carnival-madness.sitey.me Open in urlscan Pro
2606:4700::6810:d67e  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response carnival-madness.sitey.me/	209 KB 32 KB	539ms 414ms	Document text/html	2606:4700::6810:d67e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://carnival-madness.sitey.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:d67e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b1ef4e775ba755dddb677f55eaaaa0de29a4a86a61619f71ba2f0e02eb2fe6e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cf-cache-status DYNAMIC cf-ray 7ebd86d27a859b94-FRA content-encoding br content-type text/html date Mon, 24 Jul 2023 16:26:45 GMT last-modified Mon, 24 Jul 2023 15:58:35 GMT server cloudflare vary Accept-Encoding x-goog-generation 1690214315140226 x-goog-hash crc32c=NSAL7g== md5=56opBWVCqlBen52BqO9DSg== x-goog-metageneration 1 x-goog-storage-class MULTI_REGIONAL x-goog-stored-content-encoding identity x-goog-stored-content-length 214626 x-guploader-uploadid ADPycdvAsH6r3fTSCAbywBKNAdBiCyHi3j19LJWlUDkzOh2Vh4K5QL2FNOeGJ2X2O-pNp_gMBZ1SlGgZ2hJUkuGzhPxTo5Uaoc9J x-worker-version 1.0.0
GET H2	200	font-awesome.css components.mywebsitebuilder.com/fonts/	30 KB 31 KB	239ms 41ms	Stylesheet text/css	35.190.14.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://components.mywebsitebuilder.com/fonts/font-awesome.css Requested by Host: carnival-madness.sitey.me URL: https://carnival-madness.sitey.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.14.35 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 35.14.190.35.bc.googleusercontent.com Software UploadServer / Resource Hash bd1411968f2f8d6fac8407f679d31f30939345c45bf1df811ba149120d879fb1 Request headers accept-language de-DE,de;q=0.9 Referer https://carnival-madness.sitey.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Fri, 21 Jul 2023 14:09:44 GMT age 267422 x-guploader-uploadid ADPycds6i7xYgkM1KNt2z9nwpaLXL1YaFBL9-L41WW_J75RpT4ds4iC7pL5O9bywL-3-0DYFRtrf2gT3mLTtvbyoCG3ctvWg-xHC x-goog-storage-class STANDARD x-goog-custom-time 1970-01-01T00:00:00Z x-goog-metageneration 3 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30748 x-goog-meta- last-modified Fri, 18 Dec 2020 10:13:33 GMT server UploadServer etag "9f3af79fa00509146c92bd91454d4eaf" x-goog-generation 1608286413516447 x-goog-hash crc32c=ghVUSQ==, md5=nzr3n6AFCRRskr2RRU1Orw== access-control-allow-origin * access-control-expose-headers Content-Type cache-control Cache-Control:public,max-age=315360001 x-goog-stored-content-length 30748 accept-ranges bytes content-type text/css expires Sat, 20 Jul 2024 14:09:44 GMT
GET H2	200	css gfonts-proxy.wzdev.co/	4 KB 1 KB	167ms 62ms	Stylesheet text/css	2606:4700::42eb:c80f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gfonts-proxy.wzdev.co/css?display=swap&family=Montserrat:400,400,700|Lato:400,400,700 Requested by Host: carnival-madness.sitey.me URL: https://carnival-madness.sitey.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::42eb:c80f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cb7f757e15d6f70024fde49aba07029811b4bfe41952b48d824e3f04dcf70c19 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://carnival-madness.sitey.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 16:26:46 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT content-encoding br age 1120273 cf-polished origSize=5190 cross-origin-resource-policy cross-origin x-xss-protection 0 last-modified Tue, 11 Jul 2023 17:15:33 GMT cf-bgj minify cross-origin-opener-policy same-origin-allow-popups server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 cf-ray 7ebd86d5cee03a60-FRA link <https://fonts.gstatic.com>; rel=preconnect; crossorigin timing-allow-origin * expires Tue, 11 Jul 2023 17:15:33 GMT
