www.candycelundbollinger.com Open in urlscan Pro
2606:4700:3034::ac43:8d2a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lifestylebycaroline.com/
Effective URL:
https://www.candycelundbollinger.com/
Submission: On April 14 via api (April 14th 2023, 1:24:40 pm UTC) from US — Scanned from DE

Summary HTTP 40 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 12 domains to perform 40 HTTP transactions. The main IP is 2606:4700:3034::ac43:8d2a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.candycelundbollinger.com.
TLS certificate: Issued by GTS CA 1P5 on April 11th 2023. Valid for: 3 months.

This is the only time www.candycelundbollinger.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::6815:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3035::ac43:c3a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3036::6815:23e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	2606:4700:303... 2606:4700:3034::ac43:8d2a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
9 9	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	192.0.72.31 192.0.72.31	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
4	104.248.145.66 104.248.145.66	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	68.183.227.182 68.183.227.182	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
40	11

1 2606:4700:3037::6815:17ea (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lifestylebycaroline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:c3a3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.urunlu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:23e8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.travelhungama.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3034::ac43:8d2a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.candycelundbollinger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a06:98c1:3121::3 (United States) 9 redirects

ASN13335 (CLOUDFLARENET, US)

opesia.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 192.0.72.31 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

opesia426175532.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.248.145.66 (Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)

104.248.145.66	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.183.227.182 (Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)

68.183.227.182	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	wordpress.com opesia426175532.files.wordpress.com — Cisco Umbrella Rank: 940559	4 MB
9	opesia.vip 9 redirects opesia.vip — Cisco Umbrella Rank: 796968	3 KB
8	candycelundbollinger.com 1 redirects www.candycelundbollinger.com	105 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 382	103 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	165 KB
3	gstatic.com fonts.gstatic.com	50 KB
2	blogspot.com 2.bp.blogspot.com — Cisco Umbrella Rank: 14781	484 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39 ajax.googleapis.com — Cisco Umbrella Rank: 323	32 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	303 B
1	travelhungama.com 1 redirects www.travelhungama.com	492 B
1	urunlu.com 1 redirects www.urunlu.com	483 B
1	lifestylebycaroline.com 1 redirects lifestylebycaroline.com	701 B
40	12

	Domain	Requested by
9	opesia426175532.files.wordpress.com	www.candycelundbollinger.com
9	opesia.vip	9 redirects
8	www.candycelundbollinger.com	1 redirects www.candycelundbollinger.com
5	cdn.ampproject.org	www.candycelundbollinger.com cdn.ampproject.org
3	www.googletagmanager.com	68.183.227.182 104.248.145.66 cdn.ampproject.org
3	fonts.gstatic.com	fonts.googleapis.com 68.183.227.182
2	2.bp.blogspot.com	www.candycelundbollinger.com
1	www.google-analytics.com	www.candycelundbollinger.com
1	ajax.googleapis.com	104.248.145.66
1	fonts.googleapis.com	www.candycelundbollinger.com
1	www.travelhungama.com	1 redirects
1	www.urunlu.com	1 redirects
1	lifestylebycaroline.com	1 redirects
40	13

This site contains links to these domains. Also see Links.

Domain
www.lisablower.com
www.bellowblue.com
chicagoalphabetsoup.com
opesia.vip
www.chicagoalphabetsoup.com
51.79.224.26

Subject Issuer	Validity	Valid
*.candycelundbollinger.com GTS CA 1P5	`2023-04-11` - `2023-07-10`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
104.248.145.66 ZeroSSL RSA Domain Secure Site CA	`2022-06-10` - `2023-06-10`	a year	crt.sh
68.183.227.182 ZeroSSL RSA Domain Secure Site CA	`2022-06-10` - `2023-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.candycelundbollinger.com/
Frame ID: C7DCBB595906F9E0D2E0067470021970
Requests: 30 HTTP requests in this frame

Frame: https://104.248.145.66/live-draw-togel/hk-live.php
Frame ID: 0652903A1FE3A055DEC2A072CC0A0E28
Requests: 6 HTTP requests in this frame

Frame: https://68.183.227.182/live-draw-togel/hk-live.php
Frame ID: 45B88910D77B5D093E678E8CD9CA395B
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Live Draw HK - Live HK - Live Hongkong - Live Result HK

Page URL History Show full URLs

http://lifestylebycaroline.com/ HTTP 301
https://www.urunlu.com/ HTTP 301
https://www.travelhungama.com/ HTTP 301
https://www.candycelundbollinger.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

75 %
HTTPS

79 %
IPv6

12
Domains

13
Subdomains

11
IPs

3
Countries

4817 kB
Transfer

5587 kB
Size

1
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.lisablower.com/
Title: Live Draw SDY

Search URL Search Domain Scan URL

URL: https://www.bellowblue.com/
Title: Live Draw SGP

Search URL Search Domain Scan URL

URL: http://chicagoalphabetsoup.com/
Title: DATA HK

Search URL Search Domain Scan URL

URL: https://opesia.vip/asikgroup/link/oritoto.php
Title: <img alt="" height="65" width="400" src="https://opesia.vip/asikgroup/oritoto.php">

Search URL Search Domain Scan URL

URL: https://opesia.vip/asikgroup/link/emastoto.php
Title: <img alt="" height="65" width="400" src="https://opesia.vip/asikgroup/emastoto.php">

Search URL Search Domain Scan URL

URL: https://www.chicagoalphabetsoup.com/live-draw-hk-live-hongkong-live-hk-live-result-hk/
Title: live draw hk

Search URL Search Domain Scan URL

URL: http://51.79.224.26/asikgroup/link/xrtoto.php

Search URL Search Domain Scan URL

URL: http://51.79.224.26/asikgroup/link/jos889.php

Search URL Search Domain Scan URL

URL: http://51.79.224.26/asikgroup/link/pusbet.php

Search URL Search Domain Scan URL

URL: http://51.79.224.26/asikgroup/link/paus4d.php

Search URL Search Domain Scan URL

URL: http://51.79.224.26/asikgroup/link/kastoto.php

Search URL Search Domain Scan URL

URL: http://51.79.224.26/asikgroup/link/isototo.php

Search URL Search Domain Scan URL

URL: http://51.79.224.26/asikgroup/link/168wbtoto.php

Search URL Search Domain Scan URL

URL: http://51.79.224.26/asikgroup/link/jajantogel.php

Search URL Search Domain Scan URL

URL: http://51.79.224.26/asikgroup/link/jostoto.php

Search URL Search Domain Scan URL

URL: http://51.79.224.26/asikgroup/link/slotgue.php

Search URL Search Domain Scan URL

URL: http://51.79.224.26/asikgroup/link/asiktoto.php

Search URL Search Domain Scan URL

URL: http://51.79.224.26/asikgroup/link/slotjos.php

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lifestylebycaroline.com/ HTTP 301
https://www.urunlu.com/ HTTP 301
https://www.travelhungama.com/ HTTP 301
https://www.candycelundbollinger.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.candycelundbollinger.com/wp-content/themes/frontier/includes/genericons/Genericons.eot HTTP 301
https://www.candycelundbollinger.com/

