uploads/2018/10/TFS_IceCreamLip_6.jpg

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

f5dbf106a75eb5e4828aab918162467c4de7bebd40be46404d9dfe622d2fdfc8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 547243
x-cache: cached
content-length: 739201
x-xss-protection: 1; mode=block
last-modified: Mon, 01 Oct 2018 16:52:46 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:11 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: image/jpeg
x-cache-hit: HIT
etag: "b4781-5772da2759774"
accept-ranges: bytes

GET
H2 200 happinessboutique_11.jpg
berriesinthesnow.com/wp-content/uploads/2017/10/ 865 KB
866 KB 496ms
495ms Image
image/jpeg 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berriesinthesnow.com/wp-content/uploads/2017/10/happinessboutique_11.jpg

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

3456e091a4655cf2cd8794d2245e50f71ad046d4718f809b6b6ee7e7de1607d4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 547242
x-cache: cached
content-length: 885368
x-xss-protection: 1; mode=block
last-modified: Sat, 28 Oct 2017 16:18:04 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:11 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: image/jpeg
x-cache-hit: HIT
etag: "d8278-55c9dbffaef64"
accept-ranges: bytes

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 11ms
9ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic%26subset%3Dlatin%2Clatin-ext%7CPlayfair+Display%3A400%2C700%2C400italic%2C700italic%26subset%3Dlatin%2Clatin-ext&ver=1.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://berriesinthesnow.com
Referer: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic%26subset%3Dlatin%2Clatin-ext%7CPlayfair+Display%3A400%2C700%2C400italic%2C700italic%26subset%3Dlatin%2Clatin-ext&ver=1.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 08:34:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 564005
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Sat, 15 Jan 2022 08:34:06 GMT

GET
H2 200 fontawesome-webfont.woff2
berriesinthesnow.com/wp-content/themes/rosemary/fonts/ 70 KB
71 KB 494ms
493ms Font
font/woff2 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://berriesinthesnow.com/wp-content/themes/rosemary/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/wp-content/themes/rosemary/css/font-awesome.min.css?ver=2494c3313413735fed7d479aea3f37ad

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://berriesinthesnow.com
Referer: https://berriesinthesnow.com/wp-content/themes/rosemary/css/font-awesome.min.css?ver=2494c3313413735fed7d479aea3f37ad
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 577828
x-cache: cached
content-length: 71896
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Oct 2019 21:16:57 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:11 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: font/woff2
access-control-allow-origin: *
x-cache-hit: HIT
etag: "118d8-5959a6fd516aa"
accept-ranges: bytes

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2
fonts.gstatic.com/s/playfairdisplay/v21/ 32 KB
33 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v21/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb7d97eb19604573681684dfe0fef40692a943c29f59d11e7ba9eb39242e4e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://berriesinthesnow.com
Referer: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic%26subset%3Dlatin%2Clatin-ext%7CPlayfair+Display%3A400%2C700%2C400italic%2C700italic%26subset%3Dlatin%2Clatin-ext&ver=1.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 15 Jan 2021 04:12:25 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:30:35 GMT
server: sffe
age: 579706
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33256
x-xss-protection: 0
expires: Sat, 15 Jan 2022 04:12:25 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
fonts.gstatic.com/s/lato/v17/ 15 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://berriesinthesnow.com
Referer: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic%26subset%3Dlatin%2Clatin-ext%7CPlayfair+Display%3A400%2C700%2C400italic%2C700italic%26subset%3Dlatin%2Clatin-ext&ver=1.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 11:28:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 121553
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14864
x-xss-protection: 0
expires: Thu, 20 Jan 2022 11:28:18 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://berriesinthesnow.com
Referer: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C400italic%2C700italic%26subset%3Dlatin%2Clatin-ext%7CPlayfair+Display%3A400%2C700%2C400italic%2C700italic%26subset%3Dlatin%2Clatin-ext&ver=1.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 11:59:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:25 GMT
server: sffe
age: 33273
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Fri, 21 Jan 2022 11:59:38 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

46efe1c0c8746fef5f0b8e7b42605116f6979cc2bdfb66a15fd6053a26d46193

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: mCWOasKwFAk3hBb47sRpVQ==
cross-origin-resource-policy: cross-origin
expires: Thu, 21 Jan 2021 21:26:43 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1782
x-fb-rlafr: 0
x-fb-debug: QBi1WfxKR3vja2w1SS9LS072L+bx70HBiaE3gCsJIw8YLZAbTGED2p5SIXLxx4mbITmOm/EPrxljK9uHFxHEgA==
x-fb-trip-id: 917726464
x-fb-content-md5: ed3d882ed942966fd6937a4795fef840
date: Thu, 21 Jan 2021 21:14:11 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "f82019fe7d5cac9683d762d36da782e7"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 main.js Show response
m9m6e2w5.stackpathcdn.com/v2/eb2b667c/ 147 KB
43 KB 136ms
42ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/eb2b667c/main.js
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 2bb5383a54b6d0da21b1cdb7faa8c0aa2415ac8f3f59aaaa6dc84f7e53f78e0f

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 21:14:11 GMT
content-encoding: gzip
last-modified: Mon, 18 Jan 2021 15:34:06 GMT
server: nginx
x-amz-request-id: 0X5SDZ3VEV6Y9J0G
etag: "c9570a91afd1c07af6328c3f883f8b7c"
x-hw: 1611263651.cds044.sk1.hn,1611263651.cds009.sk1.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 43798
x-amz-id-2: 1lk3D3pG81v92e+7c067DtSl9VdKJehWAMeL/2W5bcFa/GDJkUkTFRhW+jGBEXFM0EMkdPjmhic=

GET
H2 200 ed209bac93b39fb2e79847efae9803e0.json Show response
www.shareaholic.net/config/ 12 KB
2 KB 392ms
137ms XHR
application/json 184.73.100.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shareaholic.net/config/ed209bac93b39fb2e79847efae9803e0.json
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.73.100.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-100-94.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0ce573737668efb68367ddfb1f6346dcb493c942e9ea58bd2c266fe7a04caf7d

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-client-geo-country: DK,Denmark
date: Thu, 21 Jan 2021 04:09:18 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-length: 1819
server: nginx
x-client-geo-region: 84,Capital Region
x-client-geo-metrocode
etag: W/"0ce573737668efb68367ddfb1f6346dc"
access-control-max-age: 2000
x-client-geo-city: Copenhagen
x-varnish: 730075790 707503154
via: 1.1 varnish (Varnish/6.0)
access-control-expose-headers: Etag, Access-Control-Allow-Origin, x-client-geo-latlong, x-client-geo-country, x-client-geo-city, x-client-geo-zip, x-client-geo-region, x-client-geo-metrocode
cache-control: max-age=3, public, must-revalidate
x-client-geo-zip: 2750
accept-ranges: bytes
content-type: application/json
access-control-allow-headers: *
x-client-geo-latlong: 55.732700,12.365600