GET H2	200	home.a9b54bab.js Show response carnival-madness.sitey.me/	6 KB 3 KB	235ms 234ms	Script application/javascript	2606:4700::6810:d67e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://carnival-madness.sitey.me/home.a9b54bab.js Requested by Host: carnival-madness.sitey.me URL: https://carnival-madness.sitey.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:d67e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8f018d674b6caaf2c63e2a9574c7ae858aa66ccfdceea05b384019320a337131 Request headers accept-language de-DE,de;q=0.9 Referer https://carnival-madness.sitey.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 16:26:46 GMT content-encoding br cf-cache-status MISS x-guploader-uploadid ADPycdv_9yqmNzOz_t7mGk6eCCARsz5uRq1Aak9gj0BUJEsDimbllSRiwqTSC0BRvGWxcfHL8iu6WoUoFjsfOIGAnhZCgg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity last-modified Mon, 24 Jul 2023 15:58:35 GMT server cloudflare vary Accept-Encoding x-goog-hash crc32c=ASv5yw==, md5=D++6jYx5jF0/8NWjlPwacg== x-goog-generation 1690214315091901 content-type application/javascript x-goog-stored-content-length 6443 cf-ray 7ebd86d53ee39b94-FRA x-worker-version 1.0.0
GET H2	200	m carnival-madness.sitey.me/s/cdn/v1.0/i/	330 KB 331 KB	304ms 304ms	Image image/png	2606:4700::6810:d67e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://carnival-madness.sitey.me/s/cdn/v1.0/i/m?url=https%3A%2F%2Fstorage.googleapis.com%2Fproduction-sitey-v1-0-9%2F299%2F1524299%2F4ONlBL7o%2F26fe2c27b66c482ea820584222a66eba&methods=resize%2C500%2C5000 Requested by Host: carnival-madness.sitey.me URL: https://carnival-madness.sitey.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:d67e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 586a9124657107037932898b593775130711cfffc6024bed49c2782e4432564f Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://carnival-madness.sitey.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-engine cloud date Mon, 24 Jul 2023 16:26:46 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status DYNAMIC content-length 337563 cf-resized internal=ok/h q=0 n=17+0 c=14+147 v=2023.7.3 l=337563 last-modified Mon, 24 Jul 2023 15:54:39 GMT cf-bgj imgq:100,h2pri server cloudflare etag "cf2H83i9lyFoRNCpDBXapmbQsKp3dOmfGDQLNEaFfWDQ:3eec9561ae4185e707179b604267fa78" vary Origin, Accept-Encoding access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=2678400 access-control-allow-credentials true cf-ray 7ebd86d6e9a09b94-FRA access-control-allow-headers * priority u=4;i=?0,cf-chb=(45;u=5;i)
GET H2	200	m carnival-madness.sitey.me/s/cdn/v1.0/i/	284 KB 285 KB	579ms 579ms	Image image/jpeg	2606:4700::6810:d67e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://carnival-madness.sitey.me/s/cdn/v1.0/i/m?url=https%3A%2F%2Fstorage.googleapis.com%2Fproduction-sitey-v1-0-9%2F299%2F1524299%2F4ONlBL7o%2Fca40d3939dcd4371906074bf26525595&methods=resize%2C1000%2C5000 Requested by Host: carnival-madness.sitey.me URL: https://carnival-madness.sitey.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:d67e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fcf5f82562beaac01a8c4c109dd890e1bee9a4a5394efc1c545fcfdebfda3b0 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://carnival-madness.sitey.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-engine cloud date Mon, 24 Jul 2023 16:26:46 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status DYNAMIC content-length 291274 cf-resized internal=ok/h q=0 n=9+0 c=5+90 v=2023.7.3 l=291274 last-modified Mon, 24 Jul 2023 15:57:19 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cf3w3BK8muzvpgYCP_TunrF8OC6uiyIMnqoK0Nlj8MDQ:e368b5d39b84779cd968d09dd4bfb96e" vary Origin, Accept-Encoding access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=2678400 access-control-allow-credentials true cf-ray 7ebd86d709e39b94-FRA access-control-allow-headers * priority u=1;i=?0,cf-chb=(268;u=4;i=?0 26612;u=5;i 189438;u=6;i)