Request Chain 13

https://opesia.vip/asikgroup/oritoto.php HTTP 302
https://opesia426175532.files.wordpress.com/2023/03/oritoto-baru.gif

Request Chain 14

https://opesia.vip/asikgroup/emastoto.php HTTP 302
https://opesia426175532.files.wordpress.com/2023/03/728x90-logo-emas.gif

Request Chain 15

https://opesia.vip/asikgroup/xrtoto.php HTTP 302
https://opesia426175532.files.wordpress.com/2023/03/agen-togel-pasti-bayar-xrtoto.gif

Request Chain 19

https://opesia.vip/asikgroup/paus4d.php HTTP 302
https://opesia426175532.files.wordpress.com/2022/07/paus4d.webp

Request Chain 20

https://opesia.vip/asikgroup/kastoto.php HTTP 302
https://opesia426175532.files.wordpress.com/2022/03/baner-kastoto.gif

Request Chain 21

https://opesia.vip/asikgroup/isototo.php HTTP 302
https://opesia426175532.files.wordpress.com/2022/07/isototonew.webp

Request Chain 22

https://opesia.vip/asikgroup/wbtoto.php HTTP 302
https://opesia426175532.files.wordpress.com/2023/03/168wbtoto.gif

Request Chain 23

https://opesia.vip/asikgroup/jajantogel.php HTTP 302
https://opesia426175532.files.wordpress.com/2023/03/jajantonew.gif

Request Chain 24

https://opesia.vip/asikgroup/jostoto.php HTTP 302
https://opesia426175532.files.wordpress.com/2023/01/jostoto.gif

40 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.candycelundbollinger.com/
Redirect Chain

http://lifestylebycaroline.com/
https://www.urunlu.com/
https://www.travelhungama.com/
https://www.candycelundbollinger.com/

53 KB
12 KB

650ms
401ms

Document
text/html

2606:4700:3034::ac43:8d2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.candycelundbollinger.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:8d2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7b781c40dff9c84d147495b15e7ccff0af43ddf54cfb2048621311208f9214a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b7c45137c849bf8-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 14 Apr 2023 13:24:34 GMT
link: <https://www.candycelundbollinger.com/wp-json/>; rel="https://api.w.org/" <https://www.candycelundbollinger.com/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json" <https://www.candycelundbollinger.com/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAyPGGF6o9QgtUBz2DNiZURp94TS8QOfu377l5rkMizjFl09DBPpPno5SV1Fws78GqjVNR1O53%2BVTNmZMpyFlyvz294UDqqcNM7WXJaFjSQCIlYyO14Dn4m7gaG64cmPme9uhIizBpepg0wTurtO0T689vfR354rm%2BiL"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: amp_sanitizer;dur="33.6",amp_style_sanitizer;dur="12.9",amp_tag_and_attribute_sanitizer;dur="17.0",amp_optimizer;dur="4.2"
vary: Accept-Encoding
x-dns-prefetch-control: on
x-litespeed-cache: hit
x-turbo-charged-by: LiteSpeed

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b7c450f2be22ba3-FRA
content-type: text/html
date: Fri, 14 Apr 2023 13:24:34 GMT
location: https://www.candycelundbollinger.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKOmxT5RSs3SqzBdqsCk2o4RwE05niG2d25xfo0gqYQR%2FXLyWP7QnmCQ4e0D9JPEjVkBY8qh%2BviaZrd1KttZ5rHhkeOTPnmFSOJTzS%2FSLdLk1uSL5B%2BfMqXv4Oy6rr9JNAMNOexM3gD7CsajalvoovqRQTk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-turbo-charged-by: LiteSpeed

GET
H3

200

/
www.candycelundbollinger.com/
Redirect Chain

https://www.candycelundbollinger.com/wp-content/themes/frontier/includes/genericons/Genericons.eot
https://www.candycelundbollinger.com/

53 KB
12 KB

360ms
359ms

Font
text/html

2606:4700:3034::ac43:8d2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.candycelundbollinger.com/
Requested by: Host: www.candycelundbollinger.com
URL: https://www.candycelundbollinger.com/
Protocol: H3
Server: 2606:4700:3034::ac43:8d2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7b781c40dff9c84d147495b15e7ccff0af43ddf54cfb2048621311208f9214a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candycelundbollinger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 13:24:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-litespeed-cache: hit
x-dns-prefetch-control: on
vary: Accept-Encoding
content-type: text/html; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBJO%2BfrhQOazPH%2Bese%2BfRoVEKsZ68IPUQPoLDbpaIvsujfJ2D1VWLCo%2F%2FSLWleruDau0l27HE5rwEp7LSswvc3mjvxGvKIgNoYaRAW0D4La9p4a3INP2%2B4wuMNDpFRf2haiuxFv7Xn2L9MaLyi7Q4%2BU0Z5hgzOL%2BII7t"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
server-timing: amp_sanitizer;dur="33.6",amp_style_sanitizer;dur="12.9",amp_tag_and_attribute_sanitizer;dur="17.0",amp_optimizer;dur="4.2"
cf-ray: 7b7c45187c363667-FRA
link: <https://www.candycelundbollinger.com/wp-json/>; rel="https://api.w.org/", <https://www.candycelundbollinger.com/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://www.candycelundbollinger.com/>; rel=shortlink
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Fri, 14 Apr 2023 13:24:35 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-litespeed-cache: hit
x-dns-prefetch-control: on
server-timing
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: Origin,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jqnbxjsu7Vy4DZECEpTHeALCJKkOQ7%2FnkuSkHwyqnVqCWmCNZZC8sxXUmrndY5o1dWihhNB7nvdETlez7EMzzm9xIFNhcAlRsyQMKiHkN8xM152nq%2BacTkx4ovs1DQWYaYVRLFY9nT9CdXdiE59mpy82bDqcqkwWdDp8"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://www.candycelundbollinger.com
access-control-allow-origin: https://www.candycelundbollinger.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7c4516390e9bf8-FRA
link: <https://www.candycelundbollinger.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 Genericons.woff
www.candycelundbollinger.com/wp-content/themes/frontier/includes/genericons/ 14 KB
14 KB 526ms
522ms Font
font/woff 2606:4700:3034::ac43:8d2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.candycelundbollinger.com/wp-content/themes/frontier/includes/genericons/Genericons.woff
Requested by: Host: www.candycelundbollinger.com
URL: https://www.candycelundbollinger.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:8d2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7

