thequirkyredhead.com Open in urlscan Pro
161.35.68.249  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response thequirkyredhead.com/	320 KB 46 KB	3222ms 2896ms	Document text/html	161.35.68.249 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://thequirkyredhead.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 161.35.68.249 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 24809861e5af1b3e7d0475b1b6ce11cb7ee5cfecc8d925efe6c4121d794bc4bb Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language en-US,en;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Tue, 09 Apr 2024 09:35:51 GMT Link <https://thequirkyredhead.com/wp-json/>; rel="https://api.w.org/" Server nginx Transfer-Encoding chunked
GET H/1.1	200 OK	style.min.css thequirkyredhead.com/wp-includes/css/dist/block-library/	93 KB 13 KB	282ms 147ms	Stylesheet text/css	161.35.68.249 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://thequirkyredhead.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 Requested by Host: thequirkyredhead.com URL: https://thequirkyredhead.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 161.35.68.249 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thequirkyredhead.com/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 09 Apr 2024 09:35:51 GMT Content-Encoding gzip Last-Modified Fri, 11 Nov 2022 14:56:45 GMT Server nginx ETag W/"636e62ad-172a9" Transfer-Encoding chunked Content-Type text/css Connection keep-alive
GET H/1.1	200 OK	classic-themes.min.css thequirkyredhead.com/wp-includes/css/	217 B 440 B	429ms 146ms	Stylesheet text/css	161.35.68.249 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://thequirkyredhead.com/wp-includes/css/classic-themes.min.css?ver=1 Requested by Host: thequirkyredhead.com URL: https://thequirkyredhead.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 161.35.68.249 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thequirkyredhead.com/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 09 Apr 2024 09:35:51 GMT Content-Encoding gzip Last-Modified Tue, 25 Oct 2022 13:45:16 GMT Server nginx ETag W/"6357e86c-d9" Transfer-Encoding chunked Content-Type text/css Connection keep-alive
GET H2	200	css fonts.googleapis.com/	4 KB 1004 B	226ms 83ms	Stylesheet text/css	2607:f8b0:4006:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C700&subset=latin%2Clatin-ext Requested by Host: thequirkyredhead.com URL: https://thequirkyredhead.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0b161bff030bb7d9d7128fd5902566ab087e590bc341fa81ff07205ae6d31b21 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thequirkyredhead.com/ Origin https://thequirkyredhead.com accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Tue, 09 Apr 2024 09:35:51 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 09 Apr 2024 08:26:00 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 09 Apr 2024 09:35:51 GMT
GET H/1.1	200 OK	style.css thequirkyredhead.com/wp-content/themes/iconic-one/	38 KB 10 KB	437ms 147ms	Stylesheet text/css	161.35.68.249 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://thequirkyredhead.com/wp-content/themes/iconic-one/style.css?ver=2.4 Requested by Host: thequirkyredhead.com URL: https://thequirkyredhead.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 161.35.68.249 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 37ca9a4ef271f1f315ede7bca42c0bd3a05692ec97053cbf9f3e7ea69eb16e45 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thequirkyredhead.com/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 09 Apr 2024 09:35:51 GMT Content-Encoding gzip Last-Modified Fri, 05 Aug 2022 15:41:34 GMT Server nginx ETag W/"62ed3a2e-9769" Transfer-Encoding chunked Content-Type text/css Cache-Control max-age=315360000 Connection keep-alive Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	custom.css thequirkyredhead.com/wp-content/themes/iconic-one/	69 B 405 B	437ms 148ms	Stylesheet text/css	161.35.68.249 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://thequirkyredhead.com/wp-content/themes/iconic-one/custom.css?ver=6.1.1 Requested by Host: thequirkyredhead.com URL: https://thequirkyredhead.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 161.35.68.249 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 14b9bdc15584540d4e072ff690279f5bc8b15df337b227115bb12af5acb2c704 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thequirkyredhead.com/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 09 Apr 2024 09:35:51 GMT Content-Encoding gzip Last-Modified Fri, 05 Aug 2022 15:41:34 GMT Server nginx ETag W/"62ed3a2e-45" Transfer-Encoding chunked Content-Type text/css Cache-Control max-age=315360000 Connection keep-alive Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	front.min.css thequirkyredhead.com/wp-content/plugins/cookie-notice/css/	7 KB 2 KB	438ms 146ms	Stylesheet text/css	161.35.68.249 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://thequirkyredhead.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=6.1.1 Requested by Host: thequirkyredhead.com URL: https://thequirkyredhead.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 161.35.68.249 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 8dbb3fbf6b9f43e7b8910762718dbae04c9a3bf59d129f400985defe7447e0dd Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thequirkyredhead.com/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 09 Apr 2024 09:35:51 GMT Content-Encoding gzip Last-Modified Mon, 15 Mar 2021 14:06:22 GMT Server nginx ETag W/"604f69de-1b2b" Transfer-Encoding chunked Content-Type text/css Cache-Control max-age=315360000 Connection keep-alive Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	wp-emoji-release.min.js Show response thequirkyredhead.com/wp-includes/js/	18 KB 5 KB	395ms 149ms	Script application/javascript	161.35.68.249 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://thequirkyredhead.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 Requested by Host: thequirkyredhead.com URL: https://thequirkyredhead.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 161.35.68.249 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thequirkyredhead.com/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 09 Apr 2024 09:35:51 GMT Content-Encoding gzip Last-Modified Tue, 12 Apr 2022 05:56:23 GMT Server nginx ETag W/"62551487-48b9" Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Connection keep-alive