GET H2	200	bundle.js Show response runtime.builderservices.io/runtime-sitey-21697/	2 MB 459 KB	156ms 53ms	Script application/javascript	2606:4700::6812:f258 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://runtime.builderservices.io/runtime-sitey-21697/bundle.js Requested by Host: carnival-madness.sitey.me URL: https://carnival-madness.sitey.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:f258 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 33cdeadfa5dc37eb858497839c2672444fa869cd4a539872575ed11d07ca87b8 Request headers accept-language de-DE,de;q=0.9 Referer https://carnival-madness.sitey.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Mon, 24 Jul 2023 16:26:46 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 28 Jun 2023 11:32:47 GMT server cloudflare content-md5 bAoV3xBOWeTftvMOTSxFiQ== age 2258853 vary Accept-Encoding content-type application/javascript x-ms-request-id 5f330114-c01e-000b-54c0-a91a27000000 cache-control "max-age=31536000" x-ms-version 2009-09-19 cf-ray 7ebd86d75b0d6987-FRA
GET H2	200	m carnival-madness.sitey.me/s/cdn/v1.0/i/	790 KB 791 KB	1655ms 1655ms	Image image/png	2606:4700::6810:d67e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://carnival-madness.sitey.me/s/cdn/v1.0/i/m?url=https%3A%2F%2Fstorage.googleapis.com%2Fproduction-sitey-v1-0-9%2F299%2F1524299%2F4ONlBL7o%2F7fffabdd93074819a0058fe6afe8cefa&methods=resize%2C2000%2C5000 Requested by Host: carnival-madness.sitey.me URL: https://carnival-madness.sitey.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:d67e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 64c11df94f945b57cc796e179518d7481fe5c0458f9842f1838f3bd478bfe59c Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://carnival-madness.sitey.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-engine cloud date Mon, 24 Jul 2023 16:26:47 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status DYNAMIC content-length 808745 cf-resized internal=ok/h q=0 n=16+0 c=8+444 v=2023.7.3 l=808745 last-modified Mon, 24 Jul 2023 15:54:28 GMT cf-bgj imgq:48,h2pri server cloudflare etag "cfkl2Sp_b3f8g0fYFcOKSzW_k53j--lvTFa1FxIuPGDQ:e42fdbe5d147b2131895e89b6ef63ea7" vary Origin, Accept-Encoding access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=2678400 access-control-allow-credentials true cf-ray 7ebd86d719ed9b94-FRA access-control-allow-headers * priority u=4;i=?0,cf-chb=(37;u=2;i=?0 825;u=5;i)
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 gfonts-proxy.wzdev.co/font/s/lato/v24/	23 KB 24 KB	152ms 66ms	Font font/woff2	2606:4700::42eb:c80f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gfonts-proxy.wzdev.co/font/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: gfonts-proxy.wzdev.co URL: https://gfonts-proxy.wzdev.co/css?display=swap&family=Montserrat:400,400,700|Lato:400,400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::42eb:c80f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gfonts-proxy.wzdev.co/css?display=swap&family=Montserrat:400,400,700|Lato:400,400,700 Origin https://carnival-madness.sitey.me accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 16:26:46 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT age 2283445 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin content-length 23580 x-xss-protection 0 last-modified Tue, 02 May 2023 15:17:22 GMT server cloudflare cross-origin-opener-policy same-origin; report-to="apps-themes" vary Accept-Encoding report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7ebd86d79accbbaa-FRA timing-allow-origin * expires Sun, 23 Jun 2024 15:41:45 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 gfonts-proxy.wzdev.co/font/s/montserrat/v25/	30 KB 30 KB	159ms 73ms	Font font/woff2	2606:4700::42eb:c80f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gfonts-proxy.wzdev.co/font/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: gfonts-proxy.wzdev.co URL: https://gfonts-proxy.wzdev.co/css?display=swap&family=Montserrat:400,400,700|Lato:400,400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::42eb:c80f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gfonts-proxy.wzdev.co/css?display=swap&family=Montserrat:400,400,700|Lato:400,400,700 Origin https://carnival-madness.sitey.me accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 16:26:46 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT age 1121153 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin content-length 30928 x-xss-protection 0 last-modified Mon, 11 Jul 2022 18:57:39 GMT server cloudflare cross-origin-opener-policy same-origin; report-to="apps-themes" vary Accept-Encoding report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7ebd86d79acdbbaa-FRA timing-allow-origin * expires Sun, 07 Jul 2024 18:31:37 GMT
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d4b7214e77cdb838c8c190ee3490b637e3457a4e96f4fda79fad5141d6b8e0b4 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Content-Type image/png
GET H2	200	js15_as.js Show response s10.histats.com/	11 KB 5 KB	165ms 55ms	Script text/javascript	2606:4700:10::6814:41d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js15_as.js Requested by Host: carnival-madness.sitey.me URL: https://carnival-madness.sitey.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:41d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Request headers accept-language de-DE,de;q=0.9 Referer https://carnival-madness.sitey.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 16:26:46 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 16 Apr 2020 10:44:16 GMT server cloudflare age 1690 etag "-375139978" vary Accept-Encoding content-type text/javascript cache-control max-age=28800 accept-ranges bytes cf-ray 7ebd86da68623826-FRA content-length 4547
GET H2	200	52087278 Show response carnival-madness.sitey.me/v1.0/runtime/appmarket/render/5/	704 B 578 B	585ms 584ms	Fetch application/json	2606:4700::6810:d67e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://carnival-madness.sitey.me/v1.0/runtime/appmarket/render/5/52087278 Requested by Host: runtime.builderservices.io URL: https://runtime.builderservices.io/runtime-sitey-21697/bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:d67e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0e7893c4bc7c048a4ab9fa9e6a5f05b336a575f160b8175ff6bf692b7ce8cb6f Request headers Referer https://carnival-madness.sitey.me/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Content-Type application/json Response headers date Mon, 24 Jul 2023 16:26:47 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare x-builder-tracking-id 344e9193d26141c8a3b21c2effa1950c vary Accept-Encoding x-worker-origin skip-rule content-type application/json; charset=utf-8 cf-ray 7ebd86da0f519b94-FRA x-worker-version 1.0.0
GET H2	200	m images.builderservices.io/s/cdn/v1.0/i/	790 KB 791 KB	1160ms 1127ms	Image image/png	2606:4700::6812:f258 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.builderservices.io/s/cdn/v1.0/i/m?url=https%3A%2F%2Fstorage.googleapis.com%2Fproduction-sitey-v1-0-9%2F299%2F1524299%2F4ONlBL7o%2F7fffabdd93074819a0058fe6afe8cefa&methods=resize%2C2000%2C5000 Requested by Host: carnival-madness.sitey.me URL: https://carnival-madness.sitey.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:f258 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 64c11df94f945b57cc796e179518d7481fe5c0458f9842f1838f3bd478bfe59c Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://carnival-madness.sitey.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-engine cloud date Mon, 24 Jul 2023 16:26:47 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status DYNAMIC content-length 808745 cf-resized internal=ok/h q=0 n=10+0 c=8+439 v=2023.7.3 l=808745 last-modified Mon, 24 Jul 2023 15:54:28 GMT cf-bgj imgq:48,h2pri server cloudflare etag "cfkl2Sp_b3f8g0fYFcOKSzW_k53j--lvTFa1FxIuPGDQ:e42fdbe5d147b2131895e89b6ef63ea7" vary Origin, Accept-Encoding access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=2678400 access-control-allow-credentials true cf-ray 7ebd86da7f456987-FRA access-control-allow-headers * priority u=4;i=?0,cf-chb=(37;u=2;i=?0 825;u=5;i)