Request headers

Referer: https://www.candycelundbollinger.com/
Origin: https://www.candycelundbollinger.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 13:24:35 GMT
cf-cache-status: MISS
last-modified: Sat, 15 Jan 2022 11:00:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCzaTEa6VPoD7o2MZZIBJUe72fs0DqedGgOklQpm%2F71P6lMX3TUGx%2BFQj%2BiW0qbdfO7a%2B8nSGNNsYUMFMzHwB23h9PfjVRC0TZ0mIMu5mXEoh4jHuXwXAkBMLbqXFTwr5T%2Fsi0c3RqVaEGjDT2YpaGe9v7OgmNHAX%2FDr"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=3600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7c451639079bf8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13988
expires: Fri, 14 Apr 2023 14:24:35 GMT

GET
H2 200 Genericons.svg
www.candycelundbollinger.com/wp-content/themes/frontier/includes/genericons/ 75 KB
23 KB 369ms
366ms Font
image/svg+xml 2606:4700:3034::ac43:8d2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.candycelundbollinger.com/wp-content/themes/frontier/includes/genericons/Genericons.svg
Requested by: Host: www.candycelundbollinger.com
URL: https://www.candycelundbollinger.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:8d2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 306eb5338cdfb6df6b243aa37a8236bd291ec546c57bd8a439c0fc7aedc00534

Request headers

Referer: https://www.candycelundbollinger.com/
Origin: https://www.candycelundbollinger.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 13:24:35 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 15 Jan 2022 11:00:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVl3JwpuceXVVNGqH%2FrAhc%2FoGRP9B2uewOPB94C7MxAqR%2FnQDPg1BttX5QjYooyvIkotZaeIESvmD11xCB%2Bs6ySJj3Lgd4DbY6mcGIYPTzTMd0czdtcRaQxpXPZDd%2BHoeYOJV%2BwD8YBJQWWTsPdMGgZwIxQoPJHEgRPr"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=3600
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7c4516390b9bf8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 14 Apr 2023 14:24:35 GMT

GET
H2 200 v0.mjs Show response
cdn.ampproject.org/ 222 KB
63 KB 89ms
31ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.mjs

Requested by

Host: www.candycelundbollinger.com
URL: https://www.candycelundbollinger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b11ac123f3ce2903be0e8e462a28d06e3f8d60e9ffc749baee2aea3aaffb5049

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.candycelundbollinger.com/
Origin: https://www.candycelundbollinger.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 14 Apr 2023 13:24:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63246
x-xss-protection: 0
server: sffe
etag: "e394159d784d318e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Apr 2023 13:24:34 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/v0/ 94 KB
28 KB 95ms
37ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.mjs

Requested by

Host: www.candycelundbollinger.com
URL: https://www.candycelundbollinger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5dd2ac3ceda8389075c7914f1978c7ee17035643d0f09f893d9676dc3c29661

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.candycelundbollinger.com/
Origin: https://www.candycelundbollinger.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 14 Apr 2023 13:24:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28934
x-xss-protection: 0
server: sffe
etag: "8a44658dfe930e75"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Apr 2023 13:24:34 GMT

GET
H2 200 amp-iframe-0.1.mjs Show response
cdn.ampproject.org/v0/ 20 KB
7 KB 301ms
244ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-iframe-0.1.mjs

Requested by

Host: www.candycelundbollinger.com
URL: https://www.candycelundbollinger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d09eb72d6271d323bbe0a961f68c08d151a24697bfa46c345a74afae01fb0c9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.candycelundbollinger.com/
Origin: https://www.candycelundbollinger.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 14 Apr 2023 13:24:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7411
x-xss-protection: 0
server: sffe
etag: "34ad05d98249dbc1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Apr 2023 13:24:35 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 91ms
35ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.2

Requested by

Host: www.candycelundbollinger.com
URL: https://www.candycelundbollinger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ba8b8e17065c4f7ce08389f7b06fc592d5c984e35b7edb681679ec8e0adab45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.candycelundbollinger.com/
Origin: https://www.candycelundbollinger.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Apr 2023 13:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 12:04:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Apr 2023 13:24:34 GMT

GET
H2 200 LOGO-LIVE-DRAW-HK.png
www.candycelundbollinger.com/wp-content/uploads/2022/01/ 41 KB
42 KB 354ms
354ms Image
image/png 2606:4700:3034::ac43:8d2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.candycelundbollinger.com/wp-content/uploads/2022/01/LOGO-LIVE-DRAW-HK.png
Requested by: Host: www.candycelundbollinger.com
URL: https://www.candycelundbollinger.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:8d2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6d424db123df97ca0f51c84af0171d449beeaa25a438a6121fd2d506aec7721

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candycelundbollinger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 13:24:35 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 15 Jan 2022 21:09:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9D7kqaJdS1gPicoXlvnIcwtZOJnlClNRnJLdkWGpUBHL8HiNOvWVBuiLstzDcF%2BBwJPOe9ZQwHCjKOBzZ%2Bv5MCWpl%2FQgeJMQ%2FLxBUX%2Br1O50ABmLvndTSxntvOwDe9%2BiGFl5GNAgKy%2FNIPLUFGX88VUDZQTBGu%2BAZjZb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=3600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7c451649379bf8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42176
expires: Fri, 14 Apr 2023 14:24:35 GMT

GET
DATA 200
OK truncated
/ 80 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b863557c3c90b3dd6de9d4fef60980ed9878adb80782e81c3e4d0dda5fd74bef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 79 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77e2eacc02538ef378c0397b30b1f412671d4d38d491e2d621ad4264e326d52f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 honeycomb.png
www.candycelundbollinger.com/wp-content/themes/frontier/images/ 265 B
841 B 367ms
366ms Image
image/png 2606:4700:3034::ac43:8d2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.candycelundbollinger.com/wp-content/themes/frontier/images/honeycomb.png
Requested by: Host: www.candycelundbollinger.com
URL: https://www.candycelundbollinger.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:8d2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ff46b82c72bcf5b303048058fff29bbc9a760a0fd65c75682b45c43ddfab637

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candycelundbollinger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 13:24:35 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 15 Jan 2022 11:00:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PEdPSznRc6BZ4q4dZXTt6QQCxblhy5Gm89hlSGAO0f26ah9inawVa4cDWeD3ehn%2Fz7gPbGF6AFocqBxOD1LqnHILfFr7exBmV3%2BajoTFsGqfn2O8wBZUWvH08cm3P2AdhCxH77bsEZceN%2BcQ21BN%2BCxT60U8T93cYUtf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=3600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7c4516c9543667-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 265
expires: Fri, 14 Apr 2023 14:24:35 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
16 KB 78ms
23ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.candycelundbollinger.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 21:12:13 GMT
x-content-type-options: nosniff
age: 58342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Apr 2024 21:12:13 GMT

GET
H2 200 P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v27/ 18 KB
18 KB 84ms
29ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.candycelundbollinger.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:49:24 GMT
x-content-type-options: nosniff
age: 268511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18260
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 21:03:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:49:24 GMT

GET
H2

200

oritoto-baru.gif
opesia426175532.files.wordpress.com/2023/03/
Redirect Chain

https://opesia.vip/asikgroup/oritoto.php
https://opesia426175532.files.wordpress.com/2023/03/oritoto-baru.gif