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1025238871&utmhn=berriesinthesnow.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-64021627-1&cid=285385821.1611263651&jid=1224102678&_v=5.7.2&z=1025238871

35 B
100 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-64021627-1&cid=285385821.1611263651&jid=1224102678&_v=5.7.2&z=1025238871

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 21 Jan 2021 21:14:11 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Jan 2021 21:14:11 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-64021627-1&cid=285385821.1611263651&jid=1224102678&_v=5.7.2&z=1025238871
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 370
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 196 KB
60 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7428724dfc432305206db2914df733f4&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

53eff0900247a34900c5574a1ef5ea2e8638e55db764e67b5435c2ce82603172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://berriesinthesnow.com
Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: m8VEAMFZQ6YtNNdqHxcF6Q==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60425
x-fb-rlafr: 0
x-fb-debug: NlbdzEJIN5h9yeqfj8UjiPqqAA396LsOviajx9Q53a4+DAJjM8B1EEdK0g+rWeMk//cbS2YzvqEEfm6t4XSzgA==
x-fb-trip-id: 917726464
x-fb-content-md5: 1acb3fe3e58b9849d28462886c1af5e9
x-frame-options: DENY
date: Thu, 21 Jan 2021 21:14:11 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "8042f66d03c4830bb00322f830577167"
timing-allow-origin: *
expires: Fri, 21 Jan 2022 20:35:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-64021627-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6879
date: Thu, 21 Jan 2021 19:19:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 21 Jan 2021 21:19:32 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210113/r20210113/ 226 KB
85 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210113/r20210113/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f977742ee3689819e88b510d4ea4892a12406515f5f5d1e0aa92abda00785215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 21:14:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 86552
x-xss-protection: 0
server: cafe
etag: 3569488773310308160
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Jan 2021 21:14:11 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210113/r20210113/ Frame 8EE5 0
0 7ms
6ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210113/r20210113/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210113/r20210113/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://berriesinthesnow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://berriesinthesnow.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 21 Jan 2021 17:30:53 GMT
expires: Thu, 04 Feb 2021 17:30:53 GMT
content-type: text/html; charset=UTF-8
etag: 12197657918578843409
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4751
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 13398
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 7ms
6ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&aip=1&a=1577432680&t=pageview&_s=1&dl=https%3A%2F%2Fberriesinthesnow.com%2F&ul=en-us&de=UTF-8&dt=Berries%20in%20the%20Snow%20%7C%20-%20beautifying%20attempts%20by%20Miss%20Laven&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=80640644.285385821.1611263651.1611263651.1611263651.1&_utmz=80640644.1611263651.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1611263651344&_u=IQBCAUAB~&cid=285385821.1611263651&tid=UA-64021627-1&_gid=544871951.1611263651&gtm=2ou1d0&z=2018155035

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 13:31:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 27766
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 210 B
588 B 108ms
106ms Script
text/javascript 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=berriesinthesnow.com&callback=_gfp_s_&client=ca-pub-9542962661355933

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20210113/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

26f372dc1e9757e00b6195b416773d41c308dd756a6f29000f9f6a0a9a94dbeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 21:14:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
169 B 41ms
40ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=berriesinthesnow.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20210113/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jan 2021 21:14:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 42ms
41ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=berriesinthesnow.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20210113/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jan 2021 21:14:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 40ms
39ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fberriesinthesnow.com%2F&tn=DIV&id=top-bar&ign=false

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 21:14:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 97F2 0
0 407ms
406ms Document
text/html 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9542962661355933&output=html&adk=1812271804&adf=3025194257&lmt=1611263651&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fberriesinthesnow.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1611263651302&bpp=13&bdt=474&idt=145&shv=r20210113&cbv=r20210113&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2119746050945&frm=20&pv=2&ga_vid=285385821.1611263651&ga_sid=1611263651&ga_hid=1577432680&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=3297564328928729&pem=305&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=163

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20210113/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9542962661355933&output=html&adk=1812271804&adf=3025194257&lmt=1611263651&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fberriesinthesnow.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1611263651302&bpp=13&bdt=474&idt=145&shv=r20210113&cbv=r20210113&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2119746050945&frm=20&pv=2&ga_vid=285385821.1611263651&ga_sid=1611263651&ga_hid=1577432680&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=3297564328928729&pem=305&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=163
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://berriesinthesnow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://berriesinthesnow.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 21 Jan 2021 21:14:11 GMT
server: cafe
content-length: 38353
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 21-Jan-2021 21:29:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 21 Jan 2021 21:14:11 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20210113/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a07d34077ea3ad5547ec3826630c724e0361194e6fd49eb4e2d55f562b9f239b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 21:14:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611146387330534"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28294
x-xss-protection: 0
expires: Thu, 21 Jan 2021 21:14:11 GMT

POST
H2 200 e
analytics.shareaholic.com/ 43 B
383 B 333ms
111ms Other
image/gif 54.147.47.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.shareaholic.com/e

Requested by

Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/eb2b667c/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.47.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-47-240.compute-1.amazonaws.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Content-Security-Policy	referrer always

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 21:14:12 GMT
vary: Origin
p3p: CP="OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC"
access-control-allow-origin: https://berriesinthesnow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
referer-policy: unsafe-url
content-security-policy: referrer always
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 page.php
www.facebook.com/v2.3/plugins/ Frame CC08 0
0 91ms
90ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.3/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df112d3041a6bba%26domain%3Dberriesinthesnow.com%26origin%3Dhttps%253A%252F%252Fberriesinthesnow.com%252Ff222340fa7c89dc%26relation%3Dparent.parent&container_width=260&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fberriesinthesnow&locale=en_US&sdk=joey&show_facepile=true&show_posts=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=7428724dfc432305206db2914df733f4&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.3/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df112d3041a6bba%26domain%3Dberriesinthesnow.com%26origin%3Dhttps%253A%252F%252Fberriesinthesnow.com%252Ff222340fa7c89dc%26relation%3Dparent.parent&container_width=260&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fberriesinthesnow&locale=en_US&sdk=joey&show_facepile=true&show_posts=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://berriesinthesnow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://berriesinthesnow.com/

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-encoding: br
facebook-api-version: v3.2
x-content-type-options: nosniff
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: sBdl2E85sugnOzo1P8B5AcvR67GJdC6fHmIKa7zNmKsMSi3Kdk7OZeUzg448pYmyzLUDoqlG1wTv58nE85TLmQ==
date: Thu, 21 Jan 2021 21:14:11 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 g.gif
pixel.wp.com/ 50 B
92 B 32ms
31ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A7.9&blog=68938735&post=0&tz=2&srv=berriesinthesnow.com&host=berriesinthesnow.com&ref=&fcp=1152&rand=0.3902607764607413
Requested by: Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 21:14:11 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 controls.png
berriesinthesnow.com/wp-content/themes/rosemary/img/ 1 KB
2 KB 175ms
174ms Image
image/png 45.40.149.34
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://berriesinthesnow.com/wp-content/themes/rosemary/img/controls.png