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/	48 B 182 B	649ms 127ms	Script text/html	149.56.240.31 OVH
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?4731310&@f16&@g1&@h1&@i1&@j1690216006832&@k0&@l1&@mHome%20-%20Carnival%20Madness&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:123529047&@b3:1690216007&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcarnival-madness.sitey.me%2F&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 149.56.240.31 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns534110.ip-149-56-240.net Software / Resource Hash 077a3770c4fe5590f5470668cf02309040e0183538b512c85f7c6942515702c7 Request headers accept-language de-DE,de;q=0.9 Referer https://carnival-madness.sitey.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Date Mon, 24 Jul 2023 16:26:46 GMT Connection close Content-Length 48 Content-Type text/html;charset=UTF-8
GET H2	200	sdk-insights-tracker Show response in-app.mywebsitebuilder.com/	20 KB 9 KB	593ms 473ms	Script application/javascript	2606:4700::6812:6110 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://in-app.mywebsitebuilder.com/sdk-insights-tracker?appMarketEnv=prod&debug=true&instanceJwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbnN0YW5jZUlkIjoiYWM2MmUyNzQyOGE4NGNmNmJkMjdmZjEwZDdkMDMxZjMiLCJicmFuZCI6InNpdGV5IiwiZXhwIjoxNjkwMzAyNDA3fQ.KgtoalWZx4eg5FsmYIggkAQ7KexlEBMtfBF0aOsnZx8 Requested by Host: runtime.builderservices.io URL: https://runtime.builderservices.io/runtime-sitey-21697/bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:6110 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b20cbdf1416e7b4c4df54bed0fd017f13ec9392ecb57bb063f55cb1250bb5255 Request headers accept-language de-DE,de;q=0.9 Referer https://carnival-madness.sitey.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 16:26:47 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Fri, 25 Oct 2019 09:38:44 GMT server cloudflare etag 0x8D7592F1FA5BFFC x-builder-tracking-id 041b79b46af8452da445510201acbdf0 vary Accept-Encoding content-type application/javascript cf-ray 7ebd86de7fd9363b-FRA x-builder-tracking-span-id 041b79b46af8452da445510201acbdf0
OPTIONS H/1.1	200 OK	/ in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/messages/	0 0	529ms 121ms	Preflight	13.92.180.208 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/messages/?timeout=10 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.92.180.208 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Headers authorization,content-type Access-Control-Request-Method POST Origin https://carnival-madness.sitey.me Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers authorization,content-type Access-Control-Allow-Methods POST Access-Control-Allow-Origin https://carnival-madness.sitey.me Access-Control-Max-Age 3600 Content-Length 0 Date Mon, 24 Jul 2023 16:26:47 GMT Server Microsoft-HTTPAPI/2.0 Strict-Transport-Security max-age=31536000