1 MB
1 MB

110ms
23ms

Image
image/webp

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opesia426175532.files.wordpress.com/2023/03/oritoto-baru.gif

Requested by

Host: www.candycelundbollinger.com
URL: https://www.candycelundbollinger.com/

Protocol

Server

192.0.72.31 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fec2d6e470fc8a384a260c34de6bd2991ce6e10dff70a6de5919ded17e9972e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candycelundbollinger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Fri, 14 Apr 2023 13:24:35 GMT
x-content-type-options: nosniff, nosniff
last-modified: Fri, 03 Mar 2023 07:30:27 GMT
server: nginx
x-orig-src: 0_imageresize
vary: Accept, Origin
content-type: image/webp
access-control-allow-origin: https://opesia426175532.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 1324098
expires: Sun, 23 Apr 2023 15:54:36 GMT

Redirect headers

date: Fri, 14 Apr 2023 13:24:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJzhGKY0ARjUCgoqGSCojfwBMAN93jlwzwcI9KWD671Ecawum3HLzYAziLm7hcsi7EkRTACCGoY9yoCrcytIBUNeQ8HQ4yftT8IjMJHv2DcnvEkfNnCIykrzzOqm%2FA1NoU%2B2iqIFU%2Fbu"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://opesia426175532.files.wordpress.com/2023/03/oritoto-baru.gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7c4517edd52be4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

728x90-logo-emas.gif
opesia426175532.files.wordpress.com/2023/03/
Redirect Chain

https://opesia.vip/asikgroup/emastoto.php
https://opesia426175532.files.wordpress.com/2023/03/728x90-logo-emas.gif

344 KB
345 KB

102ms
24ms

Image
image/webp

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opesia426175532.files.wordpress.com/2023/03/728x90-logo-emas.gif

Requested by

Host: www.candycelundbollinger.com
URL: https://www.candycelundbollinger.com/

Protocol

Server

192.0.72.31 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bd9b09c066c9e16d61c769df412f48bcf27744b788c0d426ed132ceb60be7ac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candycelundbollinger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Fri, 14 Apr 2023 13:24:35 GMT
x-content-type-options: nosniff, nosniff
last-modified: Fri, 03 Mar 2023 07:30:23 GMT
server: nginx
x-orig-src: 0_imageresize
vary: Accept, Origin
content-type: image/webp
access-control-allow-origin: https://opesia426175532.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 352456
expires: Wed, 19 Apr 2023 09:45:04 GMT

Redirect headers

date: Fri, 14 Apr 2023 13:24:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NkBWECf5c%2B7oAbUjYdV5gdmH6LjZK9ui9gIdeMkEAUP1BDT%2BuXA5zRni3VPKASg0kb1AiE4ANSoSDnpQu%2FCKQxU601Txpc728q4RZBnpqpISkVwEcsemE0xkUdOqHI5qKOaMqHhiLFmQ"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://opesia426175532.files.wordpress.com/2023/03/728x90-logo-emas.gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7c45181e222be4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

agen-togel-pasti-bayar-xrtoto.gif
opesia426175532.files.wordpress.com/2023/03/
Redirect Chain

https://opesia.vip/asikgroup/xrtoto.php
https://opesia426175532.files.wordpress.com/2023/03/agen-togel-pasti-bayar-xrtoto.gif

211 KB
211 KB

101ms
24ms

Image
image/webp

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opesia426175532.files.wordpress.com/2023/03/agen-togel-pasti-bayar-xrtoto.gif

Requested by

Host: www.candycelundbollinger.com
URL: https://www.candycelundbollinger.com/

Protocol

Server

192.0.72.31 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2430c58dd3f0910bb8ff4dc5fd3811fcf7312cbf4db6cd97b03136567c4e0d12

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candycelundbollinger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Fri, 14 Apr 2023 13:24:35 GMT
x-content-type-options: nosniff, nosniff
last-modified: Thu, 02 Mar 2023 15:13:54 GMT
server: nginx
x-orig-src: 0_imageresize
vary: Accept, Origin
content-type: image/webp
access-control-allow-origin: https://opesia426175532.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 215576
expires: Wed, 26 Apr 2023 16:52:21 GMT

Redirect headers

date: Fri, 14 Apr 2023 13:24:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TuIlM0S%2Ftfg%2Bkjj2rUGc0p%2FuH4ffHKMKzM4PKijAAQ7Xcl%2F%2BtTwqd9gFOi0bhLWbIgesZiiBRaVp%2Fj9CHrYiCqKg3PSpDKPQMBq1NeC0qQpd7EcPlbEI6YmOr9XXrn4qlPKWc5TvaIQI"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://opesia426175532.files.wordpress.com/2023/03/agen-togel-pasti-bayar-xrtoto.gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7c45181e242be4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 loadbg.png
www.candycelundbollinger.com/ 83 B
624 B 362ms
361ms Image
image/png 2606:4700:3034::ac43:8d2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.candycelundbollinger.com/loadbg.png
Requested by: Host: www.candycelundbollinger.com
URL: https://www.candycelundbollinger.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:8d2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4c4fb9f515227ca57188f7ee25677745da5cf274cb1e99a27860a1ea8321ce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candycelundbollinger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 13:24:35 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 28 Oct 2022 07:23:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Op8hbUQ368aGPDsmbhKgZ2n4A12ErGj1ogl%2FR6NnWEnklsCw8zInIsZ%2FK9UU5O1kf9YegJUTfuCue16O8DT%2BJ2hxYfG513UwOFF7udJc2CXulqPGUkC4St2LQ%2BPLhgyvfmUNnmPfgKJHczhTfP8RZbOFTvBnwJEztea6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=3600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7b7c45177a873667-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83
expires: Fri, 14 Apr 2023 14:24:35 GMT

GET
H2 200 jos889.gif
2.bp.blogspot.com/-mjInHfNHxyU/YNNownFEjUI/AAAAAAAAo6w/DSboM58ivwsRikzj54zJaCEozUohDAlgACNcBGAsYHQ/s0/ 274 KB
274 KB 202ms
144ms Image
image/gif 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-mjInHfNHxyU/YNNownFEjUI/AAAAAAAAo6w/DSboM58ivwsRikzj54zJaCEozUohDAlgACNcBGAsYHQ/s0/jos889.gif

Requested by

Host: www.candycelundbollinger.com
URL: https://www.candycelundbollinger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0d7e2068ee285323757ae08607908597c35f1d2ac1701cbb9b8fdfab273a9b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candycelundbollinger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 13:24:35 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="jos889.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 280790
x-xss-protection: 0
server: fife
etag: "va3ad"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 15 Apr 2023 13:24:35 GMT