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8e3fedd09ee84d4ca9937f76dd2c4c6e5099fe43567159ee35b832aa94baa0b7 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	64 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	autoptimize_4b42ff6f1d8466be6049b3b855346b18.js Show response thequirkyredhead.com/wp-content/cache/autoptimize/js/	19 KB 6 KB	167ms 150ms	Script application/javascript	161.35.68.249 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://thequirkyredhead.com/wp-content/cache/autoptimize/js/autoptimize_4b42ff6f1d8466be6049b3b855346b18.js Requested by Host: thequirkyredhead.com URL: https://thequirkyredhead.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 161.35.68.249 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 82fc77c68d15b86bc01a3c43135cd6528e31629509cc2ac4bdade4c122fa9d10 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thequirkyredhead.com/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 09 Apr 2024 09:35:51 GMT Content-Encoding gzip Last-Modified Fri, 05 Aug 2022 15:45:10 GMT Server nginx ETag W/"62ed3b06-4beb" Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Cache-Control max-age=315360000 Connection keep-alive Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	4iCs6KVjbNBYlgoKfw72.woff2 fonts.gstatic.com/s/ubuntu/v20/	34 KB 34 KB	402ms 144ms	Font font/woff2	2607:f8b0:4006:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C700&subset=latin%2Clatin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://fonts.googleapis.com/ Origin https://thequirkyredhead.com accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 07:47:44 GMT x-content-type-options nosniff age 524888 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34852 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:31:23 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 03 Apr 2025 07:47:44 GMT
GET H2	200	4iCv6KVjbNBYlgoCxCvjsGyN.woff2 fonts.gstatic.com/s/ubuntu/v20/	29 KB 30 KB	329ms 72ms	Font font/woff2	2607:f8b0:4006:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C700&subset=latin%2Clatin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://fonts.googleapis.com/ Origin https://thequirkyredhead.com accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 07:51:34 GMT x-content-type-options nosniff age 524658 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29752 x-xss-protection 0 last-modified Wed, 27 Apr 2022 17:05:11 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 03 Apr 2025 07:51:34 GMT
GET H2	200	4iCs6KVjbNBYlgoKew72j00.woff2 fonts.gstatic.com/s/ubuntu/v20/	20 KB 20 KB	425ms 184ms	Font font/woff2	2607:f8b0:4006:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKew72j00.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C700&subset=latin%2Clatin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f1400c92345dcd9dbf746acab2c60e8580aa959473e9e56c8772cadcf7734b76 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://fonts.googleapis.com/ Origin https://thequirkyredhead.com accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 09:12:19 GMT x-content-type-options nosniff age 519813 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20860 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:15:59 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 03 Apr 2025 09:12:19 GMT
GET H2	200	4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2 fonts.gstatic.com/s/ubuntu/v20/	18 KB 18 KB	445ms 209ms	Font font/woff2	2607:f8b0:4006:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C700&subset=latin%2Clatin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash caeaf02fa4a8a45438c270767c4e50fc7f3ed5f94a4c90984eaacb87c2e8a693 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://fonts.googleapis.com/ Origin https://thequirkyredhead.com accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 08:54:27 GMT x-content-type-options nosniff age 520885 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18200 x-xss-protection 0 last-modified Wed, 27 Apr 2022 17:10:53 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 03 Apr 2025 08:54:27 GMT
GET H2	200	4iCs6KVjbNBYlgoKcQ72j00.woff2 fonts.gstatic.com/s/ubuntu/v20/	46 KB 46 KB	421ms 225ms	Font font/woff2	2607:f8b0:4006:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKcQ72j00.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C700&subset=latin%2Clatin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d9086c8c2ed7c9f988d63847cd89e81318c1e4ade2112969af26e5744a3bc7d7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://fonts.googleapis.com/ Origin https://thequirkyredhead.com accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 07:53:15 GMT x-content-type-options nosniff age 524557 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46796 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:31:24 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 03 Apr 2025 07:53:15 GMT
GET H2	200	1f525.svg s.w.org/images/core/emoji/14.0.0/svg/	822 B 781 B	162ms 35ms	Image image/svg+xml	192.0.77.48 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://s.w.org/images/core/emoji/14.0.0/svg/1f525.svg Requested by Host: thequirkyredhead.com URL: https://thequirkyredhead.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS s.w.org Software nginx / Resource Hash 4fa646a4dbc10513ddeb70561789483638faf456e15186f4eb7291c5c455cbb6 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thequirkyredhead.com/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nc HIT mia 1 date Tue, 09 Apr 2024 09:35:52 GMT content-encoding br x-content-type-options nosniff last-modified Tue, 12 Apr 2022 03:47:50 GMT server nginx vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml access-control-allow-origin * access-control-allow-methods GET, HEAD cache-control max-age=315360000 alt-svc h3=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET		[post_image_first_3721] bonus-betting.ru/wp-content/uploads/2020/06/	0 0
GET		[post_image_first_3719] mostbet-me.club/wp-content/uploads/2019/07/	0 0
GET H/1.1	200 OK	bonus-mostbet-jpg thequirkyredhead.com/wp-content/uploads/2022/08/	62 KB 61 KB	163ms 159ms	Image image/jpeg	161.35.68.249 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://thequirkyredhead.com/wp-content/uploads/2022/08/bonus-mostbet-jpg Requested by Host: thequirkyredhead.com URL: https://thequirkyredhead.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 161.35.68.249 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash bd3ebc6719ff96128ed53106ec83c7ce9f4c5f9a91464903a8e278e1f2f416fd Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thequirkyredhead.com/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 09 Apr 2024 09:35:52 GMT Content-Encoding gzip Last-Modified Fri, 05 Aug 2022 16:02:40 GMT Server nginx ETag W/"62ed3f20-f9f4" Transfer-Encoding chunked Content-Type text/plain; charset=utf-8 Connection keep-alive
GET H/1.1	200 OK	cropped-mostbet-fav-jpg-32x32.jpg thequirkyredhead.com/wp-content/uploads/2023/04/	1 KB 1 KB	439ms 146ms	Other image/jpeg	161.35.68.249 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://thequirkyredhead.com/wp-content/uploads/2023/04/cropped-mostbet-fav-jpg-32x32.jpg Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 161.35.68.249 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 525eb3e723d5835ffe008ea04a4023418cd8ca87c6c196693cb705c62856075b Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://thequirkyredhead.com/ accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 09 Apr 2024 09:35:54 GMT Last-Modified Fri, 07 Apr 2023 13:31:16 GMT Server nginx ETag "64301b24-406" Content-Type image/jpeg Cache-Control max-age=315360000 Connection keep-alive Accept-Ranges bytes Content-Length 1030 Expires Thu, 31 Dec 2037 23:55:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