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/wp-content/themes/rosemary/style.css?ver=1.6.2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.40.149.34 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-45-40-149-34.ip.secureserver.net

Software

openresty /

Resource Hash

30ee9a382f42055fdeefee97514f944fe86255361c61ef1d8bfe28442bdd33b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://berriesinthesnow.com/wp-content/themes/rosemary/style.css?ver=1.6.2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-cacheable: YES
x-backend: all_requests
age: 534233
x-cache: cached
content-length: 1522
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Oct 2019 21:16:57 GMT
server: openresty
date: Thu, 21 Jan 2021 21:14:11 GMT
strict-transport-security: max-age=300, max-age=31536000; includeSubDomains
content-type: image/png
x-cache-hit: HIT
etag: "5f2-5959a6fd85bc0"
accept-ranges: bytes

GET
H2 200 sharebuttons.js Show response
m9m6e2w5.stackpathcdn.com/v2/eb2b667c/ 157 KB
35 KB 32ms
31ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/eb2b667c/sharebuttons.js
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: e18f886234edeb3bccc0f08d0d653bff4128c6b0b331368cd0f6317c83ce023d

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 21:14:11 GMT
content-encoding: gzip
last-modified: Mon, 18 Jan 2021 15:34:06 GMT
server: nginx
x-amz-request-id: 5A3785015486074F
etag: "73359dfde4e53c320a77168f0ef34614"
x-hw: 1611263651.cds044.sk1.hn,1611263651.cds069.sk1.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 35677
x-amz-id-2: vsSFIa+Eyes3AoEY9TJey5wuAVOhYOqMYtPpef42EG1YM63QmB++u/diEPmXDRcXzsPW6nQQfRg=

GET
H2 200 affiliatelinks.js Show response
m9m6e2w5.stackpathcdn.com/v2/eb2b667c/ 981 B
789 B 43ms
42ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/eb2b667c/affiliatelinks.js
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f722500cc872e2b7d5aaf6102ac596ee66f9a5779f32d12586c48d65bee1dbca

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 21:14:11 GMT
content-encoding: gzip
last-modified: Mon, 18 Jan 2021 15:34:06 GMT
server: nginx
x-amz-request-id: 57911FAE68780CF3
etag: "266e801a4a388925e598d2249d021bae"
x-hw: 1611263651.cds044.sk1.hn,1611263651.cds211.sk1.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 586
x-amz-id-2: /5LzHtY9HmkVwqY42mbeGZLFlI7ogpLvF0f5zV2ijpkNOWGlkIRUKv0g2pGchsEZad9YwCBPUVU=

GET
H2 200 partners.js Show response
partner.shareaholic.com/ 0
265 B 427ms
199ms Script
application/javascript 107.20.140.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://partner.shareaholic.com/partners.js?location=https%3A%2F%2Fberriesinthesnow.com%2F&cl=en-US&id_sync=b328a041-b947-4743-bd75-724de692f1fc&minify=1&pvs=1&site=ed209bac93b39fb2e79847efae9803e0
Requested by: Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/eb2b667c/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.140.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-140-231.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 21:14:12 GMT
vary: Accept-Encoding, User-Agent
p3p: CP='OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC'
cache-control: no-cache, no-store, must-revalidate
content-type: application/javascript;charset=utf-8
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ABYBOM_cleanser_2.jpg
i0.wp.com/berriesinthesnow.com/wp-content/uploads/2019/11/ 26 KB
26 KB 33ms
31ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/berriesinthesnow.com/wp-content/uploads/2019/11/ABYBOM_cleanser_2.jpg?resize=520%2C400&ssl=1

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

86e17a8ee855f31217532080f70dc3c22073b8a0b8b0cd734c7d3327e7011f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 8
date: Thu, 21 Jan 2021 21:14:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Jan 2021 20:55:14 GMT
server: nginx
etag: "9d888eaa32c00a64"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://berriesinthesnow.com/wp-content/uploads/2019/11/ABYBOM_cleanser_2.jpg>; rel="canonical"
content-length: 26186
expires: Fri, 20 Jan 2023 08:55:14 GMT

GET
H2 200 glimyu_2.jpg
i1.wp.com/berriesinthesnow.com/wp-content/uploads/2019/11/ 18 KB
18 KB 34ms
31ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/berriesinthesnow.com/wp-content/uploads/2019/11/glimyu_2.jpg?resize=520%2C400&ssl=1

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

9594abf0d6e9214b0e5dadc8bf657c4e8fd2478a8791ec08af4326c29164dfff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Thu, 21 Jan 2021 21:14:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 Nov 2020 00:07:59 GMT
server: nginx
etag: "4cce64c3a6d3d6e5"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://berriesinthesnow.com/wp-content/uploads/2019/11/glimyu_2.jpg>; rel="canonical"
content-length: 18614
expires: Wed, 23 Nov 2022 12:07:59 GMT

GET
H2 200 Purito_Centella_Toner_2.jpg
i1.wp.com/berriesinthesnow.com/wp-content/uploads/2019/11/ 36 KB
36 KB 34ms
32ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/berriesinthesnow.com/wp-content/uploads/2019/11/Purito_Centella_Toner_2.jpg?resize=520%2C400&ssl=1

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

8d502293d3a4140caefe1a3728d570cd0cb3c82eb85af47113c56f04b638254f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Thu, 21 Jan 2021 21:14:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 23 Nov 2020 00:07:59 GMT
server: nginx
etag: "311d6ce979e2bd8f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://berriesinthesnow.com/wp-content/uploads/2019/11/Purito_Centella_Toner_2.jpg>; rel="canonical"
content-length: 37110
expires: Wed, 23 Nov 2022 12:07:59 GMT

GET
H2 200 bywishtrend_propolisserum_2.jpg
i0.wp.com/berriesinthesnow.com/wp-content/uploads/2019/10/ 32 KB
32 KB 35ms
33ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/berriesinthesnow.com/wp-content/uploads/2019/10/bywishtrend_propolisserum_2.jpg?resize=520%2C400&ssl=1

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

c1b8f11b3180c9b2cd1fefa39b0f31d5758be34c8b9e03dd3f7f2d235740d292

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Thu, 21 Jan 2021 21:14:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 15 Jan 2021 01:06:36 GMT
server: nginx
etag: "ea694c8955a2909b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://berriesinthesnow.com/wp-content/uploads/2019/10/bywishtrend_propolisserum_2.jpg>; rel="canonical"
content-length: 32450
expires: Sun, 15 Jan 2023 13:06:36 GMT