POST H/1.1	201 Created	/ Show response in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/messages/	0 320 B	140ms 140ms	XHR application/xml	13.92.180.208 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/messages/?timeout=10 Requested by Host: in-app.mywebsitebuilder.com URL: https://in-app.mywebsitebuilder.com/sdk-insights-tracker?appMarketEnv=prod&debug=true&instanceJwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbnN0YW5jZUlkIjoiYWM2MmUyNzQyOGE4NGNmNmJkMjdmZjEwZDdkMDMxZjMiLCJicmFuZCI6InNpdGV5IiwiZXhwIjoxNjkwMzAyNDA3fQ.KgtoalWZx4eg5FsmYIggkAQ7KexlEBMtfBF0aOsnZx8 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.92.180.208 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://carnival-madness.sitey.me/ accept-language de-DE,de;q=0.9 Authorization SharedAccessSignature sr=http%3A%2F%2Fin-us-east-event-hubs.servicebus.windows.net%2Fin-us-east-event-hub-a1&sig=WvjrhZiv17LSDEYNvL8wIij9LGJoCR%2BJ9MQWFP3HbJI%3D&se=1690219607.901&skn=Send User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Content-Type application/json Response headers Access-Control-Allow-Origin https://carnival-madness.sitey.me Strict-Transport-Security max-age=31536000 Date Mon, 24 Jul 2023 16:26:48 GMT Access-Control-Allow-Credentials true Server Microsoft-HTTPAPI/2.0 Transfer-Encoding chunked Content-Type application/xml; charset=utf-8

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __features object| _featureSettings object| _page object| _WP_JSONP object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb object| _xsrfToken function| Velocity object| _GoogleMapsApi object| _Hasync boolean| _isPublished object| _site function| __bi__ object| _feature_events function| showModal object| _zoomUpdateEvents function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues object| EventHubHistory

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.builderservices.io/	1969-12-31 23:59:59	Name: _cfuvid Value: qXg_rff4ihvyUpoRtW7Gqucxb5xm8ZJ34kjcD__Tqwo-1690216006303-0-604800000
			carnival-madness.sitey.me/	1970-01-20 22:15:52	Name: HstCfa4731310 Value: 1690216006832
			carnival-madness.sitey.me/	1970-01-20 22:15:52	Name: HstCla4731310 Value: 1690216006832
			carnival-madness.sitey.me/	1970-01-20 22:15:52	Name: HstCmu4731310 Value: 1690216006832
			carnival-madness.sitey.me/	1970-01-20 22:15:52	Name: HstPn4731310 Value: 1
			carnival-madness.sitey.me/	1970-01-20 22:15:52	Name: HstPt4731310 Value: 1
			carnival-madness.sitey.me/	1970-01-20 22:15:52	Name: HstCnv4731310 Value: 1
			carnival-madness.sitey.me/	1970-01-20 22:15:52	Name: HstCns4731310 Value: 1
			carnival-madness.sitey.me/	1969-12-31 23:59:59	Name: app_key Value: F5333657-781E-1558-92CF-88CB202B1F9C/1690216007899
			carnival-madness.sitey.me/	1970-01-20 13:30:17	Name: app_ses_key Value: 4D9BBF8F-4E06-D96E-881D-233925064B18%3A1690216007900%3A%25/none

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

carnival-madness.sitey.me
components.mywebsitebuilder.com
gfonts-proxy.wzdev.co
images.builderservices.io
in-app.mywebsitebuilder.com
in-us-east-event-hubs.servicebus.windows.net
runtime.builderservices.io
s10.histats.com
s4.histats.com
13.92.180.208
149.56.240.31
2606:4700:10::6814:41d
2606:4700::42eb:c80f
2606:4700::6810:d67e
2606:4700::6812:6110
2606:4700::6812:f258
35.190.14.35
077a3770c4fe5590f5470668cf02309040e0183538b512c85f7c6942515702c7
0e7893c4bc7c048a4ab9fa9e6a5f05b336a575f160b8175ff6bf692b7ce8cb6f
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
33cdeadfa5dc37eb858497839c2672444fa869cd4a539872575ed11d07ca87b8
4b1ef4e775ba755dddb677f55eaaaa0de29a4a86a61619f71ba2f0e02eb2fe6e
586a9124657107037932898b593775130711cfffc6024bed49c2782e4432564f
5fcf5f82562beaac01a8c4c109dd890e1bee9a4a5394efc1c545fcfdebfda3b0
64c11df94f945b57cc796e179518d7481fe5c0458f9842f1838f3bd478bfe59c
8f018d674b6caaf2c63e2a9574c7ae858aa66ccfdceea05b384019320a337131
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b20cbdf1416e7b4c4df54bed0fd017f13ec9392ecb57bb063f55cb1250bb5255
bd1411968f2f8d6fac8407f679d31f30939345c45bf1df811ba149120d879fb1
cb7f757e15d6f70024fde49aba07029811b4bfe41952b48d824e3f04dcf70c19
d4b7214e77cdb838c8c190ee3490b637e3457a4e96f4fda79fad5141d6b8e0b4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855