bonus-betting.ru

URL

https://bonus-betting.ru/wp-content/uploads/2020/06/[post_image_first_3721]

Domain

mostbet-me.club

URL

https://mostbet-me.club/wp-content/uploads/2019/07/[post_image_first_3719]

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings object| cnArgs object| lazyLoadOptions function| selectnav function| LazyLoad object| twemoji object| wp

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bonus-betting.ru
fonts.googleapis.com
fonts.gstatic.com
mostbet-me.club
s.w.org
thequirkyredhead.com
bonus-betting.ru
mostbet-me.club
161.35.68.249
192.0.77.48
2607:f8b0:4006:80b::200a
2607:f8b0:4006:81d::2003
0b161bff030bb7d9d7128fd5902566ab087e590bc341fa81ff07205ae6d31b21
14b9bdc15584540d4e072ff690279f5bc8b15df337b227115bb12af5acb2c704
24809861e5af1b3e7d0475b1b6ce11cb7ee5cfecc8d925efe6c4121d794bc4bb
37ca9a4ef271f1f315ede7bca42c0bd3a05692ec97053cbf9f3e7ea69eb16e45
4fa646a4dbc10513ddeb70561789483638faf456e15186f4eb7291c5c455cbb6
525eb3e723d5835ffe008ea04a4023418cd8ca87c6c196693cb705c62856075b
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
82fc77c68d15b86bc01a3c43135cd6528e31629509cc2ac4bdade4c122fa9d10
8dbb3fbf6b9f43e7b8910762718dbae04c9a3bf59d129f400985defe7447e0dd
8e3fedd09ee84d4ca9937f76dd2c4c6e5099fe43567159ee35b832aa94baa0b7
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
bd3ebc6719ff96128ed53106ec83c7ce9f4c5f9a91464903a8e278e1f2f416fd
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
caeaf02fa4a8a45438c270767c4e50fc7f3ed5f94a4c90984eaacb87c2e8a693
d9086c8c2ed7c9f988d63847cd89e81318c1e4ade2112969af26e5744a3bc7d7
f1400c92345dcd9dbf746acab2c60e8580aa959473e9e56c8772cadcf7734b76