GET
H2 200 Apieu_cushion_blush_3.jpg
i1.wp.com/berriesinthesnow.com/wp-content/uploads/2019/04/ 65 KB
65 KB 180ms
178ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/berriesinthesnow.com/wp-content/uploads/2019/04/Apieu_cushion_blush_3.jpg?zoom=2&resize=520%2C400&ssl=1

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

02b5e1dc5196b7f5e6e25af7a9e3e7cc861b2b9dbdcf0e36d7ce332577ca753e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: MISS ams 7
date: Thu, 21 Jan 2021 21:14:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Jan 2021 21:14:12 GMT
server: nginx
etag: "bf924fa7fda5a2da"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://berriesinthesnow.com/wp-content/uploads/2019/04/Apieu_cushion_blush_3.jpg>; rel="canonical"
content-length: 66644
expires: Sun, 22 Jan 2023 09:14:12 GMT

GET
H2 200 InStyleBox_Fall_2019_2.jpg
i2.wp.com/berriesinthesnow.com/wp-content/uploads/2019/10/ 23 KB
23 KB 35ms
33ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/berriesinthesnow.com/wp-content/uploads/2019/10/InStyleBox_Fall_2019_2.jpg?resize=520%2C400&ssl=1

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

57d3a49f6cc8c9a39bab9a5e03663c02c22b507244e9026ebbb3fcdfe62a9b04

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 8
date: Thu, 21 Jan 2021 21:14:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Jan 2021 20:55:14 GMT
server: nginx
etag: "7bb7835801acd52c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://berriesinthesnow.com/wp-content/uploads/2019/10/InStyleBox_Fall_2019_2.jpg>; rel="canonical"
content-length: 23146
expires: Fri, 20 Jan 2023 08:55:14 GMT

GET
H2 200 Leaders_Coconut_Bio_Mask_2.jpg
i0.wp.com/berriesinthesnow.com/wp-content/uploads/2019/10/ 51 KB
51 KB 35ms
33ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/berriesinthesnow.com/wp-content/uploads/2019/10/Leaders_Coconut_Bio_Mask_2.jpg?resize=520%2C400&ssl=1

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

9e8b9496a9e4afd9e6b8275ba407a4494316b112e7d50832c4953b3e289fcc64

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Thu, 21 Jan 2021 21:14:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 15 Jan 2021 01:06:37 GMT
server: nginx
etag: "0ed145bf95882445"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://berriesinthesnow.com/wp-content/uploads/2019/10/Leaders_Coconut_Bio_Mask_2.jpg>; rel="canonical"
content-length: 52024
expires: Sun, 15 Jan 2023 13:06:37 GMT

GET
H2 200 dermalogica_prismaprotect_2.jpg
i0.wp.com/berriesinthesnow.com/wp-content/uploads/2019/04/ 97 KB
97 KB 208ms
206ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/berriesinthesnow.com/wp-content/uploads/2019/04/dermalogica_prismaprotect_2.jpg?zoom=2&resize=520%2C400&ssl=1

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

a436fe8f5658be7bf75653bab33ad0a901c7d9aa2b05bb3cf8bfd35433246202

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: MISS ams 2
date: Thu, 21 Jan 2021 21:14:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Jan 2021 21:14:12 GMT
server: nginx
etag: "99fc06d1fa299aad"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://berriesinthesnow.com/wp-content/uploads/2019/04/dermalogica_prismaprotect_2.jpg>; rel="canonical"
content-length: 99010
expires: Sun, 22 Jan 2023 09:14:12 GMT

GET
H2 200 instyle_spring2019_2.jpg
i0.wp.com/berriesinthesnow.com/wp-content/uploads/2019/04/ 46 KB
46 KB 165ms
163ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/berriesinthesnow.com/wp-content/uploads/2019/04/instyle_spring2019_2.jpg?zoom=2&resize=520%2C400&ssl=1

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

d5f0a835f689a8d969d80a552e1ed548c9a8e81010d314783235ea255c2154bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: MISS ams 6
date: Thu, 21 Jan 2021 21:14:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Jan 2021 21:14:12 GMT
server: nginx
etag: "3828d981dcc0fffb"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://berriesinthesnow.com/wp-content/uploads/2019/04/instyle_spring2019_2.jpg>; rel="canonical"
content-length: 47182
expires: Sun, 22 Jan 2023 09:14:12 GMT

GET
H2 200 Brucke_mask_2.jpg
i0.wp.com/berriesinthesnow.com/wp-content/uploads/2019/03/ 58 KB
58 KB 160ms
159ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/berriesinthesnow.com/wp-content/uploads/2019/03/Brucke_mask_2.jpg?zoom=2&resize=520%2C400&ssl=1

Requested by

Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

91e8baa6c6cbb9041c597df27ec282d06a14609e414830512d3fd0ea6fee4535

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: MISS ams 5
date: Thu, 21 Jan 2021 21:14:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Jan 2021 21:14:12 GMT
server: nginx
etag: "01326359ed601d3d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://berriesinthesnow.com/wp-content/uploads/2019/03/Brucke_mask_2.jpg>; rel="canonical"
content-length: 59282
expires: Sun, 22 Jan 2023 09:14:12 GMT

GET
H3-Q050 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210113/r20210113/ 142 KB
51 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210113/r20210113/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20210113/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