GET
H2 200 PUSBET%2BSitus%2Bjudi%2BTogel%2Bonline%2Bterpercaya.gif
2.bp.blogspot.com/-d_qLmtPe8EY/YNNpSD4GFjI/AAAAAAAAo64/jzHQuXcMKFkSkCfCG6zBSgcS1Ssm5EDhQCNcBGAsYHQ/s0/ 209 KB
210 KB 84ms
26ms Image
image/gif 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-d_qLmtPe8EY/YNNpSD4GFjI/AAAAAAAAo64/jzHQuXcMKFkSkCfCG6zBSgcS1Ssm5EDhQCNcBGAsYHQ/s0/PUSBET%2BSitus%2Bjudi%2BTogel%2Bonline%2Bterpercaya.gif

Requested by

Host: www.candycelundbollinger.com
URL: https://www.candycelundbollinger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0e42adefe0adaa5f3a76f85c3b0f20d0e2ce56720e4f102cbb30dbaa0fbb8062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candycelundbollinger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 11:16:51 GMT
x-content-type-options: nosniff
age: 7664
content-disposition: inline;filename="PUSBET Situs judi Togel online terpercaya.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 214162
x-xss-protection: 0
server: fife
etag: "va3af"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 15 Apr 2023 11:16:51 GMT

GET
H2

200

paus4d.webp
opesia426175532.files.wordpress.com/2022/07/
Redirect Chain

https://opesia.vip/asikgroup/paus4d.php
https://opesia426175532.files.wordpress.com/2022/07/paus4d.webp

486 KB
487 KB

109ms
24ms

Image
image/webp

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opesia426175532.files.wordpress.com/2022/07/paus4d.webp

Requested by

Host: www.candycelundbollinger.com
URL: https://www.candycelundbollinger.com/

Protocol

Server

192.0.72.31 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c6c3e0c966597637a8af5fd48bbe050b12bdc8c76c72e4fe63ee8f5bd2a472fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candycelundbollinger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Fri, 14 Apr 2023 13:24:35 GMT
x-content-type-options: nosniff, nosniff
last-modified: Sat, 02 Jul 2022 09:14:35 GMT
server: nginx
x-orig-src: 0_imageresize
vary: Accept, Origin
content-type: image/webp
access-control-allow-origin: https://opesia426175532.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 497598
expires: Mon, 24 Apr 2023 19:21:19 GMT

Redirect headers

date: Fri, 14 Apr 2023 13:24:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMn%2FCv9qJYWXDcesFN8WkOY35lBHWSjVpC1GpDTfNJY9yWc1cZMnXuRBKZSFWqSfjnFiSM8fy%2BELkNdgPWybMRRtW6CY4%2Bl5B2cf6P5x8i%2FPFIyrx1mgQO97bJAHyLgmuRkkWyGynmQt"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://opesia426175532.files.wordpress.com/2022/07/paus4d.webp
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7c45181e272be4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

baner-kastoto.gif
opesia426175532.files.wordpress.com/2022/03/
Redirect Chain

https://opesia.vip/asikgroup/kastoto.php
https://opesia426175532.files.wordpress.com/2022/03/baner-kastoto.gif

132 KB
133 KB

145ms
64ms

Image
image/webp

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opesia426175532.files.wordpress.com/2022/03/baner-kastoto.gif

Requested by

Host: www.candycelundbollinger.com
URL: https://www.candycelundbollinger.com/

Protocol

Server

192.0.72.31 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b6900dd8c06b86101bc1a7512d656219477cca98e600685e36711ee6fe2bb3bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candycelundbollinger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Fri, 14 Apr 2023 13:24:35 GMT
x-content-type-options: nosniff, nosniff
last-modified: Wed, 02 Mar 2022 04:00:34 GMT
server: nginx
x-orig-src: 0_imageresize
vary: Accept, Origin
content-type: image/webp
access-control-allow-origin: https://opesia426175532.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 135552
expires: Tue, 25 Apr 2023 19:53:00 GMT

Redirect headers

date: Fri, 14 Apr 2023 13:24:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cnpB6kl3ZkigHaAbFcWuDjdphMEOCKV5QeMnWTB4C1QNk%2FfsBGQ0Yb6GwHt599vurX6cqNJxrvexYGg8h4SAxVGB2P5%2BgOwbNtnZXEeXy9U3JhcPsuXVYM9E6YHnJXNg6Zkrwo3R2Hcp"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://opesia426175532.files.wordpress.com/2022/03/baner-kastoto.gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7c45181e292be4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

isototonew.webp
opesia426175532.files.wordpress.com/2022/07/
Redirect Chain

https://opesia.vip/asikgroup/isototo.php
https://opesia426175532.files.wordpress.com/2022/07/isototonew.webp

406 KB
407 KB

123ms
64ms

Image
image/webp

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opesia426175532.files.wordpress.com/2022/07/isototonew.webp

Requested by

Host: www.candycelundbollinger.com
URL: https://www.candycelundbollinger.com/

Protocol

Server

192.0.72.31 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8487077fae34a5966d94ebfc94ced36619901e7351b1516a66c0fd7867f3632e

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candycelundbollinger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Fri, 14 Apr 2023 13:24:35 GMT
x-content-type-options: nosniff, nosniff
last-modified: Sat, 02 Jul 2022 09:14:28 GMT
server: nginx
x-orig-src: 0_imageresize
vary: Accept, Origin
content-type: image/webp
access-control-allow-origin: https://opesia426175532.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 415904
expires: Thu, 20 Apr 2023 10:37:41 GMT

Redirect headers

date: Fri, 14 Apr 2023 13:24:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPRV8BqZA6phehD9HlIPpM1ifQ7vjeaNEZAyxZApi93xTsgWvOmxQRWFCUSiVpQZybVhU3xCbnqxy3TcZZC6sLXZz3PQy73ChGpQeAGMJAfVjuirOEVLjz7GlBOXbK5CKuMMSh1lFRf0"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://opesia426175532.files.wordpress.com/2022/07/isototonew.webp
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7c45183e652be4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

168wbtoto.gif
opesia426175532.files.wordpress.com/2023/03/
Redirect Chain

https://opesia.vip/asikgroup/wbtoto.php
https://opesia426175532.files.wordpress.com/2023/03/168wbtoto.gif

411 KB
412 KB

128ms
65ms

Image
image/webp

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opesia426175532.files.wordpress.com/2023/03/168wbtoto.gif

Requested by

Host: www.candycelundbollinger.com
URL: https://www.candycelundbollinger.com/

Protocol

Server

192.0.72.31 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0644c0c4bad1548db968b38d4cb0f7f9b8457eb0bbdc9122dd1bb1f24b3f4410

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candycelundbollinger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Fri, 14 Apr 2023 13:24:35 GMT
x-content-type-options: nosniff, nosniff
last-modified: Thu, 02 Mar 2023 15:13:51 GMT
server: nginx
x-orig-src: 0_imageresize
vary: Accept, Origin
content-type: image/webp
access-control-allow-origin: https://opesia426175532.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 420944
expires: Tue, 25 Apr 2023 10:15:05 GMT