212ec18aaef0eddb381b124114799910d9920c8bf704e7350681b858695b29ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 21:14:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 52197
x-xss-protection: 0
server: cafe
etag: 5357816700311629216
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Jan 2021 21:14:11 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame B04D 0
0 628ms
627ms Document
text/html 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9542962661355933&output=html&h=90&adk=2987094877&adf=3296512626&pi=t.aa~a.2697327017~rp.4&w=1080&fwrn=4&fwrnh=100&lmt=1611263651&rafmt=1&to=qs&pwprc=7539733161&psa=0&format=1080x90&url=https%3A%2F%2Fberriesinthesnow.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611263651967&bpp=1&bdt=1138&idt=-M&shv=r20210113&cbv=r20210113&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae860a5ad44b5381-2252bc4d9bb9005b%3AT%3D1611263651%3ART%3D1611263651%3AS%3DALNI_MZbaKy8a0Sadoe-G1s6M5hCT3yj4g&prev_fmts=0x0&nras=1&correlator=2119746050945&frm=20&pv=1&ga_vid=285385821.1611263651&ga_sid=1611263651&ga_hid=1577432680&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=1308&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=3297564328928729&pem=305&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=WNziSthf3y&p=https%3A//berriesinthesnow.com&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20210113/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17426337492537330512/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17426337492537330512/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ7d-Oz4re4CFWRewgodzVAOvA&gqi=pO4JYIkUiY3F3A_auCQ&layout=/sadbundle/%24csp%253Der3%24/17426337492537330512/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9542962661355933&output=html&h=90&adk=2987094877&adf=3296512626&pi=t.aa~a.2697327017~rp.4&w=1080&fwrn=4&fwrnh=100&lmt=1611263651&rafmt=1&to=qs&pwprc=7539733161&psa=0&format=1080x90&url=https%3A%2F%2Fberriesinthesnow.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611263651967&bpp=1&bdt=1138&idt=-M&shv=r20210113&cbv=r20210113&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae860a5ad44b5381-2252bc4d9bb9005b%3AT%3D1611263651%3ART%3D1611263651%3AS%3DALNI_MZbaKy8a0Sadoe-G1s6M5hCT3yj4g&prev_fmts=0x0&nras=1&correlator=2119746050945&frm=20&pv=1&ga_vid=285385821.1611263651&ga_sid=1611263651&ga_hid=1577432680&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=1308&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=3297564328928729&pem=305&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=WNziSthf3y&p=https%3A//berriesinthesnow.com&dtd=14
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://berriesinthesnow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://berriesinthesnow.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17426337492537330512/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17426337492537330512/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ7d-Oz4re4CFWRewgodzVAOvA&gqi=pO4JYIkUiY3F3A_auCQ&layout=/sadbundle/%24csp%253Der3%24/17426337492537330512/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 21 Jan 2021 21:14:12 GMT
server: cafe
content-length: 38551
x-xss-protection: 0
set-cookie: IDE=AHWqTUmBfa7Hpc9Wh69sqLX849RwRjjKw5F38A5-Sl6JFVUzXiobK_0IcQKK5Lu9nvo; expires=Tue, 15-Feb-2022 21:14:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 21 Jan 2021 21:14:12 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame E372 0
0 371ms
371ms Document
text/html 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9542962661355933&output=html&h=60&adk=2217445766&adf=1567633289&pi=t.aa~a.372871807~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1611263651&rafmt=1&to=qs&pwprc=7539733161&psa=0&format=1080x60&url=https%3A%2F%2Fberriesinthesnow.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611263651967&bpp=1&bdt=1139&idt=1&shv=r20210113&cbv=r20210113&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae860a5ad44b5381-2252bc4d9bb9005b%3AT%3D1611263651%3ART%3D1611263651%3AS%3DALNI_MZbaKy8a0Sadoe-G1s6M5hCT3yj4g&prev_fmts=0x0%2C1080x90&nras=1&correlator=2119746050945&frm=20&pv=1&ga_vid=285385821.1611263651&ga_sid=1611263651&ga_hid=1577432680&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=1408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=3297564328928729&pem=305&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vW89MEaRiz&p=https%3A//berriesinthesnow.com&dtd=19

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20210113/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9542962661355933&output=html&h=60&adk=2217445766&adf=1567633289&pi=t.aa~a.372871807~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1611263651&rafmt=1&to=qs&pwprc=7539733161&psa=0&format=1080x60&url=https%3A%2F%2Fberriesinthesnow.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1611263651967&bpp=1&bdt=1139&idt=1&shv=r20210113&cbv=r20210113&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae860a5ad44b5381-2252bc4d9bb9005b%3AT%3D1611263651%3ART%3D1611263651%3AS%3DALNI_MZbaKy8a0Sadoe-G1s6M5hCT3yj4g&prev_fmts=0x0%2C1080x90&nras=1&correlator=2119746050945&frm=20&pv=1&ga_vid=285385821.1611263651&ga_sid=1611263651&ga_hid=1577432680&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=260&ady=1408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=3297564328928729&pem=305&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=vW89MEaRiz&p=https%3A//berriesinthesnow.com&dtd=19
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://berriesinthesnow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://berriesinthesnow.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 21 Jan 2021 21:14:12 GMT
server: cafe
content-length: 27498
x-xss-protection: 0
set-cookie: IDE=AHWqTUmMBNuqNgkQxBRI98gQ6M-RDl5Xf2RiPb1QrO8QcFVbDXXE7h6F6XBABIHa; expires=Tue, 15-Feb-2022 21:14:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 21 Jan 2021 21:14:12 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5995 0
0 344ms
343ms Document
text/html 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9542962661355933&output=html&h=600&slotname=8486623608&adk=1594669142&adf=105494186&pi=t.ma~as.8486623608&w=260&fwrn=4&fwrnh=100&lmt=1611263652&rafmt=1&psa=0&format=260x600&url=https%3A%2F%2Fberriesinthesnow.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1611263651321&bpp=1&bdt=492&idt=157&shv=r20210113&cbv=r20210113&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae860a5ad44b5381-2252bc4d9bb9005b%3AT%3D1611263651%3ART%3D1611263651%3AS%3DALNI_MZbaKy8a0Sadoe-G1s6M5hCT3yj4g&prev_fmts=0x0%2C1080x90%2C1080x60&nras=1&correlator=2119746050945&frm=20&pv=1&ga_vid=285385821.1611263651&ga_sid=1611263651&ga_hid=1577432680&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1080&ady=3790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=3297564328928729&pem=305&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=3&fsb=1&xpc=m2VC3TbqWJ&p=https%3A//berriesinthesnow.com&dtd=691

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20210113/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9542962661355933&output=html&h=600&slotname=8486623608&adk=1594669142&adf=105494186&pi=t.ma~as.8486623608&w=260&fwrn=4&fwrnh=100&lmt=1611263652&rafmt=1&psa=0&format=260x600&url=https%3A%2F%2Fberriesinthesnow.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1611263651321&bpp=1&bdt=492&idt=157&shv=r20210113&cbv=r20210113&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae860a5ad44b5381-2252bc4d9bb9005b%3AT%3D1611263651%3ART%3D1611263651%3AS%3DALNI_MZbaKy8a0Sadoe-G1s6M5hCT3yj4g&prev_fmts=0x0%2C1080x90%2C1080x60&nras=1&correlator=2119746050945&frm=20&pv=1&ga_vid=285385821.1611263651&ga_sid=1611263651&ga_hid=1577432680&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1080&ady=3790&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=3297564328928729&pem=305&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=3&fsb=1&xpc=m2VC3TbqWJ&p=https%3A//berriesinthesnow.com&dtd=691
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://berriesinthesnow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://berriesinthesnow.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 21 Jan 2021 21:14:12 GMT
server: cafe
content-length: 25213
x-xss-protection: 0
set-cookie: IDE=AHWqTUkRHjk5ffr7do-ZrpPWa5z96WlZr6UWy_16wY55SL5GAtK6TU4r7EYNQMLq; expires=Tue, 15-Feb-2022 21:14:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 21 Jan 2021 21:14:12 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame EF75 0
0 517ms
517ms Document
text/html 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9542962661355933&output=html&h=600&slotname=6897203207&adk=2287347046&adf=606830807&pi=t.ma~as.6897203207&w=260&fwrn=4&fwrnh=100&lmt=1611263652&rafmt=1&psa=0&format=260x600&url=https%3A%2F%2Fberriesinthesnow.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1611263651315&bpp=6&bdt=487&idt=161&shv=r20210113&cbv=r20210113&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae860a5ad44b5381-2252bc4d9bb9005b%3AT%3D1611263651%3ART%3D1611263651%3AS%3DALNI_MZbaKy8a0Sadoe-G1s6M5hCT3yj4g&prev_fmts=0x0%2C1080x90%2C1080x60%2C260x600&nras=1&correlator=2119746050945&frm=20&pv=1&ga_vid=285385821.1611263651&ga_sid=1611263651&ga_hid=1577432680&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1080&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=3297564328928729&pem=305&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=8320&bc=31&ifi=1&uci=a!1&btvi=4&fsb=1&xpc=G2JjhYP3ax&p=https%3A//berriesinthesnow.com&dtd=746

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20210113/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2427104053194348630/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2427104053194348630/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI6u_ez4re4CFRNGHgIdyhoLXg&gqi=pO4JYP34BMfDywW1oYi4BA&layout=/sadbundle/%24csp%253Der3%24/2427104053194348630/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9542962661355933&output=html&h=600&slotname=6897203207&adk=2287347046&adf=606830807&pi=t.ma~as.6897203207&w=260&fwrn=4&fwrnh=100&lmt=1611263652&rafmt=1&psa=0&format=260x600&url=https%3A%2F%2Fberriesinthesnow.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1611263651315&bpp=6&bdt=487&idt=161&shv=r20210113&cbv=r20210113&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae860a5ad44b5381-2252bc4d9bb9005b%3AT%3D1611263651%3ART%3D1611263651%3AS%3DALNI_MZbaKy8a0Sadoe-G1s6M5hCT3yj4g&prev_fmts=0x0%2C1080x90%2C1080x60%2C260x600&nras=1&correlator=2119746050945&frm=20&pv=1&ga_vid=285385821.1611263651&ga_sid=1611263651&ga_hid=1577432680&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1080&ady=2796&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=3297564328928729&pem=305&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=8320&bc=31&ifi=1&uci=a!1&btvi=4&fsb=1&xpc=G2JjhYP3ax&p=https%3A//berriesinthesnow.com&dtd=746
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://berriesinthesnow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://berriesinthesnow.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2427104053194348630/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2427104053194348630/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI6u_ez4re4CFRNGHgIdyhoLXg&gqi=pO4JYP34BMfDywW1oYi4BA&layout=/sadbundle/%24csp%253Der3%24/2427104053194348630/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 21 Jan 2021 21:14:12 GMT
server: cafe
content-length: 38484
x-xss-protection: 0
set-cookie: IDE=AHWqTUl1cWtkLsoqHHYFyu_hQcSY-FRXUdtH-KueXSSVavnHIPruMmHZbCphzCcB; expires=Tue, 15-Feb-2022 21:14:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 21 Jan 2021 21:14:12 GMT
cache-control: private

GET
DATA 200
OK truncated
/ 492 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4299f2aaa46eea61cff7da0f945e26cf0ace8a35ea912182e7df2a9958db8e10

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 vglnk.js Show response
cdn.viglink.com/api/ 81 KB
28 KB 123ms
42ms Script
text/javascript 65.9.73.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viglink.com/api/vglnk.js
Requested by: Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/eb2b667c/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 19 Jan 2021 16:32:15 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2020 18:57:12 GMT
server: AmazonS3
age: 189718
etag: "072eaf64a771815874455704fca9301b"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
cache-control: public, max-age=604800
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 28567
x-amz-cf-id: NyxMGU6ZBL_TkCh7phQuA4qWX16rItMfkKV_oUOZ61uB1OfnKEBEjA==

GET
H2 200 shareaholic-icons.woff
m9m6e2w5.stackpathcdn.com/v2/fonts_0ecbeeff/ 20 KB
20 KB 102ms
33ms Font
font/woff 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/fonts_0ecbeeff/shareaholic-icons.woff
Requested by: Host: berriesinthesnow.com
URL: https://berriesinthesnow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 21e444926ee2b1297a9888fe081f196a640763626243aa07b80ff171049e7a8c

Request headers

Origin: https://berriesinthesnow.com
Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 21:14:12 GMT
content-encoding: gzip
last-modified: Mon, 18 Jan 2021 14:31:54 GMT
server: nginx
x-amz-request-id: DJ4MBN2X4GBW9GBG
etag: "0e26e8e2b7a79ff2a9e9fe9ef5382e6d"
x-hw: 1611263652.cds068.sk1.hn,1611263652.cds042.sk1.c
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 20572
x-amz-id-2: d/kBxFAxvsAf9UqvO+JFvSo5JO/HRrSfvG19Y1mjZtIsue7NP+Cbe24L0lGA2zdiquK9MUBGWnI=

GET
H3-Q050 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210113/r20210113/ Frame 8445 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210113/r20210113/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20210113/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210113/r20210113/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://berriesinthesnow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://berriesinthesnow.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 21 Jan 2021 17:30:55 GMT
expires: Thu, 04 Feb 2021 17:30:55 GMT
content-type: text/html; charset=UTF-8
etag: 12197657918578843409
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4751
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 13397
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK ping Show response
api.viglink.com/api/ 233 B
964 B 254ms
104ms XHR
text/javascript 34.249.191.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/ping
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.191.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-191-98.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: c6c8a7c58ef15febb726a27d662df4d44f364470de1a179d927cc3e1dae82c0c

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 21 Jan 2021 21:14:11 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://berriesinthesnow.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 233
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 78 B
530 B 6705ms
6704ms XHR
text/javascript 34.249.191.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/domains
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.191.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-191-98.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: aeb9b361ba2bdf93209311c27d9c87a20f2cd8604de7a68ff493848a198d9fa8

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 21 Jan 2021 21:14:19 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://berriesinthesnow.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 78
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 47ms
47ms XHR
application/json 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210113&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20210113/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