Redirect headers

date: Fri, 14 Apr 2023 13:24:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQ8mEmYwIKr0Y2Dpr3%2BEkk2Phfsek6EPlxtKDZamrJ5l5lhe1JqpECWVfs%2BtLyiH8FIeV1yK8ORDkxrHWZ6KjVRB2FAonGMO7MoB6vCN4ZkV3gJThI4CVbdtVcbg5zcWNRbC0tJkr5So"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://opesia426175532.files.wordpress.com/2023/03/168wbtoto.gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7c45183e6a2be4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

jajantonew.gif
opesia426175532.files.wordpress.com/2023/03/
Redirect Chain

https://opesia.vip/asikgroup/jajantogel.php
https://opesia426175532.files.wordpress.com/2023/03/jajantonew.gif

329 KB
330 KB

121ms
65ms

Image
image/webp

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opesia426175532.files.wordpress.com/2023/03/jajantonew.gif

Requested by

Host: www.candycelundbollinger.com
URL: https://www.candycelundbollinger.com/

Protocol

Server

192.0.72.31 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c66f9ccdae5409140699c346e667fd45a7b8c8e0f36820a02c1aed22e31b811b

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candycelundbollinger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Fri, 14 Apr 2023 13:24:35 GMT
x-content-type-options: nosniff, nosniff
last-modified: Wed, 01 Mar 2023 10:51:28 GMT
server: nginx
x-orig-src: 0_imageresize
vary: Accept, Origin
content-type: image/webp
access-control-allow-origin: https://opesia426175532.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 336954
expires: Sun, 16 Apr 2023 20:41:03 GMT

Redirect headers

date: Fri, 14 Apr 2023 13:24:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHlMo96YMqLUovMQWOybkt%2Bn1SLJ2cziVBrl2uwKSAunk0e55RekcsSsnfc%2FnIG1wYiYyspxx%2FkCacoeMXkiJqT4iMUq7sSAkFvJGFJdEQ8bWJRnElGi1tMXzM4XmWa4mWtYgLaWisj7"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://opesia426175532.files.wordpress.com/2023/03/jajantonew.gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7c45183e6c2be4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

jostoto.gif
opesia426175532.files.wordpress.com/2023/01/
Redirect Chain

https://opesia.vip/asikgroup/jostoto.php
https://opesia426175532.files.wordpress.com/2023/01/jostoto.gif

153 KB
153 KB

85ms
24ms

Image
image/webp

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opesia426175532.files.wordpress.com/2023/01/jostoto.gif

Requested by

Host: www.candycelundbollinger.com
URL: https://www.candycelundbollinger.com/

Protocol

Server

192.0.72.31 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

04278b0c0d9a75d0e67f42781ee3a76f27245c4d70667f8eb0f5c4b47f0890df

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candycelundbollinger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Fri, 14 Apr 2023 13:24:35 GMT
x-content-type-options: nosniff, nosniff
last-modified: Fri, 06 Jan 2023 14:36:07 GMT
server: nginx
x-orig-src: 0_imageresize
vary: Accept, Origin
content-type: image/webp
access-control-allow-origin: https://opesia426175532.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 156578
expires: Wed, 17 May 2023 18:55:14 GMT

Redirect headers

date: Fri, 14 Apr 2023 13:24:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BgPvmCWwNuzMxLCTw0j7aAEbiGA8K5sCEHwXmV2CVT6qrpjc5RQzK8t2gcSKH4%2FnKAsNkYGwPAwSpTDMjWa8K%2FXEZiA3aXLA4jQqWWiv%2BSnjp%2FsA5qJI63mFzwvZtzRw6JR3H8ALDjev"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://opesia426175532.files.wordpress.com/2023/01/jostoto.gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 7b7c45183e702be4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 amp-loader-0.1.mjs Show response
cdn.ampproject.org/rtv/012303231800000/v0/ 12 KB
4 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012303231800000/v0/amp-loader-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e08eaceaad96cc6fe31dc75b73e4a14604b5188093deffe114fe1ce7d9917095

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.candycelundbollinger.com/
Origin: https://www.candycelundbollinger.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 11 Apr 2023 22:17:13 GMT
age: 227242
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3905
x-xss-protection: 0
server: sffe
etag: "7799f822149367e2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 10 Apr 2024 22:17:13 GMT

GET
H2 200 hk-live.php Show response
104.248.145.66/live-draw-togel/ Frame 0652 3 KB
1 KB 813ms
275ms Document
text/html 104.248.145.66
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://104.248.145.66/live-draw-togel/hk-live.php
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.mjs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.248.145.66 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: defbe9c943aa7411f3373a5ebf6f499b277d39af85427f549e1df0b35421b48d

Request headers

Referer: https://www.candycelundbollinger.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 14 Apr 2023 13:24:35 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 hk-live.php Show response
68.183.227.182/live-draw-togel/ Frame 45B8 4 KB
1 KB 811ms
275ms Document
text/html 68.183.227.182
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://68.183.227.182/live-draw-togel/hk-live.php
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.mjs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.183.227.182 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: ddfe27bbf76282d2559098f15b80ff1528e2a58fcfee23ceee270c4bafd09520

Request headers

Referer: https://www.candycelundbollinger.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 14 Apr 2023 13:24:35 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 45B8 242 KB
82 KB 151ms
88ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TPCK65VE3H

Requested by

Host: 68.183.227.182
URL: https://68.183.227.182/live-draw-togel/hk-live.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f70c9542cff30051b6e9aa912bc93196ae0cabd37bf272f31a5a060ac11b69b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://68.183.227.182/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 13:24:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83961
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 14 Apr 2023 13:24:36 GMT

GET
H2 200 style.css
68.183.227.182/asset/ Frame 45B8 7 KB
2 KB 270ms
269ms Stylesheet
text/css 68.183.227.182
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://68.183.227.182/asset/style.css
Requested by: Host: 68.183.227.182
URL: https://68.183.227.182/live-draw-togel/hk-live.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.183.227.182 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8b7450b38188554057bacf16d9e384e09f6ce5b458877d5b86e4f4fd62c2972b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://68.183.227.182/live-draw-togel/hk-live.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 13:24:36 GMT
content-encoding: gzip
last-modified: Sun, 19 Feb 2023 16:25:24 GMT
server: nginx
etag: W/"63f24d74-1adf"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo-hongkong.png
68.183.227.182/asset/logo-pasaran/ Frame 45B8 14 KB
15 KB 531ms
531ms Image
image/png 68.183.227.182
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://68.183.227.182/asset/logo-pasaran/logo-hongkong.png
Requested by: Host: 68.183.227.182
URL: https://68.183.227.182/live-draw-togel/hk-live.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.183.227.182 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 05e0c3c1c0901db7a1076e2160993987e9efe89b62ad5fdc8005417fec6eb722