441d76d81f535e4f71d10ef03470cff08dbc86d68e5c6c98b2951a6b3b0247e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jan 2021 21:14:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6868
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210113/r20210113/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 21:14:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Thu, 21 Jan 2021 21:14:13 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame FA6C 0
0 7ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://berriesinthesnow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://berriesinthesnow.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Thu, 21 Jan 2021 20:19:36 GMT
expires: Fri, 21 Jan 2022 20:19:36 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3277
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
506 B 45ms
45ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gda_r20210113&jk=3297564328928729&bg=!z8ylzI_NAAUYkFXlGDsAKQB2-Dxa15EZIUTd-FPKddiJgCPF5ZONIc5InaeW16NTrk62XGG4_fTRAgAAANdSAAAAHWgBBwoBWK_XUrYaYLw4B8joSPStVbxWYCGO4lnA3LpC1Bo_rJloQl6syF5wyxSh9MOoixU7Vb_ngcbQYVw1w483yNpYFMZE8e6CphW7JY6sPvjVmDY_JsMf23OX1_u004csNwup9Otubtt5W5COeXLwCIRy4St_PoUlgIbyga1aJLQSA32NWqXEGEngIkqgbQccL9J2NtllB-yIhDLWcDYvGSb7kZApR66dIUinIm-I4Z2XbXK0FYzvkE8HThZQQBUhOzo8ZQwHd9BqEM1SPMYoqUTFZQwMa77WBB62nM1qgZ8j1X-W4sTCaxELlK4MKVglKS1O1mgPn5CJ0ZShSvrzPFM0vKYUKdNwFQppEpajP3JqfuKcgBH1HDqXwT9hKlBL_OPhUxitO6ccqVp67ZAndQKRRBLXxhSUF-m_y8LEzRrr6YPUS_AMGRL6aDSH-lRMRG3I8WwY62VqB3FhmQHpAZYZSMTJOCZUu1_JXqMCIYOz2o1WKuVun3jC81fL2VEUrqYfMdrOIIHvqorsCTYqowsh0Lr_BLUfhmu_7V4KJVQqSm9pmaFBEA9G2XZZAOYN3CjFeAt0EbUqCRjDofHlxU4xcmiUY02lh4BJJWR9kG8adjFVI7qAqyrZHi0SlWTeqnfuxpcxOiyGwV0DV_UEw0j3Su5GWRJI0HqUtvQDswoVKVZruhwRzeNrUnSprOYdueE8O5Js5pQGgPTTnpnPa3eUmB_BtR36DzLvRZtnQY29f2XhKCZsh30KmCiINm93U0JLYdaxDXOyTDx-L2o6Je_JLpaoTH47BiK4YYo4t3tAShmhOYxOVojD4jjIJzwOyHr2Gex8wle5SqLCTOz8-UKotX140X2oQLQAkO1Tc8b-8KL4XSN79QQluEZjwZefK1rGd8tqhcmgeJzjvE_nnTN9Dmz2u7uBv1fA2KuPvyAxPcQ86w5vhvHHP3cxKRCJ5lNdAtvcx7lo0MLDBujSzhGbH0aOKxMWaUOpRE8TwwO2klwKYwcu0X1Fmkky-rQOWn0vjUuhwWIYIT1HqyM9lP0iEQlkFUjCt6wJq52Gd8dmruc35j8J643moqJWdPyXjpWqNDO-c3m1bEmKxvCq7T2bgZ_Bth4h

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://berriesinthesnow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 21:14:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.chitika.net
URL: https://cdn.chitika.net/getads.js