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://68.183.227.182/live-draw-togel/hk-live.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 13:24:36 GMT
last-modified: Sun, 19 Feb 2023 16:25:26 GMT
server: nginx
etag: "63f24d76-3989"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 14729
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo-masterlive.png
68.183.227.182/asset/ Frame 45B8 49 KB
49 KB 1067ms
1067ms Image
image/png 68.183.227.182
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://68.183.227.182/asset/logo-masterlive.png
Requested by: Host: 68.183.227.182
URL: https://68.183.227.182/live-draw-togel/hk-live.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.183.227.182 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 31feb4c6f13813183f5655f150452dac27c035a6f0dd18c4d7db937418e0c18b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://68.183.227.182/live-draw-togel/hk-live.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 13:24:36 GMT
last-modified: Sun, 19 Feb 2023 16:25:24 GMT
server: nginx
etag: "63f24d74-c26b"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 49771
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 0652 242 KB
82 KB 104ms
47ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KEY0SJDS4D

Requested by

Host: 104.248.145.66
URL: https://104.248.145.66/live-draw-togel/hk-live.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4a989dfae9d5850223c25e85a1d1f5edd551fca26fa7bfd4083e2e780e046907

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://104.248.145.66/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 13:24:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83853
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 14 Apr 2023 13:24:36 GMT

GET
H2 200 StyleLDNew.css
104.248.145.66/live-draw-togel/ Frame 0652 6 KB
2 KB 274ms
273ms Stylesheet
text/css 104.248.145.66
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://104.248.145.66/live-draw-togel/StyleLDNew.css
Requested by: Host: 104.248.145.66
URL: https://104.248.145.66/live-draw-togel/hk-live.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.248.145.66 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 132169bc9bb4880f058aaf51427a1db31c7d60a28bfe66074fae72c76d323a52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://104.248.145.66/live-draw-togel/hk-live.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 13:24:36 GMT
content-encoding: gzip
last-modified: Wed, 15 Feb 2023 13:18:36 GMT
server: nginx
etag: W/"63ecdbac-19de"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame 0652 87 KB
31 KB 84ms
23ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: 104.248.145.66
URL: https://104.248.145.66/live-draw-togel/hk-live.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://104.248.145.66/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:57:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 264438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 11:57:18 GMT

GET
H2 200 hk-flag.webp
104.248.145.66/Flag/ Frame 0652 8 KB
9 KB 270ms
269ms Image
image/webp 104.248.145.66
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://104.248.145.66/Flag/hk-flag.webp
Requested by: Host: 104.248.145.66
URL: https://104.248.145.66/live-draw-togel/hk-live.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.248.145.66 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: c443c2f898009daf7fd8728a45b428fd931c71fe4c176947d9c3f2bb3b8118a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://104.248.145.66/live-draw-togel/hk-live.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 13:24:36 GMT
last-modified: Wed, 15 Feb 2023 13:18:39 GMT
server: nginx
etag: "63ecdbaf-21be"
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 8638
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 livedrawpedia-logo.png
104.248.145.66/Flag/ Frame 0652 29 KB
29 KB 420ms
420ms Image
image/png 104.248.145.66
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://104.248.145.66/Flag/livedrawpedia-logo.png
Requested by: Host: 104.248.145.66
URL: https://104.248.145.66/live-draw-togel/hk-live.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.248.145.66 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: cb19992ec31424954f8e901f6e04f159f9733450e6c0818e5ced444669acdd55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://104.248.145.66/live-draw-togel/hk-live.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 13:24:36 GMT
last-modified: Wed, 15 Feb 2023 13:18:39 GMT
server: nginx
etag: "63ecdbaf-730e"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 29454
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 gtag.json Show response
cdn.ampproject.org/rtv/012303231800000/v0/analytics-vendors/ 2 KB
931 B 25ms
24ms Fetch
application/json 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012303231800000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.candycelundbollinger.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 11 Apr 2023 22:17:17 GMT
age: 227239
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 901
x-xss-protection: 0
server: sffe
etag: "7beefd2e90bf2869"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 10 Apr 2024 22:17:17 GMT

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 883 B
707 B 48ms
48ms Fetch
application/json 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.candycelundbollinger.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1ebf79fb0b7c503a6b2708bf72f573feae3dfafd34cb4e5853f4e7f7b77501ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.candycelundbollinger.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Fri, 14 Apr 2023 13:24:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 387
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://www.candycelundbollinger.com
server: Google Tag Manager
vary: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.candycelundbollinger.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v40/ Frame 45B8 16 KB
16 KB 31ms
31ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v40/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Requested by

Host: 68.183.227.182
URL: https://68.183.227.182/asset/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76db825b68979b9ea6cc55fa14373b7bf5e3beb7388cd2efa485938bb2a389fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://68.183.227.182/
Origin: https://68.183.227.182
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 21:34:05 GMT
x-content-type-options: nosniff
age: 229831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16016
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:16:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 21:34:05 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
303 B 90ms
31ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=Live%20Draw%20HK%20-%20Live%20HK%20-%20Live%20Hongkong%20-%20Live%20Result%20HK&sr=1600x1200&cid=amp-bOLY0zkJyuIQSluys5Wp6A&tid=UA-222734459-1&dl=https%3A%2F%2Fwww.candycelundbollinger.com%2F&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.526827058796473&gjid=0.6392825841645853&_r=1&a=9193&z=0.9050376130157907&gtm=45De000

Requested by

Host: www.candycelundbollinger.com
URL: https://www.candycelundbollinger.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.candycelundbollinger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 13:24:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.candycelundbollinger.com/	1970-01-20 19:50:14	Name: _ga Value: amp-bOLY0zkJyuIQSluys5Wp6A