Domain: insights.blogfoster.com
URL: https://insights.blogfoster.com/v1/8170.js

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 15:34:27	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 00:55:59	Name: IDE Value: AHWqTUmBfa7Hpc9Wh69sqLX849RwRjjKw5F38A5-Sl6JFVUzXiobK_0IcQKK5Lu9nvo
.berriesinthesnow.com/	1970-01-20 00:55:59	Name: __gads Value: ID=ae860a5ad44b5381-2252bc4d9bb9005b:T=1611263651:RT=1611263651:S=ALNI_MZbaKy8a0Sadoe-G1s6M5hCT3yj4g
.berriesinthesnow.com/	1970-01-19 15:35:50	Name: _gid Value: GA1.2.544871951.1611263651
.berriesinthesnow.com/	1970-01-20 09:05:35	Name: _ga Value: GA1.2.285385821.1611263651
.berriesinthesnow.com/	1970-01-19 15:34:25	Name: __utmb Value: 80640644.1.10.1611263651
.berriesinthesnow.com/	1970-01-19 15:34:24	Name: __utmt Value: 1
.berriesinthesnow.com/	1970-01-19 19:57:11	Name: __utmz Value: 80640644.1611263651.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.berriesinthesnow.com/	1969-12-31 23:59:59	Name: __utmc Value: 80640644
.berriesinthesnow.com/	1970-01-20 09:05:35	Name: __utma Value: 80640644.285385821.1611263651.1611263651.1611263651.1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://c0.wp.com/c/5.6/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
analytics.shareaholic.com
api.viglink.com
berriesinthesnow.com
c0.wp.com
cdn.chitika.net
cdn.shareaholic.net
cdn.viglink.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i0.wp.com
i1.wp.com
i2.wp.com
insights.blogfoster.com
m9m6e2w5.stackpathcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.shareaholic.com
pixel.wp.com
s0.wp.com
ssl.google-analytics.com
stats.g.doubleclick.net
stats.wp.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.shareaholic.net
cdn.chitika.net
insights.blogfoster.com
107.20.140.231
151.139.128.11
184.73.100.94
192.0.76.3
192.0.77.2
192.0.77.32
192.0.77.37
216.58.207.66
2a00:1450:4001:802::200e
2a00:1450:4001:803::2001
2a00:1450:4001:803::200a
2a00:1450:4001:817::2008
2a00:1450:4001:819::2002
2a00:1450:4001:81e::2002
2a00:1450:4001:81f::2008
2a00:1450:4001:820::2003
2a00:1450:4001:824::200e
2a00:1450:400c:c00::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.249.191.98
45.40.149.34
54.147.47.240
65.9.73.70
028be14e426bdb09c7f9cbc280bb16978dd1a45908a5b292c10a237d6b29751e
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02b5e1dc5196b7f5e6e25af7a9e3e7cc861b2b9dbdcf0e36d7ce332577ca753e
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
068e2f18d47e3c6e38eee71beaa5d568af8a7729e5f2be2c4be47eafb4e458de
0705d1bbb274982c3c3e0e7f58eff289fb5c2f086cb7039a58fafc541f5a5ef9
0a7a621da9195e29eae2be125bb7594e185410f42070c48a3f9647c53e54597a
0ce573737668efb68367ddfb1f6346dcb493c942e9ea58bd2c266fe7a04caf7d
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
11f7775213c1f8a011d2bfa76e6e8e4f2bac337191a33c2d2fdded1691469273
12438c0ba99111a720881c2f9c37975329b4cc457122a39229efee127b250ff5
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
153c8b0d3945a5d36bb0dde455960dd3f8fed42185648c052a628838220cf55c
159062ffbab42bcb309df50bb9aaf28042e0241b05b341d9d4ee239bb7d4c579
1ef78adfa4f866e00140b0e7927fcd9d28c851ebad602555136613eea3b81f66
20aa180c6738582bc569dbf0342fdbc55bc89bc25146f56428a1d91a81f6c06d
2124aebe3517a6d9fd7d9fcbe4ff68f455333285d85635fe700a5dbd19d3d05a
212ec18aaef0eddb381b124114799910d9920c8bf704e7350681b858695b29ab
21e444926ee2b1297a9888fe081f196a640763626243aa07b80ff171049e7a8c
26f372dc1e9757e00b6195b416773d41c308dd756a6f29000f9f6a0a9a94dbeb
2a8c2e0fd09605162cb7823dfa4ef28779072b2c3f5b6fbc23be0d47f518d9d2
2bb5383a54b6d0da21b1cdb7faa8c0aa2415ac8f3f59aaaa6dc84f7e53f78e0f
30ee9a382f42055fdeefee97514f944fe86255361c61ef1d8bfe28442bdd33b2
3456e091a4655cf2cd8794d2245e50f71ad046d4718f809b6b6ee7e7de1607d4
3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4
39d307d22fc8590aa7973fa24c09edf2c8d91f7d085f76431e3cadae4bde02bf
3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
4299f2aaa46eea61cff7da0f945e26cf0ace8a35ea912182e7df2a9958db8e10
441d76d81f535e4f71d10ef03470cff08dbc86d68e5c6c98b2951a6b3b0247e4
46efe1c0c8746fef5f0b8e7b42605116f6979cc2bdfb66a15fd6053a26d46193
47ae337339a3c5cae022830d3ca05dc4348bbf0580638a948462b91c1019c751
513e1179f1f442cf45420a067a23f7c788cb7619c648972ff76f2e1b9d03cca7
52861f1b9c1911e175fca9d177a0c0381e2e860a2ff5c02df3870dea124cf8d4
53eff0900247a34900c5574a1ef5ea2e8638e55db764e67b5435c2ce82603172
57d3a49f6cc8c9a39bab9a5e03663c02c22b507244e9026ebbb3fcdfe62a9b04
582278063c6f97f70b739bc1530060e16e176bb7b792ec5bd542d2083ed6b21c
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981
5cb908e0b97902117cb3d5807382653a4fb19193e2b04400a4bae9065c53477f
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6168fb23aa5ece3be60cf0d08523790f139c895223315b5e2cf3f5f8c6bc2502
65c9bfc2cfa3dc12f5a7a8a5c71ac74b746b36881803743f82a23e53ae5c1713
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e
73956ff5d3780ac5990dbf4725170c9526b037601ea8dbb9162147b3d5a2fd14
786c8a7cc539ed530649df8c3089ff889af872ec065d7a3fdafca5d3b7221780
7bc15c522a05ce0e56b8cb3fff83bc6e770130afdd840d469869db69663d78fe
7bf962e983169163df0cc67008916d11004f1446d907ff733b6356d10ec85221
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
860e4b944663ab48a4929f7f995379090822e06521ab6321612490be84de42fd
86e17a8ee855f31217532080f70dc3c22073b8a0b8b0cd734c7d3327e7011f28
8b7aae781975d4a0a2396701a6e5ab1272a81bb21d2cc4cdfcdddd22f5bb877f
8c6516c51b202951576f01cbd52689a72b7c3281b23f14febe1f72c88e1f1708
8d502293d3a4140caefe1a3728d570cd0cb3c82eb85af47113c56f04b638254f
91c73098c58ec5c18f425974e6687b3a46e2a92ea546f4eb03cba7dd9a5990ea
91e8baa6c6cbb9041c597df27ec282d06a14609e414830512d3fd0ea6fee4535
9594abf0d6e9214b0e5dadc8bf657c4e8fd2478a8791ec08af4326c29164dfff
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9e8b9496a9e4afd9e6b8275ba407a4494316b112e7d50832c4953b3e289fcc64
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a07d34077ea3ad5547ec3826630c724e0361194e6fd49eb4e2d55f562b9f239b
a436fe8f5658be7bf75653bab33ad0a901c7d9aa2b05bb3cf8bfd35433246202
a5f261b09cef3198be2e64d4c4aea8d99b0ece1ce8ea430c3c5d719863931bec
ae25bcce5f1fca7cc47fdd8f78bd7834bb6b4594c445b756b89f0b7b00e9eaa1
aeb9b361ba2bdf93209311c27d9c87a20f2cd8604de7a68ff493848a198d9fa8
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b924bacce6c4ba47c6731f2673afeeaca8a5a64c042dbf08c2f8164b485be71a
ba8d7dc3194fb691cf8a345f85dab4333490651036c6c3730bc075eb98ce161e
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
bb7d97eb19604573681684dfe0fef40692a943c29f59d11e7ba9eb39242e4e3b
bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e
bf56290ce805970c2366861f9daa43ac04c90dd13826499eff87fca6e9b376e1
c1b8f11b3180c9b2cd1fefa39b0f31d5758be34c8b9e03dd3f7f2d235740d292
c6c8a7c58ef15febb726a27d662df4d44f364470de1a179d927cc3e1dae82c0c
cf9b3937b122b2c960947ecd3ba443b93116241f9d703f6ada39a3bccdf59d99
d361bbadce5225a3fd7d3877d1b943bdc835d77f52d279fabbaa60a01ea32332
d5f0a835f689a8d969d80a552e1ed548c9a8e81010d314783235ea255c2154bd
db85233079d987f30add87f05c255e03c42b4459026db010c07b1482e14fab44
dbd21434a01bdc63075bfc9259c20b6a06b628267d25ee9683939ed2f088fffd
dc844732bd61279e509bda7247ed7fca55e5fced96db9c79eed48ca084e5ce0a
dfaf936772357794378f8d9c4c6dbad4564d2cfac53ddee6db91e4fe95a963a5
e0c9ee5a100adf1b0a999529865b09ca9512717df088b366ddd757c01c2b68d9
e18f886234edeb3bccc0f08d0d653bff4128c6b0b331368cd0f6317c83ce023d
e2962b21cc4e3a4d4521003fb5d716931ecea8c5a02fc3b592fcf79136532d2c
e3721622ef08c4b76c3b794f76341e7900b3f29eb045e731763f768cda060aaa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
e72c6b12adc3fb109514049e7fa2663eb841c3c433a41f353c79102af45d4c54
e7be98b44cfeff4fe548e4ce712fac1e09fd299e0dbae9feeec35bf2f43b86f2
f230538018f9156f925bd667c6ac4f437ae4541b9d421424728592d359b499c8
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5dbf106a75eb5e4828aab918162467c4de7bebd40be46404d9dfe622d2fdfc8
f722500cc872e2b7d5aaf6102ac596ee66f9a5779f32d12586c48d65bee1dbca
f977742ee3689819e88b510d4ea4892a12406515f5f5d1e0aa92abda00785215
fa2f758609856d2932d4d2b2a59d474bd5db023128b8622ab111bd65078ec7e2
fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382

berriesinthesnow.com Open in urlscan Pro 45.40.149.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

114 Requests

98 %HTTPS

50 %IPv6

20 Domains

32 Subdomains

25 IPs

4 Countries

4681 kBTransfer

6101 kBSize

10 Cookies

10 Outgoing links

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

berriesinthesnow.com Open in urlscan Pro
45.40.149.34 Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

98 %
HTTPS

50 %
IPv6

20
Domains

32
Subdomains

25
IPs

4
Countries

4681 kB
Transfer

6101 kB
Size

10
Cookies

114 HTTP transactions
1 data transactions