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.mjs(Line 1) Message: Error while parsing the 'sandbox' attribute: 'disallow-navigation' is an invalid sandbox flag.
other	error	URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.mjs(Line 1) Message: Error while parsing the 'sandbox' attribute: 'disallow-navigation' is an invalid sandbox flag.
security	warning	URL: https://68.183.227.182/live-draw-togel/hk-live.php#amp=1 Message: Mixed Content: The page at 'https://68.183.227.182/live-draw-togel/hk-live.php#amp=1' was loaded over HTTPS, but requested an insecure element 'https://68.183.227.182/asset/logo-pasaran/logo-hongkong.png'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://68.183.227.182/live-draw-togel/hk-live.php#amp=1 Message: Mixed Content: The page at 'https://68.183.227.182/live-draw-togel/hk-live.php#amp=1' was loaded over HTTPS, but requested an insecure element 'https://68.183.227.182/asset/logo-masterlive.png'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://104.248.145.66/live-draw-togel/hk-live.php#amp=1 Message: Mixed Content: The page at 'https://104.248.145.66/live-draw-togel/hk-live.php#amp=1' was loaded over HTTPS, but requested an insecure element 'https://104.248.145.66/Flag/hk-flag.webp'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://104.248.145.66/live-draw-togel/hk-live.php#amp=1 Message: Mixed Content: The page at 'https://104.248.145.66/live-draw-togel/hk-live.php#amp=1' was loaded over HTTPS, but requested an insecure element 'https://104.248.145.66/Flag/livedrawpedia-logo.png'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://68.183.227.182/live-draw-togel/hk-live.php#amp=1(Line 18) Message: Mixed Content: The page at 'https://68.183.227.182/live-draw-togel/hk-live.php#amp=1' was loaded over HTTPS, but requested an insecure element 'https://68.183.227.182/asset/logo-pasaran/logo-hongkong.png'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://68.183.227.182/live-draw-togel/hk-live.php#amp=1(Line 30) Message: Mixed Content: The page at 'https://68.183.227.182/live-draw-togel/hk-live.php#amp=1' was loaded over HTTPS, but requested an insecure element 'https://68.183.227.182/asset/logo-masterlive.png'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://104.248.145.66/live-draw-togel/hk-live.php#amp=1(Line 18) Message: Mixed Content: The page at 'https://104.248.145.66/live-draw-togel/hk-live.php#amp=1' was loaded over HTTPS, but requested an insecure element 'https://104.248.145.66/Flag/hk-flag.webp'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	warning	URL: https://104.248.145.66/live-draw-togel/hk-live.php#amp=1(Line 43) Message: Mixed Content: The page at 'https://104.248.145.66/live-draw-togel/hk-live.php#amp=1' was loaded over HTTPS, but requested an insecure element 'https://104.248.145.66/Flag/livedrawpedia-logo.png'. This request was not upgraded to HTTPS because its URL's host is an IP address.
javascript	warning	URL: https://www.candycelundbollinger.com/ Message: The resource https://www.candycelundbollinger.com/wp-content/themes/frontier/includes/genericons/Genericons.eot was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.candycelundbollinger.com/ Message: The resource https://www.candycelundbollinger.com/wp-content/themes/frontier/includes/genericons/Genericons.svg#Genericons was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.bp.blogspot.com
ajax.googleapis.com
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
lifestylebycaroline.com
opesia.vip
opesia426175532.files.wordpress.com
www.candycelundbollinger.com
www.google-analytics.com
www.googletagmanager.com
www.travelhungama.com
www.urunlu.com
104.248.145.66
192.0.72.31
2001:4860:4802:32::178
2606:4700:3034::ac43:8d2a
2606:4700:3035::ac43:c3a3
2606:4700:3036::6815:23e8
2606:4700:3037::6815:17ea
2a00:1450:4001:802::2003
2a00:1450:4001:80b::2001
2a00:1450:4001:811::200a
2a00:1450:4001:813::2008
2a00:1450:4001:82b::2001
2a06:98c1:3121::3
68.183.227.182
04278b0c0d9a75d0e67f42781ee3a76f27245c4d70667f8eb0f5c4b47f0890df
05e0c3c1c0901db7a1076e2160993987e9efe89b62ad5fdc8005417fec6eb722
0644c0c4bad1548db968b38d4cb0f7f9b8457eb0bbdc9122dd1bb1f24b3f4410
0d7e2068ee285323757ae08607908597c35f1d2ac1701cbb9b8fdfab273a9b66
0e42adefe0adaa5f3a76f85c3b0f20d0e2ce56720e4f102cbb30dbaa0fbb8062
132169bc9bb4880f058aaf51427a1db31c7d60a28bfe66074fae72c76d323a52
1ebf79fb0b7c503a6b2708bf72f573feae3dfafd34cb4e5853f4e7f7b77501ef
1f70c9542cff30051b6e9aa912bc93196ae0cabd37bf272f31a5a060ac11b69b
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
2430c58dd3f0910bb8ff4dc5fd3811fcf7312cbf4db6cd97b03136567c4e0d12
2ba8b8e17065c4f7ce08389f7b06fc592d5c984e35b7edb681679ec8e0adab45
306eb5338cdfb6df6b243aa37a8236bd291ec546c57bd8a439c0fc7aedc00534
31feb4c6f13813183f5655f150452dac27c035a6f0dd18c4d7db937418e0c18b
4a989dfae9d5850223c25e85a1d1f5edd551fca26fa7bfd4083e2e780e046907
5ff46b82c72bcf5b303048058fff29bbc9a760a0fd65c75682b45c43ddfab637
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
76db825b68979b9ea6cc55fa14373b7bf5e3beb7388cd2efa485938bb2a389fb
77e2eacc02538ef378c0397b30b1f412671d4d38d491e2d621ad4264e326d52f
7d09eb72d6271d323bbe0a961f68c08d151a24697bfa46c345a74afae01fb0c9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8487077fae34a5966d94ebfc94ced36619901e7351b1516a66c0fd7867f3632e
8b7450b38188554057bacf16d9e384e09f6ce5b458877d5b86e4f4fd62c2972b
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7
a5dd2ac3ceda8389075c7914f1978c7ee17035643d0f09f893d9676dc3c29661
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
b11ac123f3ce2903be0e8e462a28d06e3f8d60e9ffc749baee2aea3aaffb5049
b6900dd8c06b86101bc1a7512d656219477cca98e600685e36711ee6fe2bb3bc
b863557c3c90b3dd6de9d4fef60980ed9878adb80782e81c3e4d0dda5fd74bef
bd9b09c066c9e16d61c769df412f48bcf27744b788c0d426ed132ceb60be7ac9
c443c2f898009daf7fd8728a45b428fd931c71fe4c176947d9c3f2bb3b8118a7
c66f9ccdae5409140699c346e667fd45a7b8c8e0f36820a02c1aed22e31b811b
c6c3e0c966597637a8af5fd48bbe050b12bdc8c76c72e4fe63ee8f5bd2a472fe
cb19992ec31424954f8e901f6e04f159f9733450e6c0818e5ced444669acdd55
d4c4fb9f515227ca57188f7ee25677745da5cf274cb1e99a27860a1ea8321ce0
d6d424db123df97ca0f51c84af0171d449beeaa25a438a6121fd2d506aec7721
d7b781c40dff9c84d147495b15e7ccff0af43ddf54cfb2048621311208f9214a
ddfe27bbf76282d2559098f15b80ff1528e2a58fcfee23ceee270c4bafd09520
defbe9c943aa7411f3373a5ebf6f499b277d39af85427f549e1df0b35421b48d
e08eaceaad96cc6fe31dc75b73e4a14604b5188093deffe114fe1ce7d9917095
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fec2d6e470fc8a384a260c34de6bd2991ce6e10dff70a6de5919ded17e9972e4

www.candycelundbollinger.com Open in urlscan Pro 2606:4700:3034::ac43:8d2a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

75 %HTTPS

79 %IPv6

12 Domains

13 Subdomains

11 IPs

3 Countries

4817 kBTransfer

5587 kBSize

1 Cookies

18 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

www.candycelundbollinger.com Open in urlscan Pro
2606:4700:3034::ac43:8d2a Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

75 %
HTTPS

79 %
IPv6

12
Domains

13
Subdomains

11
IPs

3
Countries

4817 kB
Transfer

5587 kB
Size

1
Cookies

40 HTTP transactions
2 data